We can, but dare we? apa format

Stuck with a difficult assignment? No time to get your paper done? Feeling confused? If you’re looking for reliable and timely help for assignments, you’ve come to the right place. We promise 100% original, plagiarism-free papers custom-written for you. Yes, we write every assignment from scratch and it’s solely custom-made for you.


Order a Similar Paper Order a Different Paper

 Surgical Procedure- Mitral Valve Replacement  

Scenario: A patient was admitted into the hospital and is scheduled to have open-heart surgery within 8 hours of arrival. You are the Preop Nurse assigned to the patient. You are also assigned to two other patients that need to be in surgery by 7:30 am.

PLEASE FOLLOW THE RUBRIC BELOW EVERYTHING IS THERE FOR THIS SCENARIO!!

Introduction

HIPAA, Legal, and Regulatory Discussion

Scenario Ending and Recommendations

Scenario ending: A technology downtime that impacts patient care occurs, and an error is made.  Construct based on those reflections.

Advantages and Disadvantages

Conclusion and Reflections   

Purpose

The purpose of this assignment is to investigate informatics in healthcare and to apply professional, ethical, and legal principles to its appropriate use in healthcare technology.

Course outcomes: This assignment enables the student to meet the following course outcomes:

CO 4: Investigate safeguards and decision‐making support tools embedded in patient care technologies and information systems to support a safe practice environment for both patients and healthcare workers. (PO 4)

CO 6: Discuss the principles of data integrity, professional ethics, and legal requirements related to data security, regulatory requirements, confidentiality, and client’s right to privacy. (PO 6)

CO 8: Discuss the value of best evidence as a driving force to institute change in the delivery of nursing care. (PO 8)

Due date: Your faculty member will inform you when this assignment is due. The Late Assignment Policy applies to this assignment.

Total points possible: 240 points

Requirements:

· Research, compose, and type a scholarly paper based on the scenario provided by your faculty, and choose a conclusion scenario to discuss within the body of your paper. Reflect on lessons learned in this class about technology, privacy concerns, and legal and ethical issues and address each of these concepts in the paper. Consider the consequences of such a scenario. Do not limit your review of the literature to the nursing discipline only because other health professionals are using the technology, and you may need to apply critical thinking skills to its applications in this scenario.

· Use Microsoft Word and APA formatting. Consult your copy of the Publication Manual of the American Psychological Association, as well as the resources in Doc Sharing if you have questions (e.g., margin size, font type and size (point), use of third person, etc.). Take advantage of the writing service SmartThinking, which is accessed by clicking on the link called the Tutor Source, found under the Course Home area.

· The length of the paper should be four to five pages, excluding the title page and the reference page. Limit the references to a few key sources (minimum of three required).

· The paper will contain an introduction that catches the attention of the reader, states the purpose of the paper, and provides a narrative outline of what will follow (i.e., the assignment criteria).

· In the body of the paper, discuss the scenario in relation to HIPAA, legal, and other regulatory requirements that apply to the scenario and the ending you chose. Demonstrate support from sources of evidence (references) included as in‐text citations.

· Choose and identify one of the possible endings provided for the scenario, and construct your paper based on its implications to the scenario. Make recommendations about what should have been done and what could be done to correct or mitigate the problems caused by the scenario and the ending you chose. Demonstrate support from

sources of evidence (references) included as in‐text citations.

· Present the advantages and disadvantages of informatics relating to your scenario and describe professional and ethical principles appropriate to your chosen ending. Use facts from supporting sources of evidence, which must be included as in‐text citations.

· The paper’s conclusion should summarize what you learned and make reflections about them to your practice.

· Use the “Directions and Assignment Criteria” and “Grading Rubric” below to guide your writing and ensure that all

components are complete.

· Review the section on Academic Honesty found in the Chamberlain Course Policies. All work must be original (in your own words). Papers will automatically be submitted to TurnItIn when submitted to the Dropbox.

NR360 Information Systems in Healthcare RUA: We Can, But Dare We? Guidelines

© 2022 Chamberlain University. All Rights Reserved.

NR360_RUA_We_Can_But_Dare_We_Guidelines_JULY22 1

· Submit the completed paper to the “We Can But Dare We?” Dropbox by the end of Week 3. Please refer to the Syllabus for due dates for this assignment. For online students, please post questions about this assignment to the weekly Q & A Forums so that the entire class may view the answers.

Preparing the assignment

Background

Healthcare is readily embracing any technology to improve patient outcomes, streamline operations, and lower costs, but we must also consider the impact of such technology on privacy and patient care.

Your faculty member will provide a scenario for you to address in your paper.


Choose an ending to the scenario, and construct your paper based on those reflections.

Choose one of the following outcomes:

1. A HIPAA violation occurs, and client data is exposed to the media.

2. A medication error has harmed a client.

3. A technology downtime that impacts patient care occurs, and an error is made.

4. A ransomware attack has occurred, and the organization must contemplate paying the ransom or lose access to patient data.

Follow these guidelines when completing this assignment. Speak with your faculty member if you have questions. Include the following sections:

a. Introduction – 40 points/17%

· Catches attention of the reader

· States purpose of the paper

· Provides a narrative outline of the paper (i.e., the assignment criteria)

b. HIPAA, Legal, and Regulatory Discussion – 40 points/17%

· Presents evidence from recent scholarly publications to address the impact of technology on nursing care related to:

· Patient privacy and HIPAA standards

· Healthcare regulations

· Legal guidelines on appropriate use of technology

c. Scenario Ending and Recommendations – 50 points/21%

· Selects and presents one scenario ending as the focus of the assignment.

· Evaluates the actions taken by healthcare providers as the situation evolved.

· Recommends actions that could have been taken to mitigate the circumstances presented in the selected scenario ending.

· Supports recommendations with evidence from recent scholarly publications.

d. Advantages and Disadvantages – 50 points/21%

· Presents evidence from recent scholarly publications to address the impact of technology on nursing care related to:

· The advantages of appropriately using technology in healthcare

· Risks of technology use in healthcare

· Describes professional and ethical principles guiding the appropriate use of technology in healthcare.

e. Conclusion and Reflections – 30 points/12%

· Summarizes what new information was learned by completing this assignment.

· Reflects on how this new knowledge will impact future behavior as a healthcare professional.

f. Scholarly Writing and APA Format – 30 points/12%

· Paper submitted as a Microsoft Word document.

· Adheres to current APA formatting guidelines including proper use of:

· Title page

· Page numbers

· Length is 4-5 pages, excluding title and reference pages.

· Includes at least three (3) references that are:

· From recent (within the last 5 years) scholarly sources

· Cited in text appropriately

· Included on an APA formatted reference page

· Scholarly writing reflects:

· Accurate spelling

· Correct use of professional grammar

· Logical organization of thoughts (mechanics)

For writing assistance, visit the Writing Center.

Please note that your instructor may provide you with additional assessments in any form to determine that you fully understand the concepts learned in the review module.

(
NR360 Information Systems in Healthcare

RUA: We

Can,

But

Dare

We? Guidelines
)

© 2022 Chamberlain University. All Rights Reserved.

NR360_RUA_We_Can_But_Dare_We_Guidelines- JULY22 1

Grading Rubric Criteria are met when the student’s application of knowledge demonstrates achievement of the outcomes for this assignment.

Assignment Section and Required Criteria

(Points possible/% of total points available)

Highest Level of Performance

High Level of Performance

Satisfactory Level of Performance

Unsatisfactory Level of Performance

Section not present in paper

Introduction

(40 points/17%)

40 points

36 points

32 points

15 points

0 points

Required criteria

· Catches attention of the reader.

· States purpose of the paper.

· Provides a narrative outline of the paper (i.e., the assignment criteria).

Meets all requirements for section.

Includes no fewer than 2 requirements for section.

Includes no less than 1 requirement for section.

Present, yet includes no required criteria.

No requirements for this section presented.

HIPAA, Legal, and Regulatory Discussion

(40 points/17%)

40 points

36 points

32 points

15 points

0 points

Required criteria

Presents evidence from recent scholarly publications to address the impact of technology on nursing care related to:

· Patient privacy and HIPAA standards

· Healthcare regulations

· Legal guidelines on appropriate use of technology

Meets all requirements for section.

Includes no fewer than 2 requirements for section.

Includes no fewer than 1 requirement for section.

Present, yet includes no required criteria.

No requirements for this section presented.

Scenario Ending and Recommendations

(50 points/21%)

50 points

46 points

42 points

19 points

0 points

Required criteria

· Selects and presents one scenario ending as the focus of the assignment.

· Evaluates the actions taken by healthcare providers as the situation evolved.

· Recommends actions that could have been taken to mitigate the circumstances presented in the selected scenario ending. Supports recommendations with evidence from

· recent scholarly publications.

Meets all requirements for section.

Includes no fewer than 3 requirements for section.

Includes 1-2 requirements for section.

Section present yet includes no required criteria.

No requirements for this section presented.

(
NR360 Information Systems in Healthcare

RUA: We

Can,

But

Dare

We?

Guidelines
)

© 2022 Chamberlain University. All Rights Reserved.

NR360_RUA_We_Can_But_Dare_We_Guidelines- JULY22 1

Assignment Section and Required Criteria

(Points possible/% of total points available)

Highest Level of Performance

High Level of Performance

Satisfactory Level of Performance

Unsatisfactory Level of Performance

Section not present in paper

· Supports recommendations with evidence from

recent scholarly publications.

Advantages and Disadvantages

(50 points/21%)

50 points

46 points

42 points

19 points

0 points

Required criteria

· Presents evidence from recent scholarly publications to address the impact of technology on nursing care.

· Evidence includes the advantages of appropriately using technology in healthcare.

· Evidence includes risks of inappropriately using technology in healthcare.

· Describes professional and ethical principles guiding the appropriate use of technology in healthcare.

Meets all requirements for section.

Includes no fewer than 3 requirements for section.

Includes 1-2 requirements for section.

Section present yet includes no required criteria

No requirements for this section presented.

Conclusion and Reflections

(30 points/12%)

30 points

15 points

0 points

Required criteria

· Summarizes new information learned by completing this assignment.

· Reflects on how this new knowledge will impact future behavior as a healthcare professional.

Meets all requirements for section.

Includes 1 requirement for section.

No requirements for this section presented.

Scholarly Writing and APA Format

(30 points/12%)

30 points

26 points

22 points

12 points

0 points

Required criteria

· Paper submitted as a Microsoft Word document.

· Adheres to current APA formatting guidelines including proper use of:

Meets all requirements for section.

Includes no fewer than 4 fully met requirements for section.

Includes no fewer than 3 fully met requirements for section.

Includes 1-2 requirements fully met requirements for section.

No requirements for this section presented.

Assignment Section and Required Criteria

(Points possible/% of total points available)

Highest Level of Performance

High Level of Performance

Satisfactory Level of Performance

Unsatisfactory Level of Performance

Section not present in paper

· Title page

· Page numbers

· Length is 4-5 pages, excluding title and reference pages.

· Includes at least three (3) references that are:

· From recent (within the last 5 years) scholarly sources

· Cited in text appropriately

· Included on an APA formatted reference page

· Scholarly writing reflects:

· Accurate spelling

· Correct use of professional grammar

· Logical organization of thoughts (mechanics)

Total Points Possible = 240 points

NURSING INFORMATICS
and the Foundation of
Knowledge
FOURTH EDITION

Dee McGonigle, PhD, RN, CNE, FAAN, ANEF
Director, Virtual Learning Experiences (VLE) and
Professor Graduate Program, Chamberlain College of
Nursing Member, Informatics and Technology Expert
Panel (ITEP) for the American Academy of Nursing

Kathleen Mastrian, PhD, RN
Associate Professor and Program Coordinator for
Nursing Pennsylvania State University, Shenango Sr.
Managing Editor, Online Journal of Nursing Informatics
(OJNI)

JONES & BARTLETT
LEARNING

World Headquarters
Jones & Bartlett Learning
5 Wall Street
Burlington MA 01803
978-443-5000
[email protected]
www.jblearning.com

Jones & Bartlett Learning books and products are
available through most bookstores and online
booksellers. To contact Jones & Bartlett Learning
directly, call 800-832-0034, fax 978-443-8000, or visit
our website, www.jblearning.com.

Substantial discounts on bulk quantities of Jones &
Bartlett Learning publications are available to
corporations, professional associations, and other
qualified organizations. For details and specific
discount information, contact the special sales
department at Jones & Bartlett Learning via the
above contact information or send an email to
[email protected]

Copyright © 2018 by Jones & Bartlett Learning, LLC,
an Ascend Learning Company

All rights reserved. No part of the material protected by
this copyright may be reproduced or utilized in any
form, electronic or mechanical, including photocopying,
recording, or by any information storage and retrieval
system, without written permission from the copyright
owner.

The content, statements, views, and opinions herein
are the sole expression of the respective authors and
not that of Jones & Bartlett Learning, LLC. Reference
herein to any specific commercial product, process, or
service by trade name, trademark, manufacturer, or
otherwise does not constitute or imply its endorsement
or recommendation by Jones & Bartlett Learning, LLC
and such reference shall not be used for advertising or
product endorsement purposes. All trademarks
displayed are the trademarks of the parties noted
herein. Nursing Informatics and the Foundation of
Knowledge, Fourth Edition is an independent
publication and has not been authorized, sponsored, or
otherwise approved by the owners of the trademarks or
service marks referenced in this product.

There may be images in this book that feature models;
these models do not necessarily endorse, represent, or
participate in the activities represented in the images.
Any screenshots in this product are for educational and
instructive purposes only. Any individuals and
scenarios featured in the case studies throughout this

product may be real or fictitious, but are used for
instructional purposes only.

The authors, editor, and publisher have made every
effort to provide accurate information. However, they
are not responsible for errors, omissions, or for any
outcomes related to the use of the contents of this
book and take no responsibility for the use of the
products and procedures described. Treatments and
side effects described in this book may not be
applicable to all people; likewise, some people may
require a dose or experience a side effect that is not
described herein. Drugs and medical devices are
discussed that may have limited availability controlled
by the Food and Drug Administration (FDA) for use
only in a research study or clinical trial. Research,
clinical practice, and government regulations often
change the accepted standard in this field. When
consideration is being given to use of any drug in the
clinical setting, the health care provider or reader is
responsible for determining FDA status of the drug,
reading the package insert, and reviewing prescribing
information for the most up-to-date recommendations
on dose, precautions, and contraindications, and
determining the appropriate usage for the product. This
is especially important in the case of drugs that are
new or seldom used.

12268-8
Production Credits

VP, Executive Publisher: David D. Cella
Executive Editor: Amanda Martin
Editorial Assistant: Christina Freitas
Production Manager: Carolyn Rogers Pershouse
Senior Marketing Manager: Jennifer Scherzay
Product Fulfillment Manager: Wendy Kilborn
Composition: S4Carlisle Publishing Services
Cover and Text Design: Michael O’Donnell
Rights & Media Specialist: Wes DeShano
Media Development Editor: Shannon Sheehan
Cover Image (Title Page, Part Opener, Chapter
Opener): © fotomak/Shutterstock
Printing and Binding: LSC Communications
Cover Printing: LSC Communications

Library of Congress Cataloging-in-Publication Data
Names: McGonigle, Dee, editor. | Mastrian, Kathleen
Garver, editor.
Title: Nursing informatics and the foundation of
knowledge/[edited by]
Dee McGonigle, Kathleen Mastrian.
Description: Fourth edition. | Burlington, MA: Jones &
Bartlett Learning,
[2018] | Includes bibliographical references and index.
Identifiers: LCCN 2016043838 | ISBN 9781284121247
(pbk.)
Subjects: | MESH: Nursing Informatics | Knowledge
Classification: LCC RT50.5 | NLM WY 26.5 | DDC
651.5/04261–dc23

LC record available at
https://lccn.loc.gov/2016043838

6048
Printed in the United States of America
21 20 19 18 17 10 9 8 7 6 5 4 3 2 1

The Pedagogy
Nursing Informatics and the Foundation of
Knowledge, Fourth Edition drives comprehension
through a variety of strategies geared toward meeting
the learning needs of students, while also generating
enthusiasm about the topic. This interactive approach
addresses diverse learning styles, making this the ideal
text to ensure mastery of key concepts. The
pedagogical aids that appear in most chapters include
the following:

Special Acknowledgments
We want to express our sincere appreciation to the
staff at Jones & Bartlett Learning, especially Amanda,
Christina, and Carolyn, for their continued
encouragement, assistance, and support during the
writing process and publication of our book.

Contents
Preface
Acknowledgments
Contributors

SECTION I: BUILDING BLOCKS OF
NURSING INFORMATICS

1 Nursing Science and the Foundation of
Knowledge
Dee McGonigle and Kathleen Mastrian
Introduction
Quality and Safety Education for Nurses
Summary
References

2 Introduction to Information, Information
Science, and Information Systems
Kathleen Mastrian and Dee McGonigle
Introduction
Information
Information Science
Information Processing
Information Science and the Foundation of
Knowledge
Introduction to Information Systems

Summary
References

3 Computer Science and the Foundation of
Knowledge Model
Dee McGonigle, Kathleen Mastrian, and
June Kaminski
Introduction
The Computer as a Tool for Managing
Information and Generating Knowledge
Components
What Is the Relationship of Computer Science
to Knowledge?
How Does the Computer Support Collaboration
and Information Exchange?
Cloud Computing
Looking to the Future
Summary
Working Wisdom
Application Scenario
References

4 Introduction to Cognitive Science and
Cognitive Informatics
Kathleen Mastrian and Dee McGonigle
Introduction
Cognitive Science
Sources of Knowledge
Nature of Knowledge

How Knowledge and Wisdom Are Used in
Decision Making
Cognitive Informatics
Cognitive Informatics and Nursing Practice
What Is AI?
Summary
References

5 Ethical Applications of Informatics
Dee McGonigle, Kathleen Mastrian, and
Nedra Farcus
Introduction
Ethics
Bioethics
Ethical Issues and Social Media
Ethical Dilemmas and Morals
Ethical Decision Making
Theoretical Approaches to Healthcare Ethics
Applying Ethics to Informatics
Case Analysis Demonstration
New Frontiers in Ethical Issues
Summary
References

SECTION II: PERSPECTIVES ON NURSING
INFORMATICS

6 History and Evolution of Nursing
Informatics

Kathleen Mastrian and Dee McGonigle
Introduction
The Evolution of a Specialty
What Is Nursing Informatics?
The DIKW Paradigm
Capturing and Codifying the Work of Nursing
The Nurse as a Knowledge Worker
The Future
Summary
References

7 Nursing Informatics as a Specialty
Dee McGonigle, Kathleen Mastrian, Julie A.
Kenney, and Ida Androwich Introduction
Nursing Contributions to Healthcare
Informatics
Scope and Standards
Nursing Informatics Roles
Specialty Education and Certification
Nursing Informatics Competencies
Rewards of NI Practice
NI Organizations and Journals
The Future of Nursing Informatics
Summary
References

8 Legislative Aspects of Nursing
Informatics: HITECH and HIPAA

Kathleen M. Gialanella, Kathleen Mastrian,
and Dee McGonigle Introduction
HIPAA Came First
Overview of the HITECH Act
How a National HIT Infrastructure Is Being
Developed
How the HITECH Act Changed HIPAA
Implications for Nursing Practice
Future Regulations
Summary
References

SECTION III: NURSING INFORMATICS
ADMINISTRATIVE
APPLICATIONS: PRECARE
AND CARE SUPPORT

9 Systems Development Life Cycle: Nursing
Informatics and Organizational Decision
Making
Dee McGonigle and Kathleen Mastrian
Introduction
Waterfall Model
Rapid Prototyping or Rapid Application
Development
Object-Oriented Systems Development
Dynamic System Development Method
Computer-Aided Software Engineering Tools

Open Source Software and Free/Open Source
Software
Interoperability
Summary
References

10 Administrative Information Systems
Marianela Zytkowski, Susan Paschke,
Kathleen Mastrian, and Dee McGonigle
Introduction
Types of Healthcare Organization Information
Systems
Communication Systems
Core Business Systems
Order Entry Systems
Patient Care Support Systems
Interoperability
Aggregating Patient and Organizational Data
Department Collaboration and Exchange of
Knowledge and Information
Summary
References

11 The Human–Technology Interface
Dee McGonigle, Kathleen Mastrian, and
Judith A. Effken Introduction
The Human–Technology Interface
The Human–Technology Interface Problem
Improving the Human–Technology Interface

A Framework for Evaluation
Future of the Human–Technology Interface
Summary
References

12 Electronic Security
Lisa Reeves Bertin, Kathleen Mastrian, and
Dee McGonigle Introduction
Securing Network Information
Authentication of Users
Threats to Security
Security Tools
Offsite Use of Portable Devices
Summary
References

13 Workflow and Beyond Meaningful Use
Dee McGonigle, Kathleen Mastrian, and
Denise Hammel-Jones Introduction
Workflow Analysis Purpose
Workflow and Technology
Workflow Analysis and Informatics Practice
Informatics as a Change Agent
Measuring the Results
Future Directions
Summary
References

SECTION IV: NURSING INFORMATICS
PRACTICE APPLICATIONS:
CARE DELIVERY

14 The Electronic Health Record and
Clinical Informatics
Emily B. Barey, Kathleen Mastrian, and Dee
McGonigle
Introduction
Setting the Stage
Components of Electronic Health Records
Advantages of Electronic Health Records
Standardized Terminology and the EHR
Ownership of Electronic Health Records
Flexibility and Expandability
Accountable Care Organizations and the EHR
The Future
Summary
References

15 Informatics Tools to Promote Patient
Safety and Quality Outcomes
Dee McGonigle and Kathleen Mastrian
Introduction
What Is a Culture of Safety?
Strategies for Developing a Safety Culture
Informatics Technologies for Patient Safety
Role of the Nurse Informaticist

Summary
References

16 Patient Engagement and Connected
Health
Kathleen Mastrian and Dee McGonigle
Introduction
Consumer Demand for Information
Health Literacy and Health Initiatives
Healthcare Organization Approaches to
Engagement
Promoting Health Literacy in School-Aged
Children
Supporting Use of the Internet for Health
Education
Future Directions for Engaging Patients
Summary
References

17 Using Informatics to Promote
Community/Population Health
Dee McGonigle, Kathleen Mastrian,
Margaret Ross Kraft, and Ida Androwich
Introduction
Core Public Health Functions
Community Health Risk Assessment: Tools for
Acquiring Knowledge
Processing Knowledge and Information to
Support Epidemiology and Monitoring Disease

Outbreaks
Applying Knowledge to Health Disaster
Planning and Preparation
Informatics Tools to Support Communication
and Dissemination
Using Feedback to Improve Responses and
Promote Readiness
Summary
References

18 Telenursing and Remote Access
Telehealth
Original contribution by Audrey Kinsella,
Kathleen Albright, Sheldon Prial, and
Schuyler F. Hoss; revised by Kathleen
Mastrian and Dee McGonigle Introduction
The Foundation of Knowledge Model and Home
Telehealth
Nursing Aspects of Telehealth
History of Telehealth
Driving Forces for Telehealth
Telehealth Care
Telenursing
Telehealth Patient Populations
Tools of Home Telehealth
Home Telehealth Software
Home Telehealth Practice and Protocols
Legal, Ethical, and Regulatory Issues

The Patient’s Role in Telehealth
Telehealth Research
Evolving Telehealth Models
Parting Thoughts for the Future and a View
Toward What the Future Holds
Summary
References

SECTION V: EDUCATION APPLICATIONS OF
NURSING INFORMATICS

19 Nursing Informatics and Nursing
Education
Heather E. McKinney, Sylvia DeSantis,
Kathleen Mastrian, and Dee McGonigle
Introduction: Nursing Education and the
Foundation of Knowledge Model
Knowledge Acquisition and Sharing
Evolution of Learning Management Systems
Delivery Modalities
Technology Tools Supporting Education
Internet-Based Tools
Promoting Active and Collaborative Learning
Knowledge Dissemination and Sharing
Exploring Information Fair Use and Copyright
Restrictions
The Future
Summary
References

20 Simulation, Game Mechanics, and Virtual
Worlds in Nursing Education
Dee McGonigle, Kathleen Mastrian, Brett
Bixler, and Nickolaus Miehl Introduction
Simulation in Nursing Informatics Education
Nursing Informatics Competencies in Nursing
Education
A Case for Simulation in Nursing Informatics
Education and Nursing Education
Incorporating EHRs into the Learning
Environment
Challenges and Opportunities
The Future of Simulation in Nursing
Informatics Education
Game Mechanics and Virtual World Simulation
for Nursing Education
Game Mechanics and Educational Games
Virtual Worlds in Education
Choosing Among Simulations, Educational
Games, and Virtual Worlds
The Future of Simulations, Games, and Virtual
Worlds in Nursing Education
Summary
References

SECTION VI: RESEARCH APPLICATIONS OF
NURSING INFORMATICS

21 Nursing Research: Data Collection,
Processing, and Analysis
Heather E. McKinney, Sylvia DeSantis,
Kathleen Mastrian, and Dee McGonigle
Introduction: Nursing Research and the
Foundation of Knowledge Model
Knowledge Generation Through Nursing
Research
Acquiring Previously Gained Knowledge
Through Internet and Library Holdings
Fair Use of Information and Sharing
Informatics Tools for Collecting Data and
Storage of Information
Tools for Processing Data and Data Analysis
The Future
Summary
References

22 Data Mining as a Research Tool
Dee McGonigle and Kathleen Mastrian
Introduction: Big Data, Data Mining, and
Knowledge Discovery
KDD and Research
Data Mining Concepts
Data Mining Techniques
Data Mining Models
Benefits of KDD
Data Mining and Electronic Health Records

Ethics of Data Mining
Summary
References

23 Translational Research: Generating
Evidence for Practice
Jennifer Bredemeyer, Ida Androwich, Dee
McGonigle, and Kathleen Mastrian
Introduction
Clarification of Terms
History of Evidence-Based Practice
Evidence
Bridging the Gap Between Research and
Practice
Barriers to and Facilitators of Evidence-Based
Practice
The Role of Informatics
Developing EBP Guidelines
Meta-Analysis and Generation of Knowledge
The Future
Summary
References

24 Bioinformatics, Biomedical Informatics,
and Computational Biology
Dee McGonigle and Kathleen Mastrian
Introduction
Bioinformatics, Biomedical Informatics, and
Computational Biology Defined

Why Are Bioinformatics and Biomedical
Informatics So Important?
What Does the Future Hold?
Summary
References

SECTION VII: IMAGINING THE FUTURE OF
NURSING INFORMATICS

25 The Art of Caring in Technology-Laden
Environments
Kathleen Mastrian and Dee McGonigle
Introduction
Caring Theories
Presence
Strategies for Enhancing Caring Presence
Reflective Practice
Summary
References

26 Nursing Informatics and the Foundation
of Knowledge
Dee McGonigle and Kathleen Mastrian
Introduction
Foundation of Knowledge Revisited
The Nature of Knowledge
Knowledge Use in Practice
Characteristics of Knowledge Workers
Knowledge Management in Organizations

Managing Knowledge Across Disciplines
The Learning Healthcare System
Summary
References

Abbreviations

Glossary

Index

Preface
The idea for this text originated with the development
of nursing informatics (NI) classes, the publication of
articles related to technology-based education, and the
creation of the Online Journal of Nursing Informatics
(OJNI), which Dee McGonigle cofounded with Renee
Eggers. Like most nurse informaticists, we fell into the
specialty; our love affair with technology and gadgets
and our willingness to be the first to try new things
helped to hook us into the specialty of informatics. The
rapid evolution of technology and its transformation of
the ways of nursing prompted us to try to capture the
essence of NI in a text.

As we were developing the first edition, we realized
that we could not possibly know all there is to know
about informatics and the way in which it supports
nursing practice, education, administration, and
research. We also knew that our faculty roles
constrained our opportunities for exposure to changes
in this rapidly evolving field. Therefore, we developed a
tentative outline and a working model of the theoretical
framework for the text and invited participation from
informatics experts and specialists around the world.
We were pleased with the enthusiastic responses we
received from some of those invited contributors and a

few volunteers who heard about the text and asked to
participate in their particular area of expertise.

In the second edition, we invited the original
contributors to revise and update their chapters. Not
everyone chose to participate in the second edition, so
we revised several of the chapters using the original
work as a springboard. The revisions to the text were
guided by the contributors’ growing informatics
expertise and the reviews provided by textbook
adopters. In the revisions, we sought to do the
following:

Expand the audience focus to include nursing
students from BS through DNP programs as well as
nurses thrust into informatics roles in clinical
agencies.
Include, whenever possible, an attention-grabbing
case scenario as an introduction or an illustrative
case scenario demonstrating why the topic is
important.
Include important research findings related to the
topic. Many chapters have research briefs
presented in text boxes to encourage the reader to
access current research.
Focus on cutting-edge innovations, meaningful use,
and patient safety as appropriate to each topic.
Include a paragraph describing what the future
holds for each topic.

New chapters that were added to the second edition
included those focusing on technology and patient
safety, system development life cycle, workflow
analysis, gaming, simulation, and bioinformatics.

In the third edition, we reviewed and updated all of the
chapters, reordered some chapters for better content
flow, eliminated duplicated content, split the education
and research content into two sections, integrated
social media content, and added two new chapters:
Data Mining as a Research Tool and The Art of Caring
in Technology-Laden Environments.

In this fourth edition, we reviewed and updated all of
the chapters based on technological advancements
and changes to the healthcare arena, including
reimbursement mechanisms for services. We have
pared this edition down to 26 chapters from the
previous edition’s 29; one chapter each was deleted
from Sections II, V, and VII. Section I includes
updates to the same five chapters on the building
blocks of nursing informatics, with extensive changes
to Chapter 3, Computer Science and the Foundation of
Knowledge Model. To improve flow, we combined
content. In Section II, the previous four chapters were
narrowed to three. New Chapters 6, History and
Evolution of Nursing Informatics and 7, Nursing
Informatics as a Specialty, were developed and
appropriate material from previous Chapters 6, 7, and
8 were assimilated. This section ends with an updated

Chapter 8, Legislative Aspects of Nursing Informatics:
HITECH and HIPAA (formerly Chapter 9). Section III
contains the same five chapters, although all were
updated and Chapter 13, Workflow and Beyond
Meaningful Use (formerly Chapter 14) now reflects the
payment models and reimbursement issues that we
are adjusting to after meaningful use has gone away.
Section IV contains the same five chapters with
updated content and some name changes to reflect the
current status of informatics and healthcare. Chapter
15 was renamed to Informatics Tools to Promote
Patient Safety and Quality Outcomes, and Chapter 16
has been changed to Patient Engagement and
Connected Health. Section V went from three chapters
to two chapters: Chapter 19 (formerly Chapter 20)
was updated, while the new Chapter 20, Simulation,
Game Mechanics, and Virtual Worlds in Nursing
Education, had content from former Chapters 21 and
22 integrated during its development. Section VI was
renamed to Research Applications of Nursing
Informatics. It still has the same four chapters, which
have been updated, but the first chapter in this section,
21, was renamed to reflect nursing research; its new
name is Nursing Research: Data Collection,
Processing, and Analysis. Section VII went from three
chapters to two chapters. Because emerging
technologies are discussed throughout the text, the
chapter focusing specifically on that was removed. The
two chapters that remain are Chapter 25, The Art of
Caring in Technology-Laden Environments, and the

new Chapter 26, Nursing Informatics and Knowledge
Management. In addition, the ancillary materials have
been updated and enhanced to include competency-
based self-assessments and mapping the content to
the current NI standards.

We believe that this text provides a comprehensive
elucidation of this exciting field. Its theoretical
underpinning is the Foundation of Knowledge model.
This model is introduced in its entirety in the first
chapter (Nursing Science and the Foundation of
Knowledge), which discusses nursing science and its
relationship to NI. We believe that humans are organic
information systems that are constantly acquiring,
processing, and generating information or knowledge
in both their professional and personal lives. It is their
high degree of knowledge that characterizes humans
as extremely intelligent, organic machines. Individuals
have the ability to manage knowledge—an ability that
is learned and honed from birth. We make our way
through life interacting with our environment and being
inundated with information and knowledge. We
experience our environment and learn by acquiring,
processing, generating, and disseminating knowledge.
As we interact in our environment, we acquire
knowledge that we must process. This processing
effort causes us to redefine and restructure our
knowledge base and generate new knowledge. We
then share (disseminate) this new knowledge and
receive feedback from others. The dissemination and

feedback initiate this cycle of knowledge over again, as
we acquire, process, generate, and disseminate the
knowledge gained from sharing and re-exploring our
own knowledge base. As others respond to our
knowledge dissemination and we acquire new
knowledge, we engage in rethinking and reflecting on
our knowledge, processing, generating, and then
disseminating anew.

The purpose of this text is to provide a set of practical
and powerful tools to ensure that the reader gains an
understanding of NI and moves from information
through knowledge to wisdom. Defining the demands
of nurses and providing tools to help them survive and
succeed in the Knowledge Era remains a major
challenge. Exposing nursing students and nurses to
the principles and tools used in NI helps to prepare
them to meet the challenge of practicing nursing in the
Knowledge Era while striving to improve patient care at
all levels.

The text provides a comprehensive framework that
embraces knowledge so that readers can develop their
knowledge repositories and the wisdom necessary to
act on and apply that knowledge. The text is divided
into seven sections.

Section I, Building Blocks of Nursing Informatics,
covers the building blocks of NI: nursing science,
information science, computer science, cognitive

science, and the ethical management of
information.
Section II, Perspectives on Nursing Informatics,
provides readers with a look at various viewpoints
on NI and NI practice as described by experts in the
field.
Section III, Nursing Informatics Administrative
Applications: Precare and Care Support, covers
important functions of administrative applications of
NI.
Section IV, Nursing Informatics Practice
Applications: Care Delivery, covers healthcare
delivery applications including electronic health
records (EHRs), clinical information systems,
telehealth, patient safety, patient and community
education, and care management.
Section V, Education Applications of Nursing
Informatics, presents subject matter on how
informatics supports nursing education.
Section VI, Research Applications of Nursing
Informatics, covers informatics tools to support
nursing research, including data mining and
bioinformatics.
Section VII, Imagining the Future of Nursing
Informatics, focuses on the future of NI,
emphasizes the need to preserve caring functions
in technology-laden environments, and reviews the
relationship of nursing informatics to organizational
knowledge management.

The introduction to each section explains the
relationship between the content of that section and the
Foundation of Knowledge model. This text places the
material within the context of knowledge acquisition,
processing, generation, and dissemination. It serves
both nursing students (BS to DNP/PhD) and
professionals who need to understand, use, and
evaluate NI knowledge. As nursing professors, our
major responsibility is to prepare the practitioners and
leaders in the field. Because NI permeates the entire
scope of nursing (practice, administration, education,
and research), nursing education curricula must
include NI. Our primary objective is to develop the most
comprehensive and user-friendly NI text on the market
to prepare nurses for current and future practice
challenges. In particular, this text provides a solid
groundwork from which to integrate NI into practice,
education, administration, and research.

Goals of this text are as follows:

Impart core NI principles that should be familiar to
every nurse and nursing student
Help the reader understand knowledge and how it
is acquired, processed, generated, and
disseminated
Explore the changing role of NI professionals
Demonstrate the value of the NI discipline as an
attractive field of specialization

Meeting these goals will help nurses and nursing
students understand and use fundamental NI principles
so that they efficiently and effectively function as
current and future nursing professionals to enhance the
nursing profession and improve the quality of health
care. The overall vision, framework, and pedagogy of
this text offer benefits to readers by highlighting
established principles while drawing out new ones that
continue to emerge as nursing and technology evolve.

Acknowledgments
We are deeply grateful to the contributors who
provided this text with a richness and diversity of
content that we could not have captured alone. Joan
Humphrey provided social media content integrated
throughout the text. We especially wish to
acknowledge the superior work of Alicia Mastrian,
graphic designer of the Foundation of Knowledge
model, which serves as the theoretical framework on
which this text is anchored. We could never have
completed this project without the dedicated and
patient efforts of the Jones & Bartlett Learning staff,
especially Amanda Martin, Emma Huggard, and
Christina Freitas, all of whom fielded our questions and
concerns in a very professional, respectful, and timely
manner.

Dee acknowledges the undying love, support, patience,
and continued encouragement of her best friend and
husband, Craig, and her son, Craig, who has made her
so very proud. She sincerely thanks her cousins
Camille, Glenn, Mary Jane, and Sonny, and her dear
friends for their support and encouragement, especially
Renee.

Kathy acknowledges the loving support of her family:
husband Chip; children Ben and Alicia; sisters Carol
and Sue; and parents Robert and Rosalie Garver. She
dedicates her work on this edition to her dad, Robert,
who died September 17, 2016. Kathy also
acknowledges those friends who understand the
importance of validation, especially Katie, Lisa, Kathy,
Maureen, Anne, Barbara, and Sally.

Authors’ Note
This text provides an overview of nursing informatics
from the perspective of diverse experts in the field, with
a focus on nursing informatics and the Foundation of
Knowledge model. We want our readers and students
to focus on the relationship of knowledge to informatics
and to embrace and maintain the caring functions of
nursing—messages all too often lost in the romance
with technology. We hope you enjoy the text!

Contributors
Ida Androwich, PhD, RN, BC, FAAN
Loyola University Chicago
School of Nursing
Maywood, IL

Emily Barey, MSN, RN
Director of Nursing Informatics
Epic Systems Corporation
Madison, WI

Lisa Reeves Bertin, BS, EMBA
Pennsylvania State University
Sharon, PA

Brett Bixler, PhD
Pennsylvania State University
University Park, PA

Jennifer Bredemeyer, RN
Loyola University Chicago
School of Nursing
Skokie, IL

Steven Brewer, PhD
Assistant Professor, Administration of Justice

Pennsylvania State University
Sharon, PA

Sylvia M. DeSantis, MA
Pennsylvania State University
University Park, PA

Judith Effken, PhD, RN, FACMI
University of Arizona
College of Nursing
Tucson, AZ

Nedra Farcus, MSN, RN
Retired from Pennsylvania State University, Altoona
Altoona, PA

Kathleen M. Gialanella, JD, RN, LLM
Law Offices
Westfield, NJ
Associate Adjunct Professor
Teachers College, Columbia University
New York, NY
Adjunct Professor
Seton Hall University, College of Nursing & School
of Law
South Orange & Newark, NJ

Denise Hammel-Jones, MSN, RN-BC, CLSSBB
Greencastle Associates Consulting
Malvern, PA

Nicholas Hardiker, PhD, RN
Senior Research Fellow
University of Salford
School of Nursing & Midwifery
Salford, UK

Glenn Johnson, MLS
Pennsylvania State University
University Park, PA

June Kaminski, MSN, RN
Kwantlen University College
Surrey, British Columbia, Canada

Julie Kenney, MSN, RNC-OB
Clinical Analyst
Advocate Health Care
Oak Brook, IL

Margaret Ross Kraft, PhD, RN
Loyola University Chicago
School of Nursing
Maywood, IL

Wendy L. Mahan, PhD, CRC, LPC
Pennsylvania State University
University Park, PA

Heather McKinney, PhD

Pennsylvania State University
University Park, PA

Nickolaus Miehl, MSN, RN
Oregon Health Sciences University
Monmouth, OR

Lynn M. Nagle, PhD, RN
Assistant Professor
University of Toronto
Toronto, Ontario, Canada

Ramona Nelson, PhD, RN-BC, FAAN, ANEF
Professor Emerita, Slippery Rock University
President, Ramona Nelson Consulting
Pittsburgh, PA

Nancy Staggers, PhD, RN, FAAN
Professor, Informatics
University of Maryland
Baltimore, MD

Jeff Swain
Instructional Designer
Pennsylvania State University
University Park, PA

Denise D. Tyler, MSN/MBA, RN-BC
Implementation Specialist
Healthcare Provider, Consulting

ACS, a Xerox Company
Dearborn, MI
The Editors also acknowledge the work of the
following first edition contributors (original
contributions edited by McGonigle and Mastrian for
second edition):

Kathleen Albright, BA, RN
Strategic Account Manager at GE Healthcare
Philadelphia, PA

Schuyler F. Hoss, BA
Northwest Healthcare Management
Vancouver, WA

Audrey Kinsella, MA, MS
Information for Tomorrow
Telehealth Planning Services
Asheville, NC

Peter J. Murray, PhD, RN, FBCS
Coachman’s Cottage
Nocton, Lincoln, UK

Susan M. Paschke, MSN, RN
The Cleveland Clinic
Cleveland, OH

Sheldon Prial, RPH, BS Pharmacy
Sheldon Prial Consultance

Melbourne, FL

Jackie Ritzko
Pennsylvania State University
Hazelton, PA

Marianela Zytkowsi, MSN, RN
The Cleveland Clinic
Cleveland, OH

SECTION I: Building
Blocks of Nursing
Informatics

Chapter 1 Nursing Science and the Foundation
of Knowledge

Chapter 2 Introduction to Information,
Information Science, and Information Systems

Chapter 3 Computer Science and the
Foundation of Knowledge Model

Chapter 4 Introduction to Cognitive Science and
Cognitive Informatics

Chapter 5 Ethical Applications of Informatics

Nursing professionals are information-dependent
knowledge workers. As health care continues to evolve
in an increasingly competitive information marketplace,
professionals—that is, the knowledge workers—must
be well prepared to make significant contributions by
harnessing appropriate and timely information. Nursing
informatics (NI), a product of the scientific synthesis of
information in nursing, encompasses concepts from
computer science, cognitive science, information
science, and nursing science. NI continues to evolve

as more and more professionals access, use, and
develop the information, computer, and cognitive
sciences necessary to advance nursing science for the
betterment of patients and the profession. Regardless
of their future roles in the healthcare milieu, it is clear
that nurses need to understand the ethical application
of computer, information, and cognitive sciences to
advance nursing science.

To implement NI, one must view it from the perspective
of both the current healthcare delivery system and
specific, individual organizational needs, while
anticipating and creating future applications in both the
healthcare system and the nursing profession. Nursing
professionals should be expected to discover
opportunities to use NI, participate in the design of
solutions, and be challenged to identify, develop,
evaluate, modify, and enhance applications to improve
patient care. This text is designed to provide the reader
with the information and knowledge needed to meet
this expectation.

Section I presents an overview of the building blocks of
NI: nursing, information, computer, and cognitive
sciences. Also included in this section is a chapter on
ethical applications of healthcare informatics. This
section lays the foundation for the remainder of the
book.

The Nursing Science and the Foundation of Knowledge

chapter describes nursing science and introduces the
Foundation of Knowledge model as the conceptual
framework for the book. In this chapter, a clinical case
scenario is used to illustrate the concepts central to
nursing science. A definition of nursing science is also
derived from the American Nurses Association’s
definition of nursing. Nursing science is the ethical
application of knowledge acquired through education,
research, and practice to provide services and
interventions to patients to maintain, enhance, or
restore their health, and to acquire, process, generate,
and disseminate nursing knowledge to advance the
nursing profession. Information is a central concept
and health care’s most valuable resource. Information
science and systems, together with computers, are
constantly changing the way healthcare organizations
conduct their business. This will continue to evolve.

To prepare for these innovations, the reader must
understand fundamental information and computer
concepts, covered in the Introduction to Information,
Information Science, and Information Systems and
Computer Science and the Foundation of Knowledge
Model chapters, respectively. Information science deals
with the interchange (or flow) and scaffolding (or
structure) of information and involves the application of
information tools for solutions to patient care and
business problems in health care. To be able to use
and synthesize information effectively, an individual
must be able to obtain, perceive, process, synthesize,

comprehend, convey, and manage the information.
Computer science deals with understanding the
development, design, structure, and relationship of
computer hardware and software. This science offers
extremely valuable tools that, if used skillfully, can
facilitate the acquisition and manipulation of data and
information by nurses, who can then synthesize these
resources into an ever-evolving knowledge and
wisdom base. This not only facilitates professional
development and the ability to apply evidence-based
practice decisions within nursing care, but, if the results
are disseminated and shared, can also advance the
profession’s knowledge base. The development of
knowledge tools, such as the automation of decision
making and strides in artificial intelligence, has altered
the understanding of knowledge and its representation.
The ability to structure knowledge electronically
facilitates the ability to share knowledge structures and
enhance collective knowledge.

As discussed in the Introduction to Cognitive Science
and Cognitive Informatics chapter, cognitive science
deals with how the human mind functions. This science
encompasses how people think, understand,
remember, synthesize, and access stored information
and knowledge. The nature of knowledge, including
how it is developed, used, modified, and shared,
provides the basis for continued learning and
intellectual growth.

The Ethical Applications of Informatics chapter focuses
on ethical issues associated with managing private
information with technology and provides a framework
for analyzing ethical issues and supporting ethical
decision making.

The material within this book is placed within the
context of the Foundation of Knowledge model (shown
in Figure I-1 and periodically throughout the book, but
more fully introduced and explained in the Nursing
Science and the Foundation of Knowledge chapter).
The Foundation of Knowledge model is used
throughout the text to illustrate how knowledge is used
to meet the needs of healthcare delivery systems,
organizations, patients, and nurses. It is through
interaction with these building blocks—the theories,
architecture, and tools—that one acquires the bits and
pieces of data necessary, processes these into
information, and generates and disseminates the
resulting knowledge. Through this dynamic exchange,
which includes feedback, individuals continue the
interaction and use of these sciences to input or
acquire, process, and output or disseminate generated
knowledge. Humans experience their environment and
learn by acquiring, processing, generating, and
disseminating knowledge. When they then share
(disseminate) this new knowledge and receive
feedback on the knowledge they have shared, the
feedback initiates the cycle of knowledge all over
again. As individuals acquire, process, generate, and

disseminate knowledge, they are motivated to share,
rethink, and explore their own knowledge base. This
complex process is captured in the Foundation of
Knowledge model. Throughout the chapters in the
Building Blocks of Nursing Informatics section, readers
are challenged to think about how the model can help
them to understand the ways in which they acquire,
process, generate, disseminate, and then receive and
process feedback on their new knowledge of the
building blocks of NI.

Figure I-1 Foundation of Knowledge Model

Designed by Alicia Mastrian

CHAPTER 1: Nursing
Science and the
Foundation of
Knowledge

Dee McGonigle and Kathleen Mastrian

Objectives
1. Define nursing science and its

relationship to various nursing roles and
nursing informatics.

2. Introduce the Foundation of Knowledge
model as the organizing conceptual
framework for the text.

3. Explain the relationships among
knowledge acquisition, knowledge
processing, knowledge generation,
knowledge dissemination, and wisdom.

Key Terms
» Borrowed theory

» Building blocks

» Clinical databases

» Clinical practice guidelines

» Conceptual framework

» Data

» Data mining

» Evidence

» Feedback

» Foundation of Knowledge model

» Information

» Knowledge

» Knowledge acquisition

» Knowledge dissemination

» Knowledge generation

» Knowledge processing

» Knowledge worker

» Nursing informatics

» Nursing science

» Nursing theory

» Relational database

» Transparent wisdom

Introduction
Nursing informatics has been traditionally defined as
a specialty that integrates nursing science, computer
science, and information science to manage and
communicate data, information, knowledge, and
wisdom in nursing practice. This chapter focuses on
nursing science as one of the building blocks of
nursing informatics. As depicted in Figure 1-1, the
traditional definition of nursing informatics is extended
to include cognitive science. The Foundation of
Knowledge model is also introduced as the organizing
conceptual framework of this text, and the model is
tied to nursing science and the practice of nursing
informatics. To lay the groundwork for this discussion,
consider the following patient scenario:

Tom H. is a registered nurse who works
in a very busy metropolitan hospital
emergency room. He has just admitted a
79-year-old man whose wife brought him
to the hospital because he is having
trouble breathing. Tom immediately clips

a pulse oximeter to the patient’s finger
and performs a very quick assessment of
the patient’s other vital signs. He
discovers a rapid pulse rate and a
decreased oxygen saturation level in
addition to the rapid and labored
breathing. Tom determines that the
patient is not in immediate danger and
that he does not require intubation. Tom
focuses his initial attention on easing the
patient’s labored breathing by elevating
the head of the bed and initiating oxygen
treatment; he then hooks the patient up to
a heart monitor. Tom continues to assess
the patient’s breathing status as he
performs a head-to-toe assessment of
the patient that leads to the nursing
diagnoses and additional interventions
necessary to provide comprehensive care
to this patient.

Consider Tom’s actions and how and why he
intervened as he did. Tom relied on the immediate data
and information that he acquired during his initial
rapid assessment to deliver appropriate care to his
patient. Tom also used technology (a pulse oximeter
and a heart monitor) to assist with and support the
delivery of care. What is not immediately apparent, and
some would argue is transparent (done without

conscious thought), is the fact that during the rapid
assessment, Tom reached into his knowledge base of
previous learning and experiences to direct his care, so
that he could act with transparent wisdom. He used
both nursing theory and borrowed theory to inform
his practice. Tom certainly used nursing process
theory, and he may have also used one of several
other nursing theories, such as Rogers’s science of
unitary human beings, Orem’s theory of self-care
deficit, or Roy’s adaptation theory. In addition, Tom
may have applied his knowledge from some of the
basic sciences, such as anatomy, physiology,
psychology, and chemistry, as he determined the
patient’s immediate needs. Information from Maslow’s
hierarchy of needs, Lazarus’s transaction model of
stress and coping, and the health belief model may
have also helped Tom practice professional nursing.
He gathered data, and then analyzed and interpreted
those data to form a conclusion—the essence of
science. Tom has illustrated the practical aspects of
nursing science.

The American Nurses Association (2016) defines
nursing in this way: “Nursing is the protection,
promotion, and optimization of health and abilities,
prevention of illness and injury, facilitation of healing,
alleviation of suffering through the diagnosis and
treatment of human response, and advocacy in the
care of individuals, families, groups, communities, and
populations” (para. 1). Thus the focus of nursing is on

human responses to actual or potential health
problems and advocacy for various clients. These
human responses are varied and may change over
time in a single case. Nurses must possess the
technical skills to manage equipment and perform
procedures, the interpersonal skills to interact
appropriately with people, and the cognitive skills to
observe, recognize, and collect data; analyze and
interpret data; and reach a reasonable conclusion that
forms the basis of a decision. At the heart of all of
these skills lies the management of data and
information. This definition of nursing science focuses
on the ethical application of knowledge acquired
through education, research, and practice to provide
services and interventions to patients to maintain,
enhance, or restore their health and to acquire,
process, generate, and disseminate nursing knowledge
to advance the nursing profession.

Figure 1-1 Building Blocks of Nursing Informatics

Nursing is an information-intensive profession. The
steps of using information, applying knowledge to a
problem, and acting with wisdom form the basis of
nursing practice science. Information is composed of
data that were processed using knowledge. For
information to be valuable, it must be accessible,
accurate, timely, complete, cost-effective, flexible,
reliable, relevant, simple, verifiable, and secure.
Knowledge is the awareness and understanding of a
set of information and ways that information can be

made useful to support a specific task or arrive at a
decision. In the case scenario, Tom used accessible,
accurate, timely, relevant, and verifiable data and
information. He compared that data and information to
his knowledge base of previous experiences to
determine which data and information were relevant to
the current case. By applying his previous knowledge
to data, he converted those data into information, and
information into new knowledge—that is, an
understanding of which nursing interventions were
appropriate in this case. Thus information is data made
functional through the application of knowledge.

Humans acquire data and information in bits and
pieces and then transform the information into
knowledge. The information-processing functions of the
brain are frequently compared to those of a computer,
and vice versa (see a discussion of cognitive
informatics for more information). Humans can be
thought of as organic information systems that are
constantly acquiring, processing, and generating
information or knowledge in their professional and
personal lives. They have an amazing ability to
manage knowledge. This ability is learned and honed
from birth as individuals make their way through life
interacting with the environment and being inundated
with data and information. Each person experiences
the environment and learns by acquiring, processing,
generating, and disseminating knowledge.

Tom, for example, acquired knowledge in his basic
nursing education program and continues to build his
foundation of knowledge by engaging in such activities
as reading nursing research and theory articles,
attending continuing education programs, consulting
with expert colleagues, and using clinical databases
and clinical practice guidelines. As he interacts in
the environment, he acquires knowledge that must be
processed. This processing effort causes him to
redefine and restructure his knowledge base and
generate new knowledge. Tom can then share
(disseminate) this new knowledge with colleagues, and
he may receive feedback on the knowledge that he
shares. This dissemination and feedback builds the
knowledge foundation anew as Tom acquires,
processes, generates, and disseminates new
knowledge as a result of his interactions. As others
respond to his knowledge dissemination and he
acquires yet more knowledge, he is engaged to rethink,
reflect on, and re-explore his knowledge acquisition,
leading to further processing, generating, and then
disseminating knowledge. This ongoing process is
captured in the Foundation of Knowledge model, which
is used as an organizing framework for this text.

At its base, the model contains bits, bytes (a computer
term used to quantify data), data, and information in a
random representation. Growing out of the base are
separate cones of light that expand as they reflect
upward; these cones represent knowledge acquisition,

knowledge generation, and knowledge dissemination.
At the intersection of the cones and forming a new
cone is knowledge processing. Encircling and cutting
through the knowledge cones is feedback that acts on
and may transform any or all aspects of knowledge
represented by the cones. One should imagine the
model as a dynamic figure in which the cones of light
and the feedback rotate and interact rather than remain
static. Knowledge acquisition, knowledge generation,
knowledge dissemination, knowledge processing, and
feedback are constantly evolving for nurse scientists.
The transparent effect of the cones is deliberate and is
intended to suggest that as knowledge grows and
expands, its use becomes more transparent—a person
uses this knowledge during practice without even being
consciously aware of which aspect of knowledge is
being used at any given moment.

Experienced nurses, thinking back to their novice
years, may recall feeling like their head was filled with
bits of data and information that did not form any type
of cohesive whole. As the model depicts, the
processing of knowledge begins a bit later (imagine a
timeline applied vertically) with early experiences on
the bottom and expertise growing as the processing of
knowledge ensues. Early on in nurses’ education,
conscious attention is focused mainly on knowledge
acquisition, and beginning nurses depend on their
instructors and others to process, generate, and
disseminate knowledge. As nurses become more

comfortable with the science of nursing, they begin to
take over some of the other Foundation of Knowledge
functions. However, to keep up with the explosion of
information in nursing and health care, they must
continue to rely on the knowledge generation of
nursing theorists and researchers and the
dissemination of their work. In this sense, nurses are
committed to lifelong learning and the use of
knowledge in the practice of nursing science.

The Foundation of Knowledge model (Figure 1-2)
permeates this text, reflecting the understanding that
knowledge is a powerful tool and that nurses focus on
information as a key building block of knowledge. The
application of the model is described to help the reader
understand and appreciate the foundation of
knowledge in nursing science and see how it applies to
nursing informatics. All of the various nursing roles
(practice, administration, education, research, and
informatics) involve the science of nursing. Nurses are
knowledge workers, working with information and
generating information and knowledge as a product.
They are knowledge acquirers, providing convenient
and efficient means of capturing and storing
knowledge. They are knowledge users, meaning
individuals or groups who benefit from valuable, viable
knowledge. Nurses are knowledge engineers,
designing, developing, implementing, and maintaining
knowledge. They are knowledge managers, capturing
and processing collective expertise and distributing it

where it can create the largest benefit. Finally, they are
knowledge developers and generators, changing and
evolving knowledge based on the tasks at hand and
the information available.

In the case scenario, at first glance one might label
Tom as a knowledge worker, a knowledge acquirer,
and a knowledge user. However, stopping here might
sell Tom short in his practice of nursing science.
Although he acquired and used knowledge to help him
achieve his work, he also processed the data and
information he collected to develop a nursing diagnosis
and a plan of care. The knowledge stores Tom used to
develop and glean knowledge from valuable
information are generative (having the ability to
originate and produce or generate) in nature. For
example, Tom may have learned something new about
his patient’s culture from the patient or his wife that he
will file away in the knowledge repository of his mind to
be used in another similar situation. As he compares
this new cultural information to what he already knows,
he may gain insight into the effect of culture on a
patient’s response to illness. In this sense, Tom is a
knowledge generator. If he shares this newly acquired
knowledge with another practitioner, and as he records
his observations and his conclusions, he is then
disseminating knowledge. Tom also uses feedback
from the various technologies he has applied to
monitor his patient’s status. In addition, he may rely on
feedback from laboratory reports or even other

practitioners to help him rethink, revise, and apply the
knowledge about this patient that he is generating.

To have ongoing value, knowledge must be viable.
Knowledge viability refers to applications (most
technology based) that offer easily accessible,
accurate, and timely information obtained from a
variety of resources and methods and presented in a
manner so as to provide the necessary elements to
generate new knowledge. In the case scenario, Tom
may have felt the need to consult an electronic
database or a clinical guidelines repository that he has
downloaded on his tablet or smartphone, or that
resides in the emergency room’s networked computer
system, to assist him in the development of a
comprehensive care plan for his patient. In this way,
Tom uses technology and evidence to support and
inform his practice. It is also possible in this scenario
that an alert might appear in the patient’s electronic
health record or the clinical information system (CIS)
reminding Tom to ask about influenza and pneumonia
vaccines. Clinical information technologies that support
and inform nursing practice and nursing administration
are an important part of nursing informatics.

Figure 1-2 Foundation of Knowledge Model

Designed by Alicia Mastrian

This text provides a framework that embraces
knowledge so that readers can develop the wisdom
necessary to apply what they have learned. Wisdom is
the application of knowledge to an appropriate
situation. In the practice of nursing science, one
expects actions to be directed by wisdom. Wisdom
uses knowledge and experience to heighten common
sense and insight to exercise sound judgment in
practical matters. It is developed through knowledge,
experience, insight, and reflection. Wisdom is
sometimes thought of as the highest form of common
sense, resulting from accumulated knowledge or
erudition (deep, thorough learning) or enlightenment

(education that results in understanding and the
dissemination of knowledge). It is the ability to apply
valuable and viable knowledge, experience,
understanding, and insight while being prudent and
sensible. Knowledge and wisdom are not synonymous:
Knowledge abounds with others’ thoughts and
information, whereas wisdom is focused on one’s own
mind and the synthesis of experience, insight,
understanding, and knowledge. Wisdom has been
called the foundation of the art of nursing.

Some nursing roles might be viewed as more focused
on some aspects rather than other aspects of the
foundation of knowledge. For example, some might
argue that nurse educators are primarily knowledge
disseminators and that nurse researchers are
knowledge generators. Although the more frequent
output of their efforts can certainly be viewed in this
way, it is important to realize that nurses use all of the
aspects of the Foundation of Knowledge model
regardless of their area of practice. For nurse
educators to be effective, they must be in the habit of
constantly building and rebuilding their foundation of
knowledge about nursing science. In addition, as they
develop and implement curricular innovations, they
must evaluate the effectiveness of those changes. In
some cases, they use formal research techniques to
achieve this goal and, therefore, generate knowledge
about the best and most effective teaching strategies.
Similarly, nurse researchers must acquire and process

new knowledge as they design and conduct their
research studies. All nurses have the opportunity to be
involved in the formal dissemination of knowledge via
their participation in professional conferences, either as
presenters or as attendees. In addition, some nurses
disseminate knowledge by formal publication of their
ideas. In the cases of conference presentation and
publication, nurses may receive feedback that
stimulates rethinking about the knowledge they have
generated and disseminated, in turn prompting them to
acquire and process data and information anew.

All nurses, regardless of their practice arena, must use
informatics and technology to inform and support that
practice. The case scenario discussed Tom’s use of
various monitoring devices that provide feedback on
the physiologic status of the patient. It was also
suggested that Tom might consult a clinical database
or nursing practice guidelines residing on a tablet or
smartphone, in the cloud (a virtual information storage
system), or on a clinical agency network as he
develops an appropriate plan of action for his nursing
interventions. Perhaps the CIS in the agency supports
the collection of data about patients in a relational
database, providing an opportunity for data mining by
nursing administrators or nurse researchers. In this
way, administrators and researchers can glean
information about best practices and determine which
improvements are necessary to deliver the best and

most effective nursing care (Swan, Lang, & McGinley,
2004).

The future of nursing science and nursing informatics is
closely associated with nursing education and nursing
research. Skiba (2007) suggested that techno-savvy
and well-informed faculty who can demonstrate the
appropriate use of technologies to enhance the
delivery of nursing care are needed. Along those lines,
Whitman-Price, Kennedy, and Godwin (2012)
conducted research among senior nursing students to
determine perceptions of personal phone use to
access healthcare information during clinical. Their
study indicated that ready access to electronic
resources enhanced clinical decision making and
confidence in patient care. Girard (2007) discussed
cutting-edge operating room technologies, such as
nanosurgery using nanorobots, smart fabrics that aid in
patient assessment during surgery, biopharmacy
techniques for the safe and effective delivery of
anesthesia, and virtual reality training. She made an
extremely provocative point about nursing education:
“Educators will need to expand their knowledge and
teach for the future and not the past. They must take
heed that the old tried-and-true nursing education
methods and curriculum that has lasted 100 years will
have to change, and that change will be mandated for
all areas of nursing” (p. 353). Bassendowski (2007)
specifically addressed the potential for the generation
of knowledge in educational endeavors as faculty apply

new technologies to teaching and the focus shifts away
from individual to group instruction that promotes
sharing and processing of knowledge.

Several key national groups continue to promote the
inclusion of informatics content in nursing education
programs. These initiatives include the Vision Series by
the National League for Nursing (NLN; 2015);
recommendations in the Quality and Safety Education
for Nurses (QSEN) learning modules (2014a); the
Technology Informatics Guiding Education Reform
(TIGER) Initiative (Healthcare Information and
Management Systems Society, 2016); and Nursing
Informatics Deep Dive by the American Association of
Colleges of Nursing (AACN; 2016). These
organizations focus on the need to integrate
informatics competencies into nursing curricula to
prepare future nurses for the tasks of managing data,
information, and knowledge; alleviating errors and
promoting safety; supporting decision making; and
improving the quality of patient care. Nurse educators
are challenged to prepare informatics-competent
nurses who can practice safely in technology-laden
settings.

The TIGER (2007) initiative identified steps toward a
10-year vision and stated a key purpose: “to create a
vision for the future of nursing that bridges the quality
chasm with information technology, enabling nurses to
use informatics in practice and education to provide

safer, higher-quality patient care” (p. 4). The pillars of
the TIGER vision include the following:

Management and Leadership: Revolutionary
leadership that drives, empowers, and executes the
transformation of health care.
Education: Collaborative learning communities that
maximize the possibilities of technology toward
knowledge development and dissemination, driving
rapid deployment and implementation of best
practices.
Communication and Collaboration: Standardized,
person-centered, technology-enabled processes to
facilitate teamwork and relationships across the
continuum of care.
Informatics Design: Evidence-based, interoperable
intelligence systems that support education and
practice to foster quality care and safety.
Information Technology: Smart, people-centered,
affordable technologies that are universal, useable,
useful, and standards based.
Policy: Consistent, incentives-based initiatives
(organizational and governmental) that support
advocacy and coalition-building, achieving and
resourcing an ethical culture of safety.
Culture: A respectful, open system that leverages
technology and informatics across multiple
disciplines in an environment where all
stakeholders trust each other to work together
toward the goal of high quality and safety (p. 4).

The Essentials of Baccalaureate Education for
Professional Nursing Practice (AACN, 2008, pp. 18–
19) includes the following technology-related outcomes
for baccalaureate nursing graduates:

1. Demonstrate skills in using patient care
technologies, information systems, and
communication devices that support safe
nursing practice.

2. Use telecommunication technologies to assist in
effective communication in a variety of
healthcare settings.

3. Apply safeguards and decision-making support
tools embedded in patient care technologies and
information systems to support a safe practice
environment for both patients and healthcare
workers.

4. Understand the use of CIS to document
interventions related to achieving nurse-sensitive
outcomes.

5. Use standardized terminology in a care
environment that reflects nursing’s unique
contribution to patient outcomes.

6. Evaluate data from all relevant sources,
including technology, to inform the delivery of
care.

7. Recognize the role of information technology in
improving patient care outcomes and creating a
safe care environment.

8. Uphold ethical standards related to data security,
regulatory requirements, confidentiality, and
clients’ right to privacy.

9. Apply patient care technologies as appropriate
to address the needs of a diverse patient
population.

10. Advocate for the use of new patient care
technologies for safe, quality care.

11. Recognize that redesign of workflow and care
processes should precede implementation of
care technology to facilitate nursing practice.

12. Participate in the evaluation of information
systems in practice settings through policy and
procedure development.

The report suggests the following sample content for
achieving these student outcomes (AACN, 2008, pp.
19–20):

Use of patient care technologies (e.g., monitors,
pumps, computer-assisted devices)
Use of technology and information systems for
clinical decision making
Computer skills that may include basic software,
spreadsheet, and healthcare databases
Information management for patient safety
Regulatory requirements through electronic data-
monitoring systems
Ethical and legal issues related to the use of
information technology, including copyright, privacy,

and confidentiality issues
Retrieval information systems, including access,
evaluation of data, and application of relevant data
to patient care
Online literature searches
Technological resources for evidence-based
practice
Web-based learning and online literature searches
for self and patient use
Technology and information systems safeguards
(e.g., patient monitoring, equipment, patient
identification systems, drug alerts and IV systems,
and bar coding)
Interstate practice regulations (e.g., licensure,
telehealth)
Technology for virtual care delivery and monitoring
Principles related to nursing workload measurement
and resources and information systems
Information literacy
Electronic health record and physician order entry
Decision support tools
Role of the nurse informaticist in the context of
health informatics and information systems

The Informatics and Healthcare Technologies
Essentials of Master’s Education in Nursing includes
the following elements:

Essential V: Informatics and Healthcare
Technologies

Rationale

Informatics and healthcare technologies
encompass five broad areas:

Use of patient care and other technologies to
deliver and enhance care

Communication technologies to integrate and
coordinate care

Data management to analyze and improve
outcomes of care

Health information management for evidence-
based care and health education

Facilitation and use of electronic health records
to improve patient care (AACN, 2011, pp. 17–
18)

Quality and Safety Education
for Nurses
As nursing science evolves, it is critical that patient
care improves. Sometimes, unfortunately, patient care
is less-than-adequate and is unsafe. Therefore, quality
and safety have become paramount. The QSEN
Institute project seeks to prepare future nurses who will
have the knowledge, skills, and attitudes (KSAs)
necessary to continuously improve the quality and

safety of the healthcare systems within which they
work.

Prelicensure informatics KSAs include the following
(QSEN Institute, 2014c):

INFORMATICS

Knowledge Skills Attitudes

Explain why information

and technology skills are

essential for safe patient

care

Seek

education

about how

information is

managed in

care settings

before

providing care

Apply

technology

and

information

management

tools to

support safe

processes of

care

Appreciate the

necessity for all

health professionals

to seek lifelong,

continuous learning

of information

technology skills

Identify essential

information that must be

available in a common

database to support

patient care

Contrast benefits and

Navigate the

electronic

health record

Document and

plan patient

care in an

Value technologies

that support clinical

decision making,

error prevention, and

care coordination

Protect the

limitations of different

communication

technologies and their

impact on safety and

quality

electronic

health record

Employ

communication

technologies to

coordinate

care for

patients

confidentiality of

protected health

information in

electronic health

records

Describe examples of

how technology and

information management

are related to the quality

and safety of patient care

Recognize the time,

effort, and skill required

for computers,

databases, and other

technologies to become

reliable and effective tools

for patient care

Respond

appropriately

to clinical

decision-

making

supports and

alerts

Use

information

management

tools to

monitor

outcomes of

care

processes

Use high

quality

electronic

sources of

healthcare

information

Value nurses’

involvement in

design, selection,

implementation, and

evaluation of

information

technologies to

support patient care

Definition: Use information and technology to communicate, manage
knowledge, mitigate error, and support decision making.

Reproduced from Cronenwett, L., Sherwood, G., Barnsteiner J.,

Disch, J., Johnson, J., Mitchell, P., . . . Warren, J. (2007). Quality and

safety education for nurses. Nursing Outlook, 55(3), 122–131.

Copyright 2007, with permission from Elsevier.

Graduate-level informatics KSAs include the following
(QSEN Institute, 2014b):

INFORMATICS

Knowledge Skills Attitudes

Contrast benefits and

limitations of common

information technology

strategies used in the

delivery of patient care

Evaluate the strengths

and weaknesses of

information systems

used in patient care

Participate in the

selection, design,

implementation,

and evaluation of

information

systems

Communicate the

integral role of

information

technology in

nurses’ work

Model behaviors

that support

implementation

and appropriate

use of electronic

health records

Assist team

members to adopt

information

technology by

piloting and

Value the use of

information and

communication

technologies in

patient care

evaluating

proposed

technologies

Formulate essential

information that must

be available in a

common database to

support patient care in

the practice specialty

Evaluate benefits and

limitations of different

communication

technologies and their

impact on safety and

quality

Promote access to

patient care

information for all

professionals who

provide care to

patients

Serve as a

resource for how to

document nursing

care at basic and

advanced levels

Develop

safeguards for

protected health

information

Champion

communication

technologies that

support clinical

decision making,

error prevention,

care coordination,

and protection of

patient privacy

Appreciate the

need for consensus

and collaboration in

developing systems

to manage

information for

patient care

Value the

confidentiality and

security of all

patient records

Describe and critique

taxonomic and

terminology systems

used in national efforts

to enhance

interoperability of

information systems

Access and

evaluate high

quality electronic

sources of

healthcare

information

Participate in the

Value the

importance of

standardized

terminologies in

conducting

searches for patient

information

and knowledge

management systems

design of clinical

decision-making

supports and alerts

Search, retrieve,

and manage data

to make decisions

using information

and knowledge

management

systems

Anticipate

unintended

consequences of

new technology

Appreciate the

contribution of

technological alert

systems

Appreciate the time,

effort, and skill

required for

computers,

databases, and

other technologies

to become reliable

and effective tools

for patient care

Definition: Use information and technology to communicate, manage
knowledge, mitigate error, and support decision making.

Reproduced from Cronenwett, L., Sherwood, G., Pohl, J., Barnsteiner

J., Moore, D., Sullivan, D., . . . Warren, J. (2009). Quality and safety

education for nurses. Nursing Outlook, 57(6), 338–348. Copyright

2009, with permission from Elsevier.

This text is designed to include the necessary content
to prepare nurses for practice in the ever-changing and
technology-laden healthcare environments. Informatics
competence has been recognized as necessary in
order to enhance clinical decision making and improve
patient care for many years. This is evidenced by
Goossen (2000), who reflected on the need for
research in this area and believed that the focus of

nursing informatics research should be on the
structuring and processing of patient information and
the ways that these endeavors inform nursing decision
making in clinical practice. The increased use of
technology to enhance nursing practice, nursing
education, and nursing research will open new
avenues for acquiring, processing, generating, and
disseminating knowledge.

In the future, nursing research will make significant
contributions to the development of nursing science.
Technologies and translational research will abound,
and clinical practices will continue to be evidence
based, thereby improving patient outcomes and
decreasing safety concerns. Schools of nursing will
embrace nursing science as they strive to meet the
needs of changing student populations and the
increasing complexity of healthcare environments.

Summary
Nursing science influences all areas of nursing
practice. This chapter provided an overview of nursing
science and considered how nursing science relates to
typical nursing practice roles, nursing education,
informatics, and nursing research. The Foundation of
Knowledge model was introduced as the organizing
conceptual framework for this text. Finally, the
relationship of nursing science to nursing informatics
was discussed. In subsequent chapters the reader will

learn more about how nursing informatics supports
nurses in their many and varied roles. In an ideal world,
nurses would embrace nursing science as knowledge
users, knowledge managers, knowledge developers,
knowledge engineers, and knowledge workers.

THOUGHT-PROVOKING QUESTIONS

1. Imagine you are in a social situation and
someone asks you, “What does a nurse
do?” Think about how you will capture
and convey the richness that is nursing
science in your answer.

2. Choose a clinical scenario from your
recent experience and analyze it using
the Foundation of Knowledge model. How
did you acquire knowledge? How did you
process knowledge? How did you
generate knowledge? How did you
disseminate knowledge? How did you use
feedback, and what was the effect of the
feedback on the foundation of your
knowledge?

References
American Association of Colleges of

Nursing (AACN). (2008, October 20).
The essentials of baccalaureate

education for professional nursing
practice. Retrieved from
http://www.aacn.nche.edu/education-
resources/BaccEssentials08.pdf

American Association of Colleges of
Nursing (AACN). (2011, March 21).
The essentials of master’s education in
nursing. Retrieved from
http://www.aacn.nche.edu/education-
resources/MastersEssentials11.pdf

American Association of Colleges of
Nursing (AACN). (2016). Background
and overview: Nursing informatics
Deep Dive. Retrieved from
http://www.aacn.nche.edu/qsen-
informatics/background-overview

American Nurses Association. (2016).
What is nursing? Retrieved from
http://www.nursingworld.org/EspeciallyForYou/What-
is-Nursing

Bassendowski, S. (2007). NursingQuest:
Supporting an analysis of nursing
issues. Journal of Nursing Education,

46(2), 92–95. Retrieved from
Education Module database [document
ID: 1210832211].

Cronenwett, L., Sherwood, G., Barnsteiner
J., Disch, J., Johnson, J., Mitchell, P., .
. . Warren, J. (2007). Quality and
safety education for nurses. Nursing
Outlook, 55(3), 122–131.

Girard, N. (2007). Science fiction comes to
the OR. Association of Operating
Room Nurses. AORN Journal, 86(3),
351–353. Retrieved from Health
Module database [document ID:
1333149261].

Goossen, W. (2000). Nursing informatics
research. Nurse Researcher, 8(2), 42.
Retrieved from ProQuest Nursing &
Allied Health Source database
[document ID: 67258628].

Healthcare Information and Management
Systems Society. (2016). The TIGER
initiative. Retrieved from

http://www.himss.org/professional-
development/tiger-initiative

National League for Nursing (NLN).
(2015). A vision for the changing
faculty role: Preparing students for the
technological world of health care.
Retrieved from
https://www.nln.org/docs/default-
source/about/nln-vision-series-
(position-statements)/a-vision-for-
the-changing-faculty-role-preparing-
students-for-the-technological-
world-of-health-care.pdf?sfvrsn=0

Quality and Safety Information for Nurses
(QSEN) Institute. (2014a). Courses:
Learning modules. Retrieved from
http://www.qsen.org/courses/learning-
modules

QSEN Institute. (2014b). Graduate KSAs.
Retrieved from
http://www.qsen.org/competencies/graduate-
ksas

QSEN Institute. (2014c). Pre-licensure
KSAs. Retrieved from
http://www.qsen.org/competencies/pre-
licensure-ksas

Skiba, D. (2007). Faculty 2.0: Flipping the
novice to expert continuum. Nursing
Education Perspectives, 28(6), 342–
344. Retrieved from ProQuest Nursing
& Allied Health Source database
[document ID: 1401240241].

Swan, B., Lang, N., & McGinley, A.
(2004). Access to quality health care:
Links between evidence, nursing
language, and informatics. Nursing
Economic$, 22(6), 325–332. Retrieved
from Health Module database
[document ID: 768191851].

Technology Informatics Guiding Education
Reform. (2007). Evidence and
informatics transforming nursing: 3-
year action steps toward a 10-year
vision. Retrieved from
http://www.aacn.nche.edu/education-
resources/TIGER.pdf

Whitman-Price, R., Kennedy, L., &
Godwin, C. (2012). Use of personal
phones by senior nursing students to
access health care information during
clinical education: Staff nurses’ and
students’ perceptions. Journal of
Nursing Education, 51(11), 642–646.

CHAPTER 2: Introduction
to Information,
Information Science, and
Information Systems

Kathleen Mastrian and Dee McGonigle

Objectives
1. Reflect on the progression from data to

information to knowledge.
2. Describe the term information.
3. Assess how information is acquired.
4. Explore the characteristics of quality

information.
5. Describe an information system.
6. Explore data acquisition or input and

processing or retrieval, analysis, and
synthesis of data.

7. Assess output or reports, documents,
summaries, alerts, and outcomes.

8. Describe information dissemination and
feedback.

9. Define information science.
10. Assess how information is processed.
11. Explore how knowledge is generated in

information science.

Key Terms
» Acquisition

» Alert

» Analysis

» Chief information officers

» Chief technical officers

» Chief technology officers

» Cloud computing

» Cognitive science

» Communication science

» Computer-based information systems

» Computer science

» Consolidated Health Informatics

» Data

» Dissemination

» Document

» Electronic health records

» Federal Health Information Exchange

» Feedback

» Health information exchange

» Health Level Seven

» Indiana Health Information Exchange

» Information

» Information science

» Information systems

» Information technology

» Input

» Interfaces

» Internet2

» Internet of Things (IoT)

» Knowledge

» Knowledge worker

» Library science

» Massachusetts Health Data Consortium

» National Health Information
Infrastructure

» National Health Information Network

» New England Health EDI Network

» Next-Generation Internet

» Outcome

» Output

» Processing

» Rapid Syndromic Validation Project

» Report

» Social sciences

» Stakeholders

» Summaries

» Synthesis

» Telecommunications

Introduction
This chapter explores information, information systems
(ISs), and information science as one of the building
blocks of informatics. (Refer to Figure 2-1.) The key
word here, of course, is information. Information and

information processing are central to the work of health
care. A healthcare professional is known as a
knowledge worker because he or she deals with and
processes information on a daily basis to make it
meaningful and inform his or her practice.

Figure 2-1 Building Blocks of Nursing Informatics

Healthcare information is complex, and many concerns
and issues arise with healthcare information, such as
ownership, access, disclosure, exchange, security,
privacy, disposal, and dissemination. The widespread

implementation of electronic health records (EHRs)
has promoted collaboration among public- and private-
sector stakeholders on a wide-ranging variety of
healthcare information solutions. Some of these
initiatives include Health Level Seven (HL7), the eGov
initiative by Consolidated Health Informatics (CHI),
the National Health Information Infrastructure
(NHII), the National Health Information Network
(NHIN), Next-Generation Internet (NGI), Internet2,
and iHealth record. There are also health information
exchange (HIE) systems, such as Connecting for
Health, the eHealth initiative, the Federal Health
Information Exchange (FHIE), the Indiana Health
Information Exchange (IHIE), the Massachusetts
Health Data Consortium (MHDC), the New England
Health EDI Network (NEHEN), the State of New
Mexico Rapid Syndromic Validation Project (RSVP),
the Southeast Michigan e-Prescribing Initiative, and the
Tennessee Volunteer eHealth Initiative (Goldstein,
Groen, Ponkshe, & Wine, 2007). Many of these were
sparked by the HITECH Act of 2011, which set the
2014 deadline for implementing EHRs and provided
the impetus for HIE initiatives.

It is quite evident from the previous brief listing that
there is a need to remedy healthcare information
technology (IT) concerns, challenges, and issues
faced today. One of the main issues deals with how
healthcare information is managed to make it
meaningful. It is important to understand how people

obtain, manipulate, use, share, and dispose of
information. This chapter deals with the information
piece of this complex puzzle.

Information
Suppose someone states the number 99.5. What does
that mean? It could be a radio station or a score on a
test. Now suppose someone says that Ms. Howsunny’s
temperature is 99.5°F—what does that convey? It is
then known that 99.5 is a person’s temperature. The
data (99.5) were processed to the information that
99.5° is a specific person’s temperature. Data are raw
facts. Information is processed data that has meaning.
Healthcare professionals constantly process data and
information to provide the best possible care for their
patients.

Many types of data exist, such as alphabetic, numeric,
audio, image, and video data. Alphabetic data refer to
letters, numeric data refer to numbers, and
alphanumeric data combine both letters and numbers.
This includes all text and the numeric outputs of digital
monitors. Some of the alphanumeric data encountered
by healthcare professionals are in the form of patients’
names, identification numbers, or medical record
numbers. Audio data refer to sounds, noises, or tones
—for example, monitor alerts or alarms, taped or
recorded messages, and other sounds. Image data
include graphics and pictures, such as graphic monitor

displays or recorded electrocardiograms, radiographs,
magnetic resonance imaging (MRI) outputs, and
computed tomography (CT) scans. Video data refer to
animations, moving pictures, or moving graphics. Using
these data, one may review the ultrasound of a
pregnant patient, examine a patient’s echocardiogram,
watch an animated video for professional development,
or learn how to operate a new technology tool, such as
a pump or monitoring system. The data we gather,
such as heart and lung sounds or X-rays, help us
produce information. For example, if a patient’s X-rays
show a fracture, it is interpreted into information such
as spiral, compound, or hairline. This information is
then processed into knowledge and a treatment plan is
formulated based on the healthcare professional’s
wisdom.

The integrity and quality of the data, rather than the
form, are what matter. Integrity refers to whole,
complete, correct, and consistent data (Figure 2-2).
Data integrity can be compromised through human
error; viruses, worms, or other computer bugs;
hardware failures or crashes; transmission errors; or
hackers entering the system. Figure 2-3 illustrates
some ways that data can be compromised. Information
technologies help to decrease these errors by putting
into place safeguards, such as backing up files on a
routine basis, error detection for transmissions, and
user interfaces that help people enter the data
correctly. High-quality data are relevant and accurately

represent their corresponding concepts. Data are dirty
when a database contains errors, such as duplicate,
incomplete, or outdated records. One author (D.M.)
found 50 cases of tongue cancer in a database she
examined for data quality. When the records were
tracked down and analyzed, and the dirty data were
removed, only one case of tongue cancer remained. In
this situation, the data for the same person had been
entered erroneously 49 times. The major problem was
with the patient’s identification number and name: The
number was changed or his name was misspelled
repeatedly. If researchers had just taken the number of
cases in that defined population as 50, they would
have concluded that tongue cancer was an epidemic,
resulting in flawed information that is not meaningful.
As this example demonstrates, it is imperative that data
be clean if the goal is quality information. The data that
are processed into information must be of high quality
and integrity to create meaning to inform assessments
and decision making.

Figure 2-2 Data Integrity

Figure 2-3 Threats to Data Integrity

To be valuable and meaningful, information must be of
good quality. Its value relates directly to how the
information informs decision making. Characteristics of
valuable, quality information include accessibility,
security, timeliness, accuracy, relevancy,
completeness, flexibility, reliability, objectivity, utility,
transparency, verifiability, and reproducibility.

Accessibility is a must; the right user must be able to
obtain the right information at the right time and in the
right format to meet his or her needs. Getting
meaningful information to the right user at the right time
is as vital as generating the information in the first
place. The right user refers to an authorized user who
has the right to obtain the data and information he or
she is seeking. Security is a major challenge because
unauthorized users must be blocked while the
authorized user is provided with open, easy access
(see the Electronic Security chapter).

Timely information means that the information is
available when it is needed for the right purpose and at
the right time. Knowing who won the lottery last week
does not help one to know if the person won it today.
Accurate information means that there are no errors in
the data and information. Relevant information is a
subjective descriptor, in that the user must have
information that is relevant or applicable to his or her
needs. If a healthcare provider is trying to decide
whether a patient needs insulin and only the patient’s

CT scan information is available, this information is not
relevant for that current need. However, if one needed
information about the CT scan, the information is
relevant.

Complete information contains all of the necessary
essential data. If the healthcare provider needs to
contact the only relative listed for the patient and his or
her contact information is listed but the approval for
that person to be a contact is missing, this information
is considered incomplete. Flexible information means
that the information can be used for a variety of
purposes. Information concerning the inventory of
supplies on a nursing unit, for example, can be used by
nurses who need to know if an item is available for use
for a patient. The nurse manager accesses this
information to help decide which supplies need to be
ordered, to determine which items are used most
frequently, and to do an economic assessment of any
waste.

Reliable information comes from reliable or clean data
gathered from authoritative and credible sources.
Objective information is as close to the truth as one
can get; it is not subjective or biased, but rather is
factual and impartial. If someone states something, it
must be determined whether that person is reliable and
whether what he or she is stating is objective or tainted
by his or her own perspective.

Utility refers to the ability to provide the right
information at the right time to the right person for the
right purpose. Transparency allows users to apply their
intellect to accomplish their tasks while the tools
housing the information disappear into the background.
Verifiable information means that one can check to
verify or prove that the information is correct.
Reproducibility refers to the ability to produce the same
information again.

Information is acquired either by actively looking for it
or by having it conveyed by the environment. All of the
senses (vision, hearing, touch, smell, and taste) are
used to gather input from the surrounding world, and
as technologies mature, more and more input will be
obtained through the senses. Currently, people receive
information from computers (output) through vision,
hearing, or touch (input); and the response (output) to
the computer (input) is the interface with technology.
Gesture recognition is increasing, and interfaces that
incorporate it will change the way people become
informed. Many people access the Internet on a daily
basis seeking information or imparting information.
Individuals are constantly becoming informed,
discovering, or learning; becoming reinformed,
rediscovering, or relearning; and purging what has
been acquired. The information acquired through these
processes is added to the personal knowledge base.
Knowledge is the awareness and understanding of a
set of information and ways that information can be

made useful to support a specific task or arrive at a
decision. This knowledge building is an ongoing
process engaged in while a person is conscious and
going about his or her normal daily activities.

Information Science
Information science has evolved over the last 50 or so
years as a field of scientific inquiry and professional
practice. It can be thought of as the science of
information, studying the application and usage of
information and knowledge in organizations and the
interface or interaction between people, organizations,
and ISs. This extensive, interdisciplinary science
integrates features from cognitive science,
communication science, computer science, library
science, and the social sciences. Information science
is primarily concerned with the input, processing,
output, and feedback of data and information through
technology integration with a focus on comprehending
the perspective of the stakeholders involved and then
applying IT as needed. It is systemically based, dealing
with the big picture rather than individual pieces of
technology.

Information science can also be related to determinism.
Specifically, it is a response to technologic determinism
—the belief that technology develops by its own laws,
that it realizes its own potential, limited only by the
material resources available, and must therefore be

regarded as an autonomous system controlling and
ultimately permeating all other subsystems of society
(Web Dictionary of Cybernetics and Systems, 2007,
para. 1).

This approach sets the tone for the study of information
as it applies to itself, the people, the technology, and
the varied sciences that are contextually related
depending on the needs of the setting or organization;
what is important is the interface between the
stakeholders and their systems, and the ways they
generate, use, and locate information. According to
Cornell University (2010), “Information Science brings
together faculty, students and researchers who share
an interest in combining computer science with the
social sciences of how people and society interact with
information” (para. 1). Information science is an
interdisciplinary, people-oriented field that explores and
enhances the interchange of information to transform
society, communication science, computer science,
cognitive science, library science, and the social
sciences. Society is dominated by the need for
information, and knowledge and information science
focus on systems and individual users by fostering
user-centered approaches that enhance society’s
information capabilities, effectively and efficiently
linking people, information, and technology. This
impacts the configuration and mix of organizations and
influences the nature of work—namely, how knowledge

workers interact with and produce meaningful
information and knowledge.

Information Processing
Information science enables the processing of
information. This processing links people and
technology. Humans are organic ISs, constantly
acquiring, processing, and generating information or
knowledge in their professional and personal lives. This
high degree of knowledge, in fact, characterizes
humans as extremely intelligent organic machines. The
premise of this text revolves around this concept, and
the text is organized on the basis of the Foundation of
Knowledge model: knowledge acquisition, knowledge
processing, knowledge generation, and knowledge
dissemination.

Information is data that are processed using
knowledge. For information to be valuable or
meaningful, it must be accessible, accurate, timely,
complete, cost-effective, flexible, reliable, relevant,
simple, verifiable, and secure. Knowledge is the
awareness and understanding of an information set
and ways that information can be made useful to
support a specific task or arrive at a decision. As an
example, if an architect were going to design a
building, part of the knowledge necessary for
developing a new building is understanding how the
building will be used, what size of building is needed

compared to the available building space, and how
many people will have or need access to this building.
Therefore, the work of choosing or rejecting facts
based on their significance or relevance to a particular
task, such as designing a building, is also based on a
type of knowledge used in the process of converting
data into information. Information can then be
considered data made functional through the
application of knowledge. The knowledge used to
develop and glean knowledge from valuable
information is generative (having the ability to originate
and produce or generate) in nature. Knowledge must
also be viable. Knowledge viability refers to
applications that offer easily accessible, accurate, and
timely information obtained from a variety of resources
and methods and presented in a manner so as to
provide the necessary elements to generate
knowledge.

Information science and computational tools are
extremely important in enabling the processing of data,
information, and knowledge in health care. In this
environment, the hardware, software, networking,
algorithms, and human organic ISs work together to
create meaningful information and generate
knowledge. The links between information processing
and scientific discovery are paramount. However,
without the ability to generate practical results that can
be disseminated, the processing of data, information,
and knowledge is for naught. It is the ability of

machines (inorganic ISs) to support and facilitate the
functioning of people (human organic ISs) that refines,
enhances, and evolves nursing practice by generating
knowledge. This knowledge represents five rights: the
right information, accessible by the right people in the
right settings, applied the right way at the right time.

An important and ongoing process is the struggle to
integrate new knowledge and old knowledge so as to
enhance wisdom. Wisdom is the ability to act
appropriately; it assumes actions directed by one’s own
wisdom. Wisdom uses knowledge and experience to
heighten common sense, and uses insight to exercise
sound judgment in practical matters. It is developed
through knowledge, experience, insight, and reflection.
Wisdom is sometimes thought of as the highest form of
common sense, resulting from accumulated knowledge
or erudition (deep, thorough learning) or enlightenment
(education that results in understanding and the
dissemination of knowledge). It is the ability to apply
valuable and viable knowledge, experience,
understanding, and insight while being prudent and
sensible. Knowledge and wisdom are not synonymous,
because knowledge abounds with others’ thoughts and
information, whereas wisdom is focused on one’s own
mind and the synthesis of one’s own experience,
insight, understanding, and knowledge.

If clinicians are inundated with data without the ability
to process it, the situation results in too much data and

too little wisdom. Consequently, it is crucial that
clinicians have viable ISs at their fingertips to facilitate
the acquisition, sharing, and use of knowledge while
maturing wisdom; this process leads to empowerment.

Information Science and the
Foundation of Knowledge
Information science is a multidisciplinary science that
encompasses aspects of computer science, cognitive
science, social science, communication science, and
library science to deal with obtaining, gathering,
organizing, manipulating, managing, storing, retrieving,
recapturing, disposing of, distributing, and broadcasting
information. Information science studies everything that
deals with information and can be defined as the study
of ISs. This science originated as a subdiscipline of
computer science, as practitioners sought to
understand and rationalize the management of
technology within organizations. It has since matured
into a major field of management and is now an
important area of research in management studies.
Moreover, information science has expanded its scope
to examine the human–computer interaction,
interfacing, and interaction of people, ISs, and
corporations. It is taught at all major universities and
business schools worldwide.

Modern-day organizations have become intensely
aware of the fact that information and knowledge are
potent resources that must be cultivated and honed to
meet their needs. Thus information science or the
study of ISs—that is, the application and usage of
knowledge—focuses on why and how technology can
be put to best use to serve the information flow within
an organization.

Information science impacts information interfaces,
influencing how people interact with information and
subsequently develop and use knowledge. The
information a person acquires is added to his or her
knowledge base. Knowledge is the awareness and
understanding of an information set and ways that
information can be made useful to support a specific
task or arrive at a decision.

Healthcare organizations are affected by and rely on
the evolution of information science to enhance the
recording and processing of routine and intimate
information while facilitating human-to-human and
human-to-systems communications, delivery of
healthcare products, dissemination of information, and
enhancement of the organization’s business
transactions. Unfortunately, the benefits and
enhancements of information science technologies
have also brought to light new risks, such as glitches
and loss of information and hackers who can steal
identities and information. Solid leadership, guidance,

and vision are vital to the maintenance of cost-effective
business performance and cutting-edge, safe
information technologies for the organization. This field
studies all facets of the building and use of information.
The emergence of information science and its impact
on information have also influenced how people
acquire and use knowledge.

Information science has already had a tremendous
impact on society and will undoubtedly expand its
sphere of influence further as it continues to evolve and
innovate human activities at all levels. What visionaries
only dreamed of is now possible and part of reality. The
future has yet to fully unfold in this important arena.

Introduction to Information
Systems
Consider the following scenario: You have just been
hired by a large healthcare facility. You enter the
personnel office and are told that you must learn a new
language to work on the unit where you have been
assigned. This language is used just on this unit. If you
had been assigned to a different unit, you would have
to learn another language that is specific to that unit,
and so on. Because of the differences in various units’
languages, interdepartmental sharing and information
exchange (known as interoperability) are severely
hindered.

This scenario might seem far-fetched, but it is actually
how workers once operated in health care—in silos.
There was a system for the laboratory, one for finance,
one for clinical departments, and so on. As healthcare
organizations have come to appreciate the importance
of communication, tracking, and research, however,
they have developed integrated information systems
that can handle the needs of the entire organization.

Information and IT have become major resources for
all types of organizations, and health care is no
exception (see Box 2-1). Information technologies help
to shape a healthcare organization, in conjunction with
personnel, money, materials, and equipment. Many
healthcare facilities have hired chief information
officers (CIOs) or chief technical officers (CTOs),
also known as chief technology officers. The CIO is
involved with the IT infrastructure, and this role is
sometimes expanded to include the position of chief
knowledge officer. The CTO is focused on
organizationally based scientific and technical issues
and is responsible for technological research and
development as part of the organization’s products and
services. The CTO and CIO must be visionary leaders
for the organization, because so much of the business
of health care relies on solid infrastructures that
generate potent and timely information and knowledge.
The CTO and CIO are sometimes interchangeable
positions, but in some organizations the CTO reports to
the CIO. These positions will become critical roles as

companies continue to shift from being product
oriented to knowledge oriented, and as they begin
emphasizing the production process itself rather than
the product. In health care, ISs must be able to handle
the volume of data and information necessary to
generate the needed information and knowledge for
best practices, because the goal is to provide the
highest quality of patient care.

BOX 2-1 EXAMPLES OF INFORMATION

SYSTEMS

Information
System

How It Is Used

Clinical

Information

System

(CIS)

Comprehensive and integrative system that

manages the administrative, financial, and

clinical aspects of a clinical facility; a CIS

should help to link financial and clinical

outcomes. An example is the EHR.

Decision

Support

System

(DSS)

Organizes and analyzes information to help

decision makers formulate decisions when

they are unsure of their decision’s possible

outcomes. After gathering relevant and

useful information, develops “what if”

models to analyze the options or choices

and alternatives.

Executive

Support

System

Collects, organizes, analyzes, and

summarizes vital information to help

executives or senior management with

strategic decision making. Provides a quick

view of all strategic business activities.

Geographic

Information

System

(GIS)

Collects, manipulates, analyzes, and

generates information related to geographic

locations or the surface of the earth;

provides output in the form of virtual models,

maps, or lists.

Management

Information

Systems

(MIS)

Provides summaries of internal sources of

information, such as information from the

transaction processing system, and

develops a series of routine reports for

decision making.

Office

Systems

Facilitates communication and enhances

the productivity of users needing to process

data and information.

Transaction

Processing

System

(TPS)

Processes and records routine business

transactions, such as billing systems that

create and send invoices to customers, and

payroll systems that generate employees’

pay stubs and wage checks and calculate

tax payments.

Hospital

Information

System

(HIS)

Manages the administrative, financial, and

clinical aspects of a hospital enterprise. It

should help to link financial and clinical

outcomes.

Information Systems

ISs can be manually based, but for the purposes of this
text, the term refers to computer-based information
systems (CBISs). According to Jessup and Valacich
(2008), CBISs “are combinations of hardware, software
and telecommunications networks that people build
and use to collect, create, and distribute useful data,
typically in organizational settings” (p. 10). Along the
same lines, ISs are also defined as “a collection of
interconnected elements that gather, process, store
and distribute data and information while providing a
feedback structure to meet an objective” (Stair &
Reynolds, 2016, p. 4). ISs are designed for specific
purposes within organizations. They are only as
functional as the decision-making capabilities, problem-
solving skills, and programming potency built in and the
quality of the data and information input into them. The
capability of the IS to disseminate, provide feedback,
and adjust the data and information based on these
dynamic processes is what sets them apart. The IS
should be a user-friendly entity that provides the right
information at the right time and in the right place.

An IS acquires data or inputs; processes data through
the retrieval, analysis, or synthesis of those data;
disseminates or outputs information in the form of
reports, documents, summaries, alerts, prompts, or
outcomes; and provides for responses or feedback.
Input or data acquisition is the activity of collecting and
acquiring raw data. Input devices include combinations
of hardware, software, and telecommunications,

including keyboards, light pens, touch screens, mice or
other pointing devices, automatic scanners, and
machines that can read magnetic ink characters or
lettering. To watch a pay-per-view movie, for example,
the viewer must first input the chosen movie, verify the
purchase, and have a payment method approved by
the vendor. The IS must acquire this information before
the viewer can receive the movie.

Processing—the retrieval, analysis, or synthesis of
data—refers to the alteration and transformation of the
data into helpful or useful information and outputs. The
processing of data can range from storing it for future
use; to comparing the data, making calculations, or
applying formulas; to taking selective actions.
Processing devices consist of combinations of
hardware, software, and telecommunications and
include processing chips where the central processing
unit (CPU) and main memory are housed. Some of
these chips are quite ingenious. According to Schupak
(2005), the bunny chip could save the pharmaceutical
industry money while sparing “millions of furry
creatures, with a chip that mimics a living organism”
(para. 1). The HµREL Corporation has developed
environments or biologic ISs that reside on chips and
actually mimic the functioning of the human body.
Researchers can use these environments to test for
both the harmful and beneficial effects of drugs,
including those that are considered experimental and
that could be harmful if used in human and animal

testing. Such chips also allow researchers to monitor a
drug’s toxicity in the liver and other organs.

One patented HµREL microfluidic “biochip” comprises
an arrangement of separate but fluidically
interconnected “organ” or “tissue” compartments. Each
compartment contains a culture of living cells drawn
from, or engineered to mimic the primary functions of,
the respective organ or tissue of a living animal.
Microfluidic channels permit a culture medium that
serves as a “blood surrogate” to recirculate just as in a
living system, driven by a microfluidic pump. The
geometry and fluidics of the device are fashioned to
simulate the values of certain related physiologic
parameters found in the living creature. Drug
candidates or other substrates of interest are added to
the culture medium and allowed to recirculate through
the device. The effects of drug compounds and their
metabolites on the cells within each respective organ
compartment are then detected by measuring or
monitoring key physiologic events. The cell types used
may be derived from either standard cell culture lines
or primary tissues (HµREL Corporation, 2010, para.
2–3). As new technologies such as the HµREL chips
continue to evolve, more and more robust ISs that can
handle a variety of biological and clinical applications
will be seen.

Returning to the movie rental example, the IS must
verify the data entered by the viewer and then process

the request by following the steps necessary to provide
access to the movie that was ordered. This processing
must be instantaneous in today’s world, where
everyone wants everything now. After the data are
processed, they are stored. In this case, the rental
must also be processed so the vendor receives
payment for the movie, whether electronically, via a
credit card or checking account withdrawal, or by
generating a bill for payment.

Output or dissemination produces helpful or useful
information that can be in the form of reports,
documents, summaries, alerts, or outcomes. A report
is designed to inform and is generally tailored to the
context of a given situation or user or user group.
Reports may include charts, figures, tables, graphics,
pictures, hyperlinks, references, or other
documentation necessary to meet the needs of the
user. A documentrepresents information that can be
printed, saved, emailed, or otherwise shared, or
displayed. Summaries are condensed versions of the
original information designed to highlight the major
points. An alert is comprised of warnings, feedback, or
additional information necessary to assist the user in
interacting with the system. An outcome is the
expected result of input and processing. Output
devices are combinations of hardware, software, and
telecommunications and include sound and speech
synthesis outputs, printers, and monitors.

Continuing with the movie rental example, the IS must
be able to provide the consumer with the movie
ordered when it is wanted and somehow notify the
purchaser that he or she has, indeed, purchased the
movie and is granted access. The IS must also be able
to generate payment either electronically or by
generating a bill, while storing the transactional record
for future use.

Feedback or responses are reactions to the inputting,
processing, and outputs. In ISs, feedback refers to
information from the system that is used to make
modifications in the input, processing actions, or
outputs. In the movie rental example, what if the
consumer accidentally entered the same movie order
three times, but really wanted to order the movie only
once? The IS would determine that more than one
movie order is out of range for the same movie order at
the same time and provide feedback. Such feedback is
used to verify and correct the input. If undetected, the
viewer’s error would result in an erroneous bill and
decreased customer satisfaction while creating more
work for the vendor, which would have to engage in
additional transactions with the customer to resolve this
problem. The Nursing Informatics Practice
Applications: Care Delivery section of this text provides
detailed descriptions of clinical ISs that operate on
these same principles to support healthcare delivery.

Summary
Information systems deal with the development, use,
and management of an organization’s IT infrastructure.
An IS acquires data or inputs; processes data through
the retrieval, analysis, or synthesis of those data;
disseminates or outputs in the form of reports,
documents, summaries, alerts, or outcomes; and
provides for responses or feedback. Quality decision-
making and problem-solving skills are vital to the
development of effective, valuable ISs. Today’s
organizations now recognize that their most precious
asset is their information, as represented by their
employees, experience, competence or know-how, and
innovative or novel approaches, all of which are
dependent on a robust information network that
encompasses the information technology
infrastructure.

In an ideal world, all ISs would be fluid in their ability to
adapt to any and all users’ needs. They would be
Internet oriented and global, where resources are
available to everyone. Think of cloud computing—it is
just the beginning point from which ISs will expand and
grow in their ability to provide meaningful information to
their users. As technologies advance, so will the skills
and capabilities to comprehend and realize what ISs
can become. As wearable tracking technologies and
other health-related mobile applications expand, more
robust and timely health data will be generated, and

this data will need to be processed into meaningful
information. “Practitioners and medical researchers can
look forward to technologies that enable them to apply
data analysis to develop new insights into finding cures
for difficult diseases. Healthcare CIOs and other IT
leaders can expect to be called upon to manage all the
new data and devices that will be transforming
healthcare as we know it” (Schindler, 2015, para. 2).
Devices with sensors communicating with each other is
known as the Internet of Things (IoT) and the future
possibilities for health care are tremendous. “The IoT
raises the bar—enabling connection and
communication from anywhere to anywhere—and
allows analytics to replace the human decision-maker”
(Glasser, 2015, para. 3). Essentially, the sensor-
collected data are transmitted to another technology,
triggering an action or an alert that prompts feedback
for an action. For example, “imagine a miniaturized,
implanted device or skin patch that monitors a
diabetic’s blood sugar, movement, skin temperature
and more, and informs an insulin pump to adjust the
dosage” (para. 8).

It is important to continue to develop and refine
functional, robust, visionary ISs that meet the current
meaningful information needs while evolving systems
that are even better prepared to handle future
information and knowledge needs of the healthcare
industry.

THOUGHT-PROVOKING QUESTIONS

1. How do you acquire information? Choose
2 hours out of your busy day and try to
notice all of the information that you
receive from your environment. Keep
diaries indicating where the information
came from and how you knew it was
information and not data.

2. Reflect on an IS with which you are
familiar, such as the automatic banking
machine. How does this IS function?
What are the advantages of using this
system (i.e., why not use a bank teller
instead)? What are the disadvantages?
Are there enhancements that you would
add to this system?

3. In health care, think about a typical day of
practice and describe the setting. How
many times does the nurse interact with
ISs? What are the ISs that we interact
with, and how do we access them? Are
they at the bedside, handheld, or station
based? How do their location and ease of
access impact nursing care?

4. Briefly describe an organization and
discuss how our need for information and
knowledge impacts the configuration and
interaction of that organization with other
organizations. Also discuss how the need

for information and knowledge influences
the nature of work or how knowledge
workers interact with and produce
information and knowledge in this
organization.

5. If you could meet only four of the rights
discussed in this chapter, which one
would you omit and why? Also, provide
your rationale for each right you chose to
meet.

References
Cornell University. (2010). Information

science. Retrieved from
http://www.infosci.cornell.edu

Goldstein, D., Groen, P., Ponkshe, S., &
Wine, M. (2007). Medical informatics
20/20. Sudbury, MA: Jones and
Bartlett.

Glasser, J. (2015). How the Internet of
Things will affect health care. Hospitals
and Health Networks. Retrieved from
http://www.hhnmag.com/articles/3438-

how-the-internet-of-things-will-
affect-health-care

HµREL Corporation. (2010). Human-
relevant: HµREL. Technology
overview. Retrieved from
http://www.hurelcorp.com/overview.php

Jessup, L., & Valacich, J. (2008).
Information systems today (3rd ed.).
Upper Saddle River, NJ: Pearson
Prentice Hall.

Schindler, E. (2015). Healthcare IT: Hot
Trends for 2016, Part 1.
InformationWeek. Retrieved from
http://www.informationweek.com/healthcare/leadership/healthcare-
it-hot-trends-for-2016-part-1/d/d-
id/1323722

Schupak, A. (2005). Technology: The
bunny chip. Forbes. Retrieved from
http://www.forbes.com/forbes/2005/0815/053.html

Stair, R., & Reynolds, G. (2016).
Principles of information systems (12th

ed.). Boston, MA: Cengage Learning.

Web Dictionary of Cybernetics and
Systems. (2007). Technological
determinism. Retrieved from
http://pespmc1.vub.ac.be/ASC/TECHNO_DETER.html

CHAPTER 3: Computer
Science and the
Foundation of
Knowledge Model

Dee McGonigle, Kathleen Mastrian, and June Kaminski

Objectives
1. Describe the essential components of

computer systems, including both
hardware and software.

2. Recognize the rapid evolution of
computer systems and the benefit of
keeping up-to-date with current trends
and developments.

3. Analyze how computer systems function
as tools for managing information and
generating knowledge.

4. Define the concept of human–technology
interfaces.

5. Assess how computers can support
collaboration, networking, and
information exchange.

Key Terms
» Acquisition

» AMOLED (Active Matrix Organic Light-
Emitting Diode)

» Applications

» Arithmetic logic units

» Basic input/output system (BIOS)

» Binary system

» Bit

» Bus

» Byte

» Cache memory

» Central processing unit (CPU)

» Cloud computing

» Cloud storage

» Communication software

» Compact disc read-only memory (CD-
ROM)

» Compact disc-recordable (CD-R)

» Compact disc-rewritable (CD-RW)

» Compatibility

» Computer

» Computer science

» Conferencing software

» Creativity software

» Database

» Desktop

» Digital video disc (DVD)

» Digital video disc-recordable (DVD-R)

» Digital video disc-rewritable (DVD-RW)

» Dissemination

» Dots per inch (DPI) switch

» Double data rate synchronous dynamic
random-access memory (DDR SDRAM)

» Dynamic random access memory
(DRAM)

» Email

» Email client

» Electronically erasable programmable
read-only memory (EEPROM)

» Embedded device

» Exabyte (EB)

» Executes

» Extensibility

» FireWire

» Firmware

» Flash memory

» Gigabyte (GB)

» Gigahertz

» Graphical user interface

» Graphics card

» Haptic

» Hard disk

» Hard drive

» Hardware

» High-definition multimedia interface
(HDMI)

» Information

» Information Age

» Infrastructure as a service (IaaS)

» Instant message (IM)

» Integrated drive electronics (IDE)

» Internet browser

» IPS LCD (In-Plane Switching Liquid
Crystal Display)

» Keyboard

» Knowledge

» Laptop

» Main memory

» Mainframes

» Megabyte (MB)

» Megahertz

» Memory

» Microprocessor

» Microsoft Surface

» Millions of instructions per second
(MIPS)

» Mobile device

» Modem

» Monitor

» Motherboard

» Mouse

» MPEG-1 Audio Layer-3 (MP3)

» Networks

» Office suite

» Open source

» Operating system (OS)

» Parallel port

» Peripheral component interconnection
(PCI)

» Personal computer (PC)

» Petabytes (PB)

» Platform as a service (PaaS)

» Plug and play

» Port

» Portability

» Portable operating system interface for
UNIX (POSIX)

» Power supply

» Presentation

» Private cloud

» Processing

» Processor

» Productivity software

» Professional development

» Programmable read-only memory
(PROM)

» Public cloud

» Publishing

» Quantum bits (Qubits)

» Quantum computing

» QWERTY

» Random-access memory (RAM)

» Read-only memory (ROM)

» Security

» Serial port

» Small Computer System Interface
(SCSI)

» Software

» Software as a service (SaaS)

» Sound card

» Spreadsheet

» Supercomputers

» Synchronous dynamic random-access
memory (SDRAM)

» Technology

» Terabytes (TB)

» Throughput

» Touch pad

» Touch screen

» Universal serial bus (USB)

» USB flash drive

» User friendly

» User interface

» Video adapter card

» Virtual memory

» Wearable technology

» Wi-Fi

» Wisdom

» Word processing

» World Wide Web (WWW)

» Yottabyte (YB)

» Zettabyte (ZB)

Introduction
In this chapter, the discipline of computer science is
introduced through a focus on computers and the
hardware and software that make up these evolving
systems; computer science is one of the building
blocks of nursing informatics (refer to Figure 3-1).
Computer science offers extremely valuable tools
that, if used skillfully, can facilitate the acquisition and
manipulation of data and information by nurses, who
can then synthesize these into an evolving knowledge
and wisdom base. This process can facilitate
professional development and the ability to apply
evidence-based practice decisions within nursing care,
and if the results are disseminated and shared, can
also advance the professional knowledge base.

Figure 3-1 Building Blocks of Nursing Informatics

This chapter begins with a look at common computer
hardware, followed by a brief overview of operating,
productivity, creativity, and communication software. It
concludes with a glimpse at how computer systems
help to shape knowledge and collaboration and an
introduction to human–technology interface dynamics.

The Computer as a Tool for
Managing Information and

Generating Knowledge
Throughout history, various milestones have signaled
discoveries, inventions, or philosophic shifts that
spurred a surge in knowledge and understanding
within the human race. The advent of the computer is
one such milestone, which has sparked an intellectual
metamorphosis whose boundaries have yet to be fully
understood. Computer technology has ushered in
what has been called the Information Age, an age
when data, information, and knowledge are both
accessible and able to be manipulated by more people
than ever before in history. How can a mere machine
lead to such a revolutionary state of knowledge
potential? To begin to answer this question, it is best to
examine the basic structure and components of
computer systems.

Essentially, a computer is an electronic information-
processing machine that serves as a tool with which to
manipulate data and information. The easiest way to
begin to understand computers is to realize they are
input–output systems. These unique machines accept
data input via a variety of devices, process data
through logical and arithmetic rendering, store the data
in memory components, and output data and
information to the user.

Since the advent of the first electronic computer in the
mid-1940s, computers have evolved to become

essential tools in every walk of life, including the
profession of nursing. The complexity of computers has
increased dramatically over the years, and will continue
to do so. “Computing has changed the world more than
any other invention of the past hundred years, and has
come to pervade nearly all human endeavors. Yet, we
are just at the beginning of the computing revolution;
today’s computing offers just a glimpse of the potential
impact of computers” (Evans, 2010, p. 3). Major
computer manufacturers and researchers, such as
Intel, have identified the need to design computers to
mask this growing complexity. The sophistication of
computers is evolving at amazing speed, yet ease of
use or user-friendly aspects are also increasing
accordingly. This is achieved by honing hardware and
software capabilities until they work seamlessly
together to ensure user-friendly, intuitive tools for users
of all levels of expertise. Box 3-1 provides information
about haptic technology, computing surfaces, and
multi-touch interfaces, which are evolving technologies.

BOX 3-1 IMMERSION, MICROSOFT,

AND PQ LABS INTERFACES

Dee McGonigle

Do not get too attached to your mouse and
keyboard, because they will be outdated soon if
Immersion, Microsoft, and PQ Labs have their
way. From Immersion’s (2016) haptic

technology, the Microsoft Surface (Microsoft
Corporation, 2016), and PQ Labs (2016) multi-
touch capabilities, have you ever thought of
digital information you can touch and grab? The
sense of touch is a powerful sense that we use
daily. Haptic technology continues to advance
and “brings the sense of touch to digital content”
(Immersion, 2016, para. 4). Haptic technology
combined with a visual display can be used to
prepare users for tasks necessitating hand–eye
coordination, such as surgical procedures.
Microsoft and PQ Labs are leading us into and
evolving the next generation of computing,
known as surface or table computing. Surface or
table computing consists of a multi-touch,
multiuser interface that allows one to “grab”
digital information and then collaborate, share,
and store that information, without using a
mouse or keyboard—just the hands and fingers
and devices such as a digital camera or
smartphone. These interfaces can actually
sense objects, touch, and gestures from many
users.

We can enter a restaurant and interact with the
menu through the surface of the table where you
sit to eat. Once you have completed your order,
you can begin computing by using the
capabilities built into the surface or using your
own device, such as a smartphone. You can set

a smartphone on the table’s surface and
download images, graphics, and text to the
surface. You can even communicate with others
using full audio and video while waiting for your
order. When you have finished eating, you
simply set your credit card on the surface and it
is automatically charged; you pick up your credit
card and leave. This is a different kind of eating
experience—but one that will become
commonplace for the next generation of users.
You can routinely experience this in Las Vegas,
as well as in selected casinos, banks,
restaurants, and hotels throughout the world.

You should seek to explore this new interface,
which will forever change how we interact and
compute. Think of the ramifications for health
care especially as it relates to the haptic
experience and wearables. Explore the
Immersion reference provided for you.

REFERENCES

Immersion. (2016). Touch. Feel.
Engage. Retrieved from
http://www.immersion.com/wearables

Microsoft Corporation. (2016).
Designed on Surface: A global
art project. Retrieved from

https://www.microsoft.com/surface/en-
us/art

PQ Labs. (2016). Introducing G5: 4K
Touch Fidelity. Retrieved from
http://multitouch.com/product.html

As our capabilities evolve, so does the complexity of
computer operations. The goal for vendors that provide
computer systems and software is to decrease the
learning curve for the user while enhancing the user’s
capacity to manipulate the system to meet their
computing needs. Therefore, the complexity of the
operation is concealed by the ease of use.

One example of this type of complexity masked in
simplicity is the evolution of “plug and play” computer
add-ons, where a peripheral, such as an iPod or game
console, can be simply plugged into a serial or other
port and instantly used.

Computers are universal machines, because they are
general-purpose, symbol-manipulating devices that can
perform any task represented in specific programs. For
instance, they can be used to draw an image, calculate
statistics, write an essay, or record nursing care data.

In a nutshell, computers can be used for data and
information storage, retrieval, analysis, generation, and
transformation.

Most computers are based on scientist John Von
Neumann’s model of a processor–memory–input–
output architecture. In this model, the logic unit and
control unit are parts of the processor, the memory is
the storage region, and the input and output segments
are provided by the various computer devices, such as
the keyboard, mouse, monitor, and printer. Recent
developments have provided alternative configurations
to the Von Neumann model—for example, the parallel
computing model, where multiple processors are set up
to work together. Nevertheless, today’s computer
systems share the same basic configurations and
components inherent in the earliest computers.

Components

Hardware
Computer hardware refers to the actual physical body
of the computer and its components. Several key
components in the average computer work together to
shape a complex yet highly usable machine that serves
as a tool for knowledge management, communication,
and creativity.

Protection: The Casing

The most noticeable component of any computer is the
outer case. Desktop personal computers have either a
desktop case, which lies horizontally (flat) on a desk,
often with the computer monitor positioned on top of it;
or a tower case, which stands vertically, and usually
sits beside the monitor or on a lower shelf or the floor.
Most cases come equipped with a case fan, which is
extremely critical for keeping the computer components
cool when in use. Laptop and surface computers
combine the components into a flat rectangular casing
that is attached to the hinged or foldable monitor.
Smartphones also have a protective outer plastic or
metal case with a display screen.

Central Processing Unit (CPU)/Processor

The central processing unit (CPU) is an older term
for the processor and microprocessor. Sometimes
conceptualized as the “brain” of the computer, the
processor is the computer component that actually
executes, calculates, and processes the binary
computer code (which consists of various
configurations of 0s and 1s), instigated by the
operating system (OS) and other applications on the
computer. The processor and microprocessor serve as
the command center that directs the actions of all other
computer components, and they manage both
incoming and outgoing data that are processed across
components. Some of the best processors include the

AMD FX-9590, AMD FX-8320, AMD FX-6300, Intel
Core i7-5820K, Intel Core i7- 4930K, Intel Core i7-
5960X, Intel Core i5-6600K, and Intel Xeon processor
(Futuremark, 2016).

The processor contains specific mechanical units,
including registers, arithmetic logic units, a floating
point unit, control circuitry, and cache memory.
Together, these inner components form the computer’s
central processor. Registers consist of data-storing
circuits whose contents are processed by the adjacent
arithmetic and logic units or the floating point unit.
Cache memory is extremely quick memory that holds
whatever data and code are being used at any one
time. The processor uses the cache to store in-process
data so that it can be quickly retrieved as needed. The
processor is protected by a heat sink, a copper or
aluminum metal block that cools the processor (often
with the help of a fan) to prevent overheating (refer to
Figure 3-2).

Figure 3-2 Computer Components

Keyboard © Undrey/Shutterstock; mouse © Pressmaster/Shutterstock;

microphone © VectorShow/Shutterstock; touch pad ©

donfiore/Shutterstock; pen drawing a diagram © Syda

Productions/Shutterstock; USB drive © DecemberDah/Shutterstock; CPU

© Péter Gudella/Dreamstime.com; RAM © NorGal/Shutterstock; hard

drive © mike mols/Shutterstock; monitor © Leone_V/Shutterstock; printer

© Billion Photos/Shutterstock; speakers © Krailurk Warasup/Shutterstock;

TV © JTal/Shutterstock; flash drive © Ksander/Shutterstock

In the past, the speed and power of a processor were
measured in units of megahertz and was written as a

value in MHz (e.g., 400 MHz, meaning the
microprocessor ran at 400 MHz, executing 400 million
cycles per second). Today, it is more common to see
the speed measured in gigahertz (1 GHz is equal to
1,000 MHz); thus a processor that operates at 4 GHz is
1,000 times faster than an older one that operated at 4
MHz. The more cycles a processor can complete per
second, the faster computer programs can run.
However, according to Anderson (2016),

Intel has said that new technologies in
chip manufacturing will favour better
energy consumption over faster
execution times—effectively calling an
end to “Moore’s Law,” which successfully
predicted the doubling of density in
integrated circuits, and therefore speed,
every two years. (para. 1)

For example, the Intel Xeon processor E5-2699 v4 has
a speed of 2.20 Ghz with 55 MB cache (Intel
Corporation, 2016), making it more efficient at a lower
speed.

In recent years, processor manufacturers, such as
Intel, have moved to multicore microprocessors, which
are chips that combine two or more processors. In fact,
multiple microprocessors have become a standard in
both personal and professional-level computers.

Minicomputers were replaced by servers using
microprocessors and multiprocessors have replaced
most mainframes.

As mobile devices and embedded devices are being
integrated into our daily routines, mainframes can
create secure transactions with the analytics necessary
for organizations to improve their business processes.
IBM has found its niche and continues to build
mainframes. According to Alba (2015),

The concept of a “mobile transaction” is a
bit of marketing-speak. Tons of
transactions take place via mobile
devices, and the mainframe is good at
transaction processing. Put them
together, and voilà: a computer the size
of a backyard shed becomes a mobile
product. (para. 6)

Powerful supercomputers are also using collections
of microprocessors.

Motherboard

The motherboard has been called the “central
nervous system” of the computer because it facilitates
communication among all of the different computer
components. This makes it a key foundational
component because all other components are

connected to it in some way (either directly via local
sockets, attached directly to it, or connected via
cables). This includes universal serial bus (USB)
controllers, Ethernet network controllers, integrated
graphics controllers, and so forth. The essential
structures of the motherboard include the major
chipset, Super Input/Output chip, basic input/output
system read-only memory, bus communications
pathways, and a variety of sockets that allow
components to plug into the board. The chipset (often a
pair of chips) determines the computer’s CPU type and
memory. It also houses the north bridge and south
bridge controllers that allow the buses to transfer data
from one to another.

Power Supply

The power supply is a critical component of any
computer, because it provides the essential electrical
energy needed to allow a computer to operate. The
power supply unit converts the 120-volt AC main power
(provided via the power cable from the wall socket into
which the computer is plugged) into low-voltage DC
power. Computers depend on a reliable, steady supply
of DC power to function properly. The more devices
and programs used on a computer, the larger the
power supply should be to avoid damage and
malfunctioning. Power supplies normally range from
160 to 700 watts, with an average of 300 to 400 watts.
Most contemporary power supply units come equipped

with at least one fan to cool the unit under heavy use.
The power supply is controlled by pressing the on and
off switch, as well as the reset switch (which restarts
the system) of a computer.

Laptop and other portable computing machines, such
as electronic readers and tablet computers, are
equipped with a both rechargeable battery power
supply and the standard plug-in variety.

Hard Disk

This component is so named because of the rigid hard
disks that reside in it, which are mounted to a spindle
that is spun by a motor when in use. Drive heads (most
computers have two or more heads) produce a
magnetic field through their transducers that
magnetizes the disk surface as a voltage is applied to
the disk. The hard disk acts as a permanent data
storage area that holds gigabytes (GB) or even
terabytes (TB) worth of data, information, documents,
and programs saved on the computer, even when the
computer is shut off. Disk drives are not infallible,
however, so backing up important data is imperative.

The computer writes binary data to the hard drive by
magnetizing small areas of its surface. Each drive head
is connected to an actuator that moves along the disk
to hover over any point on the disk surface as it spins.
The parts of the hard disk are encased in a sealed unit.

The hard drive is managed by a disk controller, which
is a circuit board that controls the motor and actuator
arm assembly. The hard drive produces the voltage
waveform that contacts the heads to write and read
data, and handles communications with the
motherboard. It is usually located within the computer’s
hard outer casing. Some people also attach a second
hard drive externally, to increase available memory or
to back up data.

Main Memory or Random-Access Memory

Random-access memory (RAM) is considered to be
volatile memory because it is a temporary storage
system that allows the processor to access program
codes and data while working on a task. The contents
of RAM are lost once the system is rebooted, is shut
off, or loses power.

The memory is actually situated on small chip boards,
which sport rows of pins along the bottom edge and
are plugged into the motherboard of the computer.
These memory chips contain complex arrays of tiny
memory circuits that can be either set by the processor
during write operations (puts them into storage) or read
during data retrieval. The circuits store the data in
binary form as either a low (on) voltage stage,
expressed as a 0, or a high (off) voltage stage,
expressed as a 1. All of the work being done on a
computer resides in RAM until it is saved onto the hard

drive or other storage drive. Computers generally come
with 2 GB of RAM or more, and some offer more RAM
via graphics cards and other expansion cards.

A certain portion of the RAM, called the main memory,
serves the hard disk and facilitates interactions
between the hard disk and central processor. Main
memory is provided by dynamic random access
memory (DRAM) and is attached to the processor
using specific addresses and data buses.

Synchronous dynamic random-access memory
(SDRAM) (also known as static dynamic RAM)
protects its data bits. The newer chip is double data
rate synchronous dynamic random-access memory
(DDR SDRAM) that allows for greater bandwidth and
twice the transfers per the computer’s internal clock’s
unit of time.

Read-Only Memory

Read-only memory (ROM) is essential permanent or
semipermanent nonvolatile memory that stores saved
data and is critical in the working of the computer’s OS
and other activities. ROM is stored primarily in the
motherboard, but it may also be available through the
graphics card, other expansion cards, and peripherals.
In recent years, rewritable ROM chips that may include
other forms of ROM, such as programmable read-
only memory (PROM), erasable ROM, electronically

erasable programmable read-only memory
(EEPROM), and flash memory (a variation of
electronically erasable programmable ROM), have
become available.

Basic Input/Output System

The basic input/output system (BIOS) is a specific
type of ROM used by the computer when it first boots
up to establish basic communication between the
processor, motherboard, and other components. Often
called boot firmware, it controls the computer from the
time the machine is switched on until the primary OS
(e.g., Windows, Mac OS X, or Linux) takes over. The
firmware initializes the hardware and boots (loads and
executes) the primary OS.

Virtual Memory

Virtual memory is a special type of memory that is
stored on the hard disk to provide temporary data
storage so data can be swapped in and out of the RAM
as needed. This capability is particularly handy when
working with large data-intensive programs, such as
games and multimedia.

Integrated Drive Electronics Controller

The integrated drive electronics (IDE) controller
component is the primary interface for the hard drive,
compact disk read-only memory (CD-ROM), digital

video disk (DVD) drive, and the floppy disk drive
(found largely on pre-2010 computers).

Peripheral Component Interconnection Bus

This component is important for connecting additional
plug-in components to the computer. It uses a series of
slots on the motherboard to allow peripheral
component interconnection (PCI) card plug-in.

Small Computer System Interface

The Small Computer System Interface (SCSI)
component provides the means to attach additional
devices, such as scanners and extra hard drives, to the
computer.

DVD/CD Drive

The CD-ROM drive reads and records data to portable
CDs, using a laser diode to emit an infrared light beam
that reflects onto a track on the CD using a mirror
positioned by a motor. The light reflected on the disk is
directed by a system of lenses to a photodetector that
converts the light pulses into an electrical signal; this
signal is then decoded by the drive electronics to the
motherboard. There are compact disk-recordable
(CD-R) and compact disk-rewritable (CD-RW),
digital video disk-recordable (DVD-R), and digital
video disk-rewritable (DVD-RW) drives. A DVD drive
can do everything a CD drive can do, plus it can play

the content of disks and, if it is a recordable unit, can
record data on blank DVDs.

Flash or USB Flash Drive

This portable memory device uses electronically
erasable programmable ROM to provide fast
permanent memory. The USB flash drive is typically a
removable and rewritable device that includes flash
memory and an integrated USB interface. They are
easily portable due to their small size and are durable
and dependable, and obtain their power from the
device they are connected to via the USB port.

Modem

A modem is a component that can be situated either
externally (external modem) or internally (internal
modem) relative to the computer and enables Internet
connectivity via a cable connection through network
adapters situated within the computer apparatus.

Connection Ports

All computers have connection ports made to fit
different types of plug-in devices. These ports include a
monitor cable port, keyboard and mouse ports, a
network cable port, microphone/speaker/auxiliary input
ports, USB ports, and printer ports (SCSI or parallel).
These ports allow data to move to and from the

computer via peripheral or storage devices. Specific
ports include the following:

Parallel port: Connects to a printer
Serial port: Connects to an external modem
USB: Connects to a myriad of plug-in devices, such
as portable flash drives, digital cameras, MPEG-1
Audio Layer-3 (MP3) players, graphics tablets, and
light pens, using a plug-and-play connection (the
ability to add devices automatically). The
development of the USB Type-C–to–high
definition multimedia interface (HDMI) adapter
(Sexton, 2016) has expanded connectivity and
transfer. HDMI is replacing analog video standards
as an audio/video interface that can transfer
compressed and uncompressed video and digital
audio data from any device that is HDMI-compliant
to compatible monitors, televisions, video
projectors, and audio devices.
FireWire (IEEE 1394): Often used to connect
digital-video devices to the computer
Ethernet: Connects networking apparatus, such as
Internet and modem cables

Graphics Card

Most computers come equipped with a graphics
accelerator card slotted in the microprocessor of a
computer to process image data and output those data
to the monitor. These in situ graphic cards provide

satisfactory graphics quality for two-dimensional art
and general text and numerical data. However, if a user
intends to create or view three-dimensional images or
is an active game user, one or more graphics
enhancement cards are often installed.

Video Adapter Cards

Video adapter cards provide video memory, a video
processor, and a digital-to-analog converter that works
with the processor to output higher quality video
images to the monitor.

Sound Card

The sound card converts digital data into an analog
signal that is then output to the computer’s speakers or
headphones. The reverse is also accomplished by
inputting a signal from a microphone or other audio
recording equipment, which then converts the analog
signal to a digital signal.

Bit

A bit is the smallest possible chunk of data memory
used in computer processing and is depicted as either
a 1 or a 0. Bits make up the binary system of the
computer.

Byte

A byte is a chunk of memory that consists of 8 bits; it is
considered to be the best way to indicate computer
memory or storage capacity. In modern computers,
bytes are described in units of megabytes (MB);
gigabytes (GB), where 1 GB equals 1,000 MB; or
terabytes (TB), where 1 TB equals 1 trillion bytes or
1,000 GB. Box 3-2 discusses storage capacities.

BOX 3-2 STORAGE CAPACITIES

Dee McGonigle and Kathleen Mastrian

Storage and memory capacities are evolving. In
the past few decades, there have been great
leaps in data storage. It all begins with the bit,
the basic unit of data storage, composed of 0s
and 1s, also known as binary digits. A byte is
generally considered to be equal to 8 bits. The
files on a computer are stored as binary files.
The software that is used translates these binary
files into words, numbers, pictures, images, or
video. Using this binary code in the binary
numbering system, measurement is counted by
factors of 2, such as 1, 2, 4, 8, 16, 32, 64, and
128. These multiples of the binary system in
computer usage are also prefixed based on the
metric system. Therefore, a kilobyte (KB) is
actually 2 to the 10th power (210) or 1,024
bytes, but is typically considered to be 1,000
bytes. This is why one sees 1,024 or multiples of

that number instead of an even 1,000 mentioned
at times in relation to kilobytes.

In the early 1980s, kilobytes were the norm as
far as computer capacity went, and 128 KB
machines were launched for personal use.
Subsequent decades, however, have seen
advanced computing power and storage
capacity. As capabilities soared, so did the
ability to save and store what was used and
created. Megabytes (MB) emerged as a
common unit of measure; 1 megabyte is
1,048,576 bytes but is considered to be roughly
equivalent to 1 million bytes. The next leap in
computer capacity was one that some people
could not even imagine: gigabytes (GB). A
gigabyte is 1,073,741,824 bytes but is generally
rounded to 1 billion bytes. Some computing
experts are very concerned that valuable bytes
are lost when these measurements are rounded,
whereas hard drive manufacturers use the
decimal system so their capacity is expressed
as an even 1 billion bytes per gigabyte.

Computer capacity has moved into and beyond
the range of terabytes, with capacities moving
into the range of petabytes (PB), exabytes
(EB), zettabytes (ZB), and yottabytes (YB).
These terms for storage capacity are defined as
follows:

1 TB = 1,000 GB

1 PB = 1,000,000 GB

1 EB = 1,000 PB

1 ZB = 1,000 EB

1 YB = 1,000 ZB

To put all of this in perspective, Lyman and
Varian describe the data powers of 10:

2 KB: A typewritten page

2 MB: A high-resolution photograph

10 MB: A minute of high-fidelity sound or a
digital chest X-ray

50 MB: A digital mammogram

1 GB: A symphony in high-fidelity sound or a
movie at TV quality

1 TB: All the X-ray films in a large,
technologically advanced hospital

2 PB: The contents of all U.S. academic
research libraries

5 EB: All words ever spoken by human
beings

We have not even addressed ZB and YB. Stay
tuned . . .

REFERENCE

Lyman, P., & Varian, H. R. (2003).
How much information?
Retrieved from
http://groups.ischool.berkeley.edu/archive/how-
much-info-2003/

Software
Software comprises the application programs
developed to facilitate various user functions, such as
writing, artwork, organizing meetings, surfing the
Internet, communicating with others, and so forth. For
the purposes of this overview, the various types of
software have been divided into four categories: (1) OS
software, (2) productivity software, (3) creativity
software, and (4) communication software.

User friendliness is a critical condition for effective
software adoption. The easier and more intuitive a
software package seems to be to a user influences that
user’s perception of how clear the package is to
understand and to use. The rapid evolution of
hardware mentioned previously has been equally
matched by the phenomenal development in software
over the past three or four decades.

Commercial Software

Several large commercial software companies, such as
Apple, Microsoft, IBM, and Adobe, dominate the
market for software, and have done so since the
advent of the personal computer (PC). Licensed
software has evolved over time; hence, most products
have a long version history. Many software packages,
such as office suites, are expensive to purchase; in
turn, there is a “digital divide” as far as access and
affordability go across societal spheres, especially
when viewed from a global perspective.

Open Source Software

The open source initiative began in the late 1990s and
has become a powerful movement that is changing the
software production and consumer market. In addition
to commercially available software, a growing number
of open source software packages are being
developed in all four of the categories addressed in this
chapter. The open source movement was begun by
developers who wished to offer their creations to others
for the good of the community and encouraged them to
do the same. Users who modify or contribute to the
evolution of open source software are obligated to
share their new code, but essentially the software is
free to all. Apache OpenOffice, Google Docs, and
NeoOffice are examples of open source productivity
software (refer to Figure 3-3).

OS Software

The OS is the most important software on any
computer. It is the very first program to load on
computer start-up and is fundamental for the operation
of all other software and the computer hardware.
Examples of commonly used OSs include the Microsoft
Windows family, Linux, and Mac OS X. The OS
manages both the hardware and the software and
provides a reliable, consistent interface for the software
applications to work with the computer’s hardware. An
OS must be both powerful and flexible to adapt to the
myriad of types of software available, which are made
by a variety of development companies. New versions
of the major OSs are equipped to deal with multiple
users and handle multitasking with ease. For example,
a user can work on a word processing document while
listening for an “email received” signal, have an
Internet browser window open to look for references
on the Internet as needed, listen to music in the CD
drive, and download a file—all at the same time.

OS tasks can be described in terms of six basic
processes:

Memory management
Device management
Processor management
Storage management
Application interface

User interface (usually a graphical user interface
[GUI])

A GUI (pronounced “gooey”) is used by OSs to display
a combination of graphics and text such as icons, drop-
down menus, and buttons; it allows you to use input
and output devices as well as icons that represent files,
programs, actions, and processes.

OSs should be convenient to use, easy to learn,
reliable, safe, and fast. They should also be easy to
design, implement, and maintain and should be
flexible, reliable, error free, and efficient. For example,
Silbershatz, Baer Galvin, and Gagne (2013) described
how “Microsoft’s design goals for Windows included
security, reliability, Windows and POSIX application
compatibility, high performance, extensibility, portability,
and international support” (p. 831). The following goals
were established by Microsoft:

Figure 3-3 Open Source Software

Portability: The OS can be moved from one
hardware architecture to another with few changes
needed.
Security: The OS incorporates hardware protection
for virtual memory and software protection
mechanisms for OS resources, including encryption
and digital signature capabilities.
Portable operating system interface for Unix
(POSIX) compliance: Applicationsdesigned to follow
the POSIX (IEEE 1003.1) standard can be compiled
to run on Windows without changing the source

code. Windows OSs have varying levels of
compatibility with the applications that ran on earlier
versions of Windows OSs.
Multiprocessor support: The OS is designed for
symmetrical multiprocessing.
Extensibility: This capability is provided by using a
layered architecture with a protected executive
layer for basic system services, several server
subsystems that operate in user mode, and a
modular structure that allows additional
environmental subsystems to be added without
affecting the executive layer.
International support: The Windows OS supports
different locales via the national language support
application programming interface (API).
Compatibility with MS-DOS and MS-Windows
applications.

Productivity Software

Productivity software, such as an office suite, is the
type of software most commonly used both in the
workplace and on personal computers. Several
software companies produce this type of multiple-
program software, which usually bundles together
word processing, spreadsheet, database,
presentation, Web development, and email programs.

The intent of office suites is generally to provide all of
the basic programs that office or knowledge workers

need to do their work. The bundled programs within the
suite are organized to be compatible with one another,
are designed to look similar to one another for ease of
use, and provide a powerful array of tools for data
manipulation, information gathering, and knowledge
generation. Some office suites add other programs,
such as database creation software, mathematical
editors, drawing, and desktop publishing programs.
Table 3-1 summarizes the application of programs
included in some of the popular office suites: Microsoft
Office, Apache OpenOffice, NeoOffice, Corel
WordPerfect Suite, and Apple iWork.

Table 3-1 Office Suite Software Features and
Examples

Office Suite Software

Program Application Examples

Word

processing

Composition, editing,

formatting, and

producing text

documents

Microsoft Word, Open

Office Writer, KOffice

KWord, Corel Word

Perfect or Corel Write,

Apple Pages

Spreadsheets Grid-based documents in

ledger format; organizes

numbers and text;

calculates statistical

formulae

Microsoft Excel, Open

Office Calc, KOffice

KSpread, Corel Quattro

Pro, Apple Numbers

Presentations Slideshow software,

usually used for business

or classroom

presentations using text,

images, graphs, media

Microsoft Power

Point, Open Office

Impress, KOffice

KPresenter, Corel

Show, Apple Keynote

Databases Database creation for

text and numbers

Microsoft Access (in

elite packages), Open

Office Base, KOffice

Kexi, Corel Calculate,

Corel Paradox

Email Integrated email program

to send and receive

electronic mail

Microsoft Outlook,

Corel Word

Perfect Mail, Mozilla

Thunderbird

Drawing Graphics and diagram

drawing

Open Office Draw,

Corel Presentation

Graphics, KOffice Kivio,

Karbon, Krita

Math

formulas

Inserts math equations in

word processing and

presentation work

Open Office Math,

KOffice KFormula

Desktop

publishing

Page layouts and

publication-ready

documents

Microsoft Publisher (in

elite packages), Apple

Pages

Creative Software

Creative software includes programs that allow users
to draw, paint, render, record music and sound, and
incorporate digital video and other multimedia in

professional aesthetic ways to share and convey
information and knowledge (Table 3-2).

Table 3-2 Creative Software Features and Examples

Creative Software

Program and Application Software Examples

Raster graphics programs

Draw, paint, render, manipulate, and

edit images, fonts, and photographs to

create pixel-based (dot points) digital

art and graphics.

Adobe Photoshop and

Fireworks, Ulead Photo

Impact, Corel Draw, Painter,

and Paint Shop Pro, GIMP

(open source), KOffice Krita

(open source)

Vector graphics programs

Mathematically rendered, geometric

modeling is applied through shapes,

curves, lines, and points and

manipulated for shape, color, and

size. Ideal for printing and three-

dimensional (3D) modeling.

Adobe Flash, Freehand,

and Illustrator; Corel

Draw and Designer, Open

Office Draw (open source),

Mirosoft Visio, Xara Xtreme,

KOffice Karbon14 (open

source)

Desktop publishing programs

Page layout and publishing

preparation for printed and Web

documents, such as magazines,

journals, books, newsletters, and

brochures.

Adobe InDesign, Corel

Page

Maker, Microsoft Publisher,

Scribus (open source),

QuarkXPress, Apple Pages

(note that many of the

graphics programs can also

be used for DTP)

Web design programs

Create, edit, and update webpages

using specific codes, such as XML,

CSS, HTML, and Java.

Adobe Dreamweaver,

Coffee Cup, Microsoft

FrontPage, Nvu (open

source), W3C’s Amaya

(open source)

Multimedia programs

Combines text, audio, images,

animation, and video into interactive

content for electronic presentation.

Adobe Flash, Microsoft

Movie Maker, Apple Quick

Time and FinalCut Studio,

Corel VideoStudio, Ulead

VideoStudio, Real Studio,

CamStudio (open source),

Audacity (open source)

Communication Software

Networking and communication software enable
users to dialogue, share, and network with other users
via the exchange of email or instant message (IM), by
accessing the World Wide Web, or by engaging in
virtual meetings using conferencing software (Table
3-3)

Table 3-3 Communication Software Features and
Examples

Communication Software

Email client

Allows user to read, edit, forward,

and send email messages to other

users via an Internet connection.

The software can be resident on the

computer or accessed via the World

Wide Web.

Resident programsMicrosoft

Outlook and Outlook Express,

Eudora, Pegasus, Mozilla

Thunderbird, Lotus

NotesWeb-based

programsGmail, Yahoo Mail,

Hotmail

Internet browsers

Enables user to access, browse,

download, upload, and interact with

text, audio, video, and other Web-

based documents.

Mozilla Firefox, Microsoft

Internet Explorer, Google

Chrome, Apple Safari, Opera,

Microbrowser (for mobile

access)

Instant messaging (IM)

Real-time text messaging between

users, can attach images, videos,

and other documents via personal

computer, cell phone, handheld

devices.

MSN Instant Messenger,

Microsoft Live Messenger,

Yahoo Messenger, Apple

iChat

Conferencing

Enables user to communicate in a

virtual meeting room setting to share

work, discussions, planning, using

an intranet or Internet environment;

can exhibit files, video, and

screenshots of content.

Adobe Acrobat Connect,

Microsoft Live Meeting or

Meeting Space,

GoToMeeting, Meeting

Bridge, Free Conference,

RainDance, WebEx

Acquisition of Data and Information:
Input Components
Input devices include the keyboard; mouse; joysticks
(typically used for playing computer games); game
controllers or pads; Web cameras (webcams); stylus
(often used with tablets or personal digital assistants);
image scanners for copying a digital image of a
document or picture; touch pads; or other plug-and-
play input devices, such as digital cameras, digital
video recorders (camcorders), MP3 players, electronic
musical instruments, and physiologic monitors. These
devices are the origin or medium used to input text,
visual, audio, or multimedia data into the computer
system for viewing, listening, manipulating, creating, or
editing. The primary input devices on a computer are
the keyboard, mouse, touch pad, and touch screen.

Keyboard

A computer keyboard is very similar to the typewriter
keyboards of earlier days and usually serve as the
prime input device that enables the user to type words,
numbers, and commands into the computer’s
programs. Standard computer keyboards have 110
keys and are organized to facilitate Latin-based
languages using a QWERTY layout (so named
because these letters appear on the first six keys in the
first row of letters).

Certain keys are used as command keys, particularly
the control (CTRL), alternate (Alt), delete (Del), and
shift keys, which can all be used to activate useful
commands. The escape (ESC) key allows the user
instantly to exit a process or program. The F keys,
numbered F1 through F12, are function keys. They are
used in different ways by particular programs. If a
program instructs users to press the “F8” key, they
would do so by pressing F8. The print screen (PrtSc)
key sends a graphical picture or screen shot of a
computer screen to the clipboard. This copied screen
shot can then be pasted in any graphic program that
can work with bitmap files.

Some keyboards have a wire and plug in, while others
are wireless or cordless. Touch screen or virtual
keyboards are those being incorporated into the touch
screens of phones, gaming machines, and tablets, and
they are also available through ease-of-access tools on
laptops.

Mouse

The mouse is the second-most-commonly used input
device. It is manipulated by the user’s hand to point,
click, and move objects around on the computer
screen. A mouse can come in a number of different
configurations, including a standard mechanical
trackball serial mouse, bus mouse, PS/2 mouse, USB-
connected mouse, optical lens mouse, cordless

mouse, and optomechanical mouse. Even though “the
mouse may be a simple device in concept,” it has
evolved and increased in complexity and capability
over time (Bagaza & Westover, 2016, para. 2). For
example, “[g]aming mice take the basic mouse concept
and amplify every element to extremes” (Bagaza &
Westover, para. 4). Some manufacturers offer
specialized features, but there is a common
“combination of high-performance parts—laser
sensors, light-click buttons, and gold-plated USB
connectors—and customization, like adjustable weight,
programmable macro commands, and on-the-fly DPI
switching. For non-gamers, these features are overkill;
for dedicated gamers, they provide a competitive edge”
(Bagaza & Westover, para. 4). The dots per inch
(DPI) switch is an actual switch on a computer mouse
that allows you to adjust the mouse’s sensitivity to
movement, as in faster or slower mouse pointer
speeds. Having the ability to do this on the fly or as
needed without pausing could enhance the computing
or gaming experience.

Touch Pad

The touch pad is a device that senses the pressure of
the user’s finger along with the movement of the finger
on the touch pad to control input positioning. It is an
alternative to using a mouse.

Touch Screen

The touch screen is a display used as an input device
for interacting with or relating to the display’s materials
or content. The user can touch or press on the
designated display area to respond, execute, or
request information or output.

Processing of Data and Information:
Throughput/Processing Components
All of the hardware discussed earlier in this chapter is
involved in the throughput or processing of input
data and in the preparation of output data and
information. Specific software is used, depending on
the application and data involved. One key hardware
component, the computer monitor, is a unique example
of a visible throughput component—it is the part of the
computer that users focus on the most when they are
working on a computer. Input data can be visualized
and accessed by manipulating the mouse and
keyboard input devices, but it is the monitor that
receives the user’s attention. The monitor is critical for
the efficient rendering during this part of the cycle,
because it facilitates user access and control of the
data and information.

Monitor

The monitor is the visual display that serves as the
landscape for all interactions between user and
machine. It typically resembles a television screen, and

comes in various sizes (usually ranging from 15 to 21
inches) and configurations. Monitors either are based
on cathode ray tubes (the conventional monitor with a
large section behind the screen) or are thinner, flat-
screen liquid crystal display devices. Some computer
monitors also have a touch screen that can serve as an
input device when the user touches specific areas of
the screen.

Monitors vary in their refresh rate (usually measured in
megahertz) and dot pitch. Both of these characteristics
are important for user comfort. The faster the refresh
rate, the cleaner and clearer the image on the screen,
because the monitor refreshes the screen contents
more frequently. For example, a monitor with a 100
MHz refresh rate refreshes the screen contents 100
times per second. Similarly, the larger the dot pitch
factor, the smaller the dots that make up the screen
image, which provides a more detailed display on the
monitor and also facilitates clarity and ease of viewing.

If equipped with a touch screen, a monitor can also
serve as an input device when activated by a stylus or
finger pressure. Some users might also consider the
monitor to be an output device, because access to
input and stored documents is often performed via the
screen (e.g., reading a document that is stored on the
computer or viewable from the Internet). As we
advance to more engaged computing, larger screens

and ultra-wide monitors are evolving to provide
immersive experiences.

Smartphone displays can be a form of AMOLED
(Active Matrix Organic Light-Emitting Diode) or IPS
LCD (In-Plane Switching Liquid Crystal Display). In
the AMOLED type, the individual pixels are lit
separately (active matrix); the next-generation super
AMOLED type includes touch sensors. The IPS LCD–
type uses polarized light passing through a color filter
and all of the pixels are backlit. The liquid crystals
control the brightness and which pixels are on or off.
With the active matrix, you have crisp, vivid colors and
darker blacks.

Dissemination: Output Components
Output devices carry data in a usable form through exit
devices in or attached to a computer. Common forms
of output include printed documents, audio or video
files, physiologic summaries, scan results, and saved
files on portable disk drives, such as a CD, DVD, flash
drive, or external hard drive. Output devices literally put
data and information at the user’s fingertips, which can
then be used to develop knowledge and even wisdom.
The most commonly used output devices include
printers, speakers, and portable disk drives.

Printer

Printers are external components that can be attached
to a computer using a printer cord that is secured into
the computer’s printer port. Printers enable users to
print a hard paper copy of documents that are housed
on the computer.

The most common printer types are the inkjet and laser
printers. Inkjet printers are more economical to use and
offer good quality print; they apply ink to paper using a
jet-spray mechanism. Laser printers produce publisher-
ready quality printing if combined with good-quality
paper, but cost more in terms of printing supplies. Both
types of printers can print in black and white or in color.
Printers can be single function (print only), but typically
they are all-in-one machines or multifunction printers
that can also scan, fax, and copy. There are printers
that can be accessed via the Internet using Wi-Fi.
There are also three-dimensional (3D) printers that can
create a 3D solid object produced layer by layer from a
3D software digital file.

Speakers

All computers have some sort of speaker setup, usually
small speakers embedded in the monitor, in the case,
or, if a laptop, close to the keyboard. Often, external
speakers are added to a computer system using
speaker connectors; these devices provide enhanced
sound and a more enjoyable listening experience.

What Is the Relationship of
Computer Science to
Knowledge?
Scholars and researchers are beginning to understand
the effects that computer systems, architecture,
applications, and processes have on the potential for
knowledge acquisition and development. Users who
have access to contemporary computers equipped with
full Internet access have resources at their fingertips
that were only dreamed of before the 21st century.
Entire library collections are accessible, with many
documents available in full printable form. Users are
also able to contribute to the development of
knowledge through the use of productivity, creativity,
and communication software. In addition, using the
World Wide Web (WWW) interface, users are able to
disseminate knowledge on a grand scale with other
users. This deluge of information available via
computers must be mastered and organized by the
user if knowledge is to emerge. Discernment and the
ability to critique and filter this information must also be
present to facilitate the further development of wisdom.

The development of an understanding of computer
science principles as they apply to technology used in
nursing can facilitate optimal usage of the technology
for knowledge development in the profession. The
maxim that “knowledge is power” and that the skillful

use of computers lies at the heart of this power is a
presumption. Once nurses become comfortable with
the various technologies, they can shape them, refine
them, and apply them in new and different ways, just
as they have always adapted earlier equipment and
technologies. Nurses must harness the power of data
and information through the use of computer
technologies to build knowledge and gain wisdom.

How Does the Computer
Support Collaboration and
Information Exchange?
Computers can be linked to other computers through
networking software and hardware to promote
communication, information exchange, work sharing,
and collaboration. Such networks can be local or
organizationally based, with computers joined together
into a local area network; organized on a wider area
scope (e.g., a city or district) using a metropolitan area
network; or encompassing computers at an even
greater distance (e.g., a whole country or continent, or
the Internet itself) using a wide area network
configuration (Sarkar, 2006). Network interface cards
are used to connect a computer and its modem to a
network.

Networks within health care can manifest in several
different configurations, including client-focused

networks, such as in telenursing, e-health, and client
support networks; work-related networks, including
virtual work and virtual social networks; and learning
and research networks, as in communities of practice.
These trends are still evolving in most nursing work
environments (and most nurses’ personal lives), but
they are predicted to continue to grow dramatically. We
are experiencing one of the greatest upsurges in
shared information and our ability to access, exchange,
and utilize this information to enhance knowledge.

Virtual social networks are another form of professional
network that have expanded phenomenally since the
advent of the Internet and other computer software and
hardware. Nursing-related virtual social networks
provide a cyberspace for nurses to make contacts,
share information and ideas, and build a sense of
community.

Social communication software is used to provide a
dynamic virtual environment, and often virtual social
networks provide communicative capabilities through
posting tools, such as blogs, forums, and wikis; email
for sharing ideas on a smaller scale; collaborative
areas for interaction, creating, and building digital
artifacts or planning projects; navigation tools for
moving through the virtual network landscape; and
profiles to provide a space for each member to disclose
personal information with others. Nurses who have to
engage in shift work often find that virtual social

networks can provide a sense of connection with other
professionals that is available around the clock.
Because time is often a factor in any social
interchange, virtual communication offers an alternative
for practicing nurses, who can access information and
engage in interchanges at any time of day. With active
participation, the interchanges and shared information
and ideas of the network can culminate in valuable
social and cultural capital, available to all members of
that network. Often, nursing virtual social networks are
created for the purpose of exchanging ideas on
practice issues and best practices; to become more
knowledgeable about new trends, research, and
innovations in health care; or to participate in
advocacy, activist, and educational initiatives.

Through the use of portable disk devices, such as flash
drives, CDs, and DVDs, as well as Web-based and
cloud spaces, people can share information,
documents, and communications by exchanging files.
Since the advent of the Internet in the mid-1980s, the
World Wide Web has evolved to become a viable and
user-friendly way for people to collaborate and
exchange information, projects, and other knowledge-
based files, such as websites, email, social networking
applications, and webinar logs. Box 3-3 provides
information on Web 2.0, the latest iteration of the World
Wide Web, and beyond.

BOX 3-3 WEB 2.0 AND BEYOND TOOLS

Dee McGonigle, Kathleen Mastrian, and Wendy
Mahan

Web 2.0—the name given to the new World
Wide Web tools—enables users to collaborate,
network socially, and disseminate knowledge
with other users on a scale that was once not
even comprehensible. These programs promote
data and information exchange, feedback, and
knowledge development and dissemination.

To facilitate a selective review of the Web 2.0
tools available, they have been categorized into
three areas here: (1) tools for creating and
sharing information, (2) tools for collaborating,
and (3) tools for communicating. Examples of
tools for creating and sharing information
include blogs, podcasts, Flickr, YouTube,
Hellodeo, Jing, Screencast-o-matic, Facebook,
MySpace, Box, Samepage, Wrike, Snapchat,
and MakeBeliefsComix. Examples of tools for
collaborating with others include Google Docs,
Zoho, wikis, Del.icio.us, and Gliffy. Finally, some
tools for communicating with others include
Adobe Connect, GoToMeeting, BlueJeans,
WebEx Meeting Center, Vyew, Skype, Twitter,
and instant messaging.

The application of the creating and sharing
information tools has led to an explosion of
social networking on the Web. YouTube has
promoted the “broadcast yourself” proliferation.
Anyone can post a video onto YouTube that is
shared with others over the Web. Similarly,
Flickr allows users to upload and tag personal
photos to share either privately or publicly.
Facebook and MySpace both promote
socializing on the Web. Facebook is a social
utility and MySpace is a place for friends,
according to the descriptions found on these
websites. Other tools let users create and share
recorded messages, diagrams, screen captures,
and even custom comic strips.

Collaborating over the Web has become easier.
Indeed, it is a way of life for many people.
Google Docs and Zoho allow users to create
online and share and collaborate in real time.
Wikis are server-based software programs that
enable users to generate and edit webpage
content using any browser. Del.icio.us is a social
bookmarking manager that uses tags to identify
or describe the bookmarks that can be shared
with others.

Communicating with others includes audio- and
videoconferencing in real time. Adobe Connect
is a comprehensive Web communications
solution. Although a fee-based service, it does

provide a free trial. Users should read all of the
documentation on Adobe’s site before
downloading, installing, and using this software.
Vyew is free, always-on collaboration plus live
webinars. Skype allows users to make calls in
audio only or with video. Users can download
Skype for free but depending on the type of calls
made, fees or charges could be assessed.
Individuals should read through all of the
information before downloading, installing, and
using this software. Twitter allows participants to
answer the question “What are you doing?” with
messages containing 140 or fewer characters.
Although Twitter can be used to keep the friends
in a person’s network updated on daily activities,
it can also be used for other purposes, such as
asking questions or expressing thoughts. In
addition, Twitter can be accessed by cell
phones, so users can stay in touch on the go.

Along with all of the advantages and intellectual
harvesting capabilities from the use of these
tools come serious security issues. Wagner
(2007) warned the user to “bear in mind before
you jump in that you’re giving information to a
third-party company to store” (para. 5). He also
states that “you should talk to your company’s
legal and compliance offices to be sure you’re
obeying the law and regulations with regard to
managing company’s information” (para. 5). One

suggestion that Wagner offers is that if you do
not want to involve a third party, “Wikis provide a
good alternative for organizations looking to
maintain control of their own software.
Organizations can install wiki software on their
own, internal servers” (para. 6).

This new wave of Web-based tools facilitates
the ability to interact, exchange, collaborate,
communicate, and share in ways that have only
begun to be realized. As the tools and their
innovative uses continue to expand, users need
to stay vigilant to handle the associated security
challenges. These Web 2.0 and beyond tools
are providing a new cyber-playground that is
limited only by users’ own imaginations and
intelligence. We encourage you to explore these
tools.

REFERENCE

Wagner, M. (2007). Nine easy Web-
based collaborative tools.
Forbes. Retrieved from
http://www.forbes.com/2007/02/26/google-
microsoft-bluetie-enttech-
cx_mw_0226smallbizresource.html

Cloud Computing
Cloud computing has Web browser–based login-
accessible data, software, and hardware that you can
access and use. Using the cloud, you could link
systems together and reduce costs (Figure 3-4).
According to Griffith (2016), “cloud computing means
storing and accessing data and programs over the
Internet instead of [on] your computer’s hard drive. The
cloud is just a metaphor for the Internet” (para. 2). IBM
(2016) stated that cloud computing, “referred to as
simply ‘the cloud,’ is the delivery of on-demand
computing resources—everything from applications to
data centers—over the Internet on a pay-for-use basis”
(para. 1). IBM described services as elastic resources,
either metered or self-service. Elastic resources refer
to those that are able to be scaled up or down to meet
the consumer’s needs. Metered services allow you to
pay only for what you use, and self-service refers to
having self-service access to all of the IT resources the
consumer needs. Woodford (2016) stated that cloud
computing is different because it is managed; on-
demand; and can be public, private, or a hybrid of both.
The public cloud is owned and operated by
companies offering public access to computing
resources. It is believed to be more affordable and
economically sound because the user does not need to
purchase the hardware, software, or supporting
infrastructure, as these are managed and owned by the
cloud provider (IBM, 2016). The private cloud is

operated for a single organization with the
infrastructure being managed and/or hosted internally
or outsourced to a third party; it provides added control
and avoids multi-tenancy (IBM).

As we explore Web-based apps and computing over
the Internet, we are cloud computing. Griffith (2016)
described some common major examples of cloud
computing that you might be using right now: Google
Drive, Microsoft Office Online, Microsoft OneDrive,
Apple iCloud, Amazon Cloud Drive, Box, Dropbox, and
SugarSync. There is also cloud hardware; the primary
example of a device that is completely cloud-centric is
the Chromebook, a laptop that has just enough local
storage and power to run the Chrome OS, which
essentially turns the Google Chrome Web browser into
an operating system. “With a Chromebook, most
everything you do is online: apps, media, and storage
are all in the cloud” (Griffith, 2016, para. 16).

Figure 3-4 Cloud Computing

Cloud storage is data storage provided by networked
online servers that are typically outside of the institution
whose data are being housed.

There are also additional services based in the cloud
that are mainly business related: software as a
service (SaaS), platform as a service (PaaS), and
infrastructure as a service (IaaS) (Figure 3-5). SaaS,
such as Salesforce.com refers to cloud-based
applications with the following benefits: quickly start
using innovative or specific business apps that are
scalable to your needs, any connected computer can
access the apps and data, and data is not lost if your
hard drive crashes because the data is stored in the

cloud (Griffith, 2016; IBM, 2016). PaaS provides
everything needed to support the cloud application’s
building and delivery, enabling users to develop and
launch custom Web applications rapidly to the cloud
(Griffith, 2016; IBM, 2016). IaaS such as Amazon,
Microsoft, Google, and Rackspace provide a rentable
backbone to companies, enabling the scalable, on-
demand infrastructure they need to support their
dynamic workloads; the user pays only for what they
use and he or she does not have to invest in hardware
such as networks, storage, and data center space
(Griffith, 2016; IBM, 2016). You can access and
receive services from Netflix and Pinterest because
they are customers of Amazon’s cloud services.
According to Griffith (2016), cloud computing is truly
big business and could generate 500 billion dollars
within the next 5 years.

Figure 3-5 Software as a Service (SaaS), Platform as
a Service (PaaS), and Infrastructure as a Service
(IaaS)

Cloud computing is Internet computing, and it has the
same pitfalls and benefits as using the Internet. Some
are not sold on the claims that it is totally reliable, safe,
and/or secure. Others believe it is a more
environmentally friendly option because it uses fewer
resources and less energy, and yet many people can
share efficiently managed, centralized cloud-based
systems (Woodford, 2016). One of the driving forces
behind the initiation of cloud computing was the need
for scalable resources that are affordable. As with
anything on the Internet, these resources can be
shared or privately held. Cloud computing will continue

to grow as long as there is demand and it can meet the
scalability requirements while maintaining secure,
reliable spaces.

In an ideal world, nurses would be able to use and
interact with computer technologies effectively to
enhance patient care. They would understand
computer science and know how to harness its
capabilities to benefit the profession and ultimately
their patients.

Looking to the Future
The use of the cloud will continue to expand. The
market for wearable technology, which is comprised
of smaller and faster handheld and portable computer
systems, and high-quality voice-activated inventions
will further facilitate the use of computers in nursing
practice and professional development. The field of
computer science will continue to contribute to the
evolving art and science of nursing informatics. New
trends promise to bring wide-sweeping and (it is
hoped) positive changes to the practice of nursing.
Computers and other technologies have the potential
to support a more client-oriented healthcare system in
which clients truly become active participants in their
own healthcare planning and decisions. Mobile health
technology, telenursing, sophisticated electronic health
records, and next-generation technology are predicted
to contribute to high-quality nursing care and

consultation within healthcare settings, including
patients’ homes and communities.

Computers are becoming more powerful, yet more
compact, which will contribute to the development of
several technologic initiatives that are currently still in
their infancy, such as quantum computing. Some of
these initiatives are described here. These predicted
innovations are only some of the many computer and
technologic applications being developed. As nurses
gain proficiency in capitalizing on the creative,
timesaving, and interactive capabilities emerging from
information technology research, the field of nursing
informatics will grow in similar proportions.

Quantum Computing
Quantum bits (qubits) are three-dimensional arrays of
atoms in quantum states. A quantum computer is a
proposed machine that is not based on the binary
system, but instead performs calculations based on the
behavior of subatomic particles or qubits. It is
estimated that if quantum computing, the act of using a
quantum computer, is ever realized, we will be able to
execute millions of instructions per second (MIPS)
due to the qubits existing in more than one state at a
time or having the ability to simultaneously execute and
process. According to Kennedy (2016), “the era of
quantum computers is one step closer” (para. 1) due to
the creation of qubits by David Weiss’s research team.

Voice-Activated Communicators
Voice-activated communicators are already on the
market, with new iterations being developed by a
variety of companies, including Vocera
Communications. Vocera (2015) developed the Vocera
B3000n Communication Badge, which

is a lightweight, voice-controlled,
wearable device that enables instant two-
way or one to many conversations using
intuitive and simple commands. The
Vocera Badge is widely used by mobile
workers who need wearable devices that
provide the convenience and expedience
of being able to respond to calls without
pressing a button (i.e. sterile operating
rooms, nuclear power plants, hotel staff,
security personnel). (para. 1)

These new technologies will permit nurses to use
wireless, hands-free devices to communicate with one
another and to record data. This technology is
becoming a user-friendly and cost-effective way to
increase clinical productivity.

Game and Simulation Technology
Game and simulation technology is offering realistic,
innovative ways to teach content in general, including

healthcare informatics concepts and skills. The same
technology that powers video games is being used to
create dynamic educational interfaces to help students
learn about pathophysiology, care guidelines, and a
host of other topics. Such applications are also very
valuable for client education and health promotion
materials. The “serious games” industry is growing now
that video game producers are looking beyond mere
entertainment to address public and private policy,
management, and leadership issues and topics,
including those related to health care. For example, the
Games for Health Project, initiated by the Robert Wood
Johnson Foundation (2015), is working on developing
best practices to support innovation in healthcare
training, messaging, and illness management. The
Serious Games & VE Arcade & Showcase is presented
at the annual meetings of the Society for Simulation in
Healthcare and is continuing to flourish with numerous
products available to demonstrate.

Virtual Reality
Virtual reality is another technological breakthrough
that is and will continue to influence healthcare
education and professional development. Virtual reality
is a three-dimensional, computer-generated “world”
where a person (with the right equipment) can move
about and interact as if he or she was actually in the
visualized location. The person’s senses are immersed
in this virtual reality world using special gadgetry, such

as head-mounted displays, data gloves, joysticks, and
other hand tools. The equipment and special
technology provide a sense of presence that is lacking
in multimedia and other complex programs. According
to Smith (2015), “It’s crazy but true: Virtual reality will
be a real thing in people’s homes by this time next
year” (para. 1). There are numerous products
available. Virtual Realities (2015) stated that they
provide “head mounted displays, head trackers, motion
trackers, data gloves, 3D controllers, haptic devices,
stereoscopic 3D displays, VR domes and virtual reality
software. Virtual Realities’ products are used by
government, educational, industrial, medical and
entertainment markets worldwide” (para. 1). Oculus VR
(2015) developed Rift, which is the next generation of
virtual reality products, and they are currently
distributing the developer kits. HTC (2015)
manufactures consumer electronics and developed the
Vive headset. The Morpheus headset is used with
PlayStation 4.

Mobile Devices
Mobile devices will be used more by nurses both at the
point of care and in planning, documenting, interacting
with the interprofessional healthcare team, and
research. Nurses also will be using such powerful
wearable technologies as nano-based diagnostic
sensors in their personal lives, and will be generating
their own data streams and receiving data from the

wearable and mobile devices their patients use.
Silbershatz et al. (2013) stated that Apple iOS and
Google Android are “currently dominating mobile
computing” (p. 37). Perry (2015) stated that it is
“estimated more than 177 million wearable devices will
be in use by 2018” (para. 5). Cisco (2014) reported that
“by the year 2020, the majority of Generation X and Y
professionals believe that smartphones and wearable
devices will be the workforce’s most important
‘connected’ device—while the laptop remains the
workplace device of choice” (para. 1). Data are truly at
our fingertips.

Summary
The field of computer science is one of the fastest-
growing disciplines. Astonishing innovations in
computer hardware, software, and architecture have
occurred over the past few decades, and there are no
indications that this trend will come to a halt anytime
soon. Computers have increased in speed, accuracy,
and efficiency, yet now cost less and have reduced
physical size compared to their forebears. These
trends are predicted to continue. Current computer
hardware and software serve as vital and valuable
tools for both nurses and patients to engage in on-
screen and online activities that provide rich access to
data and information. Productivity, creativity, and
communication software tools also enable nurses to
work with computers to further foster knowledge

acquisition and development. Wide access to vast
stores of information and knowledge shared by others
facilitates the emergence of wisdom in users, which
can then be applied to nursing in meaningful and
creative ways. It is imperative that nurses become
discerning, yet skillful users of computer technology to
apply the principles of nursing informatics to practice to
improve patient care and to contribute to the
profession’s ever-growing body of knowledge.

Working Wisdom
Since the beginning of the profession, nurses have
applied their ingenuity, resourcefulness, and
professional awareness of what works to adapt
technology and objects to support nursing care, usually
with the intention of promoting efficiency but also in
support of client comfort and healing. This
resourcefulness could also be applied effectively to the
adaptation of information technology within the care
environment, to ensure that the technology truly does
serve clients and nurses and the rest of the
interprofessional team.

Consider this question: “How can you develop
competency in using the various computer hardware
and software not only to promote efficient, high-quality
nursing care and to develop yourself professionally, but
also to further the development of the profession’s
body of knowledge?”

Application Scenario
Dan P. is a first-year student in graduate studies in
nursing. In the past, he has learned to use his family’s
personal computer to surf the World Wide Web,
exchange email with friends, and play some computer
games. Now, however, Dan realizes that the computer
is a vital tool for his academic success. He has saved
up enough money to purchase a laptop computer. He
has decided on an Intel processor with 1 TB of storage
and 8 GB of RAM. Dan also wishes to choose
appropriate software for his system. He is on a limited
budget but wants to make the most of his investment.

1. Dan still wants to learn more about computers.
You recommend that he review the following
information: Domingo (2016), Knapp (2016), and
PCMag Digital Group (2016).

2. Which of the four categories of software
discussed in this chapter would benefit Dan the
most in his studies (OS, productivity, creativity,
or communication)? Dan definitely needs an OS
—this is critical. He would also directly benefit
from productivity software and at least
connective email and web browser software
from the communication group so he can access
the Internet for research, to collaborate with
peers, and to communicate with his teachers.

3. How could Dan afford to install software from all
four groups on his new laptop? If Dan accessed

some open source software (e.g., Apache
OpenOffice for his productivity software), he
could save money to put toward creativity
software.

THOUGHT-PROVOKING QUESTIONS

1. How can knowledge of computer
hardware and software help nurses to
participate in information technology
adoption decisions in the practice area?

2. How can new computer software help
nurses engage in professional
development, collaboration, and
knowledge dissemination activities at their
own pace and leisure?

References
Alba, D. (2015). Why on earth is IBM still

making mainframes? Wired. Retrieved
from
http://www.wired.com/2015/01/z13-
mainframe

Anderson, M. (2016). Intel says chips to
become slower but more energy
efficient. Retrieved from

https://thestack.com/iot/2016/02/05/intel-
william-holt-moores-law-slower-
energy-efficient-chips

Bagaza, L., & Westover, B. (2016). The 10
best computer mice of 2016. PC
Magazine. Retrieved from
http://www.pcmag.com/article2/0,2817,2374831,00.asp

Bandura, A. (2002). Growing primacy of
human agency in adaptation and
change in the electronic era. European
Psychologist, 7(1), 2–16.

Cisco. (2014). Working from Mars with an
Internet brain implant: Cisco study
shows how technology will shape the
“Future of Work.” Retrieved from
http://newsroom.cisco.com/press-
release-content?
type=webcontent&articleId=1528226

Domingo, J. (2016). The 10 best desktop
PCs of 2016. PC Magazine. Retrieved
from
http://www.pcmag.com/article2/0,2817,2372609,00.asp

Evans, D. (2010). Introduction to
computing: Explorations in language,
logic, and machines. University of
Virginia. Retrieved from
http://www.computingbook.org

Futuremark. (2016). Best processors May
– 2016. Retrieved from
http://www.futuremark.com/hardware/cpu

Griffith, E. (2016). What is cloud
computing? PC Magazine. Retrieved
from
http://www.pcmag.com/article2/0,2817,2372163,00.asp

HTC. (2015). HTC’s VR vision. Finally, the
future. Retrieved from
http://www.htcvr.com

IBM. (2016). What is cloud computing?
Retrieved from
https://www.ibm.com/cloud-
computing/what-is-cloud-computing

Intel Corporation. (2016). Intel Xeon
processor E5 family: Product

specifications. Retrieved from
http://www.intel.com/content/www/us/en/processors/xeon/xeon-
processor-e5-family.html

Kennedy, B. (2016). New, better way to
build circuits for the world’s first useful
quantum computers. Phys.org.
Retrieved from
http://phys.org/news/2016-06-
circuits-world-quantum.html#jCp

Knapp, M. (2016). 9 key things to know
before you buy a computer. Gear &
Style Cheat Sheet. Retrieved from
http://www.cheatsheet.com/technology/9-
tips-for-picking-your-machine-
computer-shopping-cheat-
sheet.html/?a=viewall

Oculus VR. (2015). Step into the Rift.
Retrieved from
https://www.oculus.com/en-us/rift

PCMag Digital Group. (2016). Laptops
and notebooks. PC Magazine.
Retrieved from

http://www.pcmag.com/reviews/laptop-
computers

Perry, L. (2015). Evolving millennial
connections using wearables. Cisco.
Retrieved from
http://blogs.cisco.com/tag/wearable-
technology

Robert Wood Johnson Foundation.
(2015). Games for health. Retrieved
from
http://gamesforhealth.org/about

Sarkar, N. (2006). Tools for teaching
computer networking and hardware
concepts. Hershey, PA: Idea Group.

Sexton, M. (2016). StarTech unveils USB
type-C to HDMI adapter. Retrieved
from
http://www.tomshardware.com/news/startech-
usb-typec-hdmi-adapter,31067.html

Silbershatz, A., Baer Galvin, P., & Gagne,
G. (2013). Operating system concepts

(9th ed.). Hoboken, NJ: John Wiley &
Sons.

Smith, D. (2015). 3 virtual reality products
will dominate our living rooms by this
time next year. Business Insider.
Retrieved from
http://www.businessinsider.com/virtual-
reality-is-getting-real-2015-5

Virtual Realities. (2015). Worldwide
distributor of virtual reality. Retrieved
from https://www.vrealities.com

Vocera. (2015). Vocera badge. Retrieved
from
http://www.vocera.com/product/vocera-
badge

Woodford, C. (2016). Cloud computing.
Retrieved from
http://www.explainthatstuff.com/cloud-
computing-introduction.html

CHAPTER 4: Introduction
to Cognitive Science and
Cognitive Informatics

Kathleen Mastrian and Dee McGonigle

Objectives
1. Describe cognitive science.
2. Assess how the human mind processes

and generates information and
knowledge.

3. Explore cognitive informatics.
4. Examine artificial intelligence and its

relationship to cognitive science and
computer science.

Key Terms
» Artificial intelligence

» Brain

» Cognitive informatics

» Cognitive science

» Computer science

» Connectionism

» Decision making

» Empiricism

» Epistemology

» Human Mental Workload (MWL)

» Intelligence

» Intuition

» Knowledge

» Logic

» Memory

» Mind

» Neuroscience

» Perception

» Problem solving

» Psychology

» Rationalism

» Reasoning

» Wisdom

Introduction
Cognitive science is the fourth of four basic building
blocks used to understand informatics (Figure 4-1).
The Building Blocks of Nursing Informatics section
began by examining nursing science, information
science, and computer science, and considering how
each relates to and helps one understand the concept
of informatics. This chapter explores the building
blocks of cognitive science, cognitive informatics
(CI), and artificial intelligence (AI).

Figure 4-1 Building Blocks of Nursing Informatics

Throughout the centuries, cognitive science has
intrigued philosophers and educators alike. Beginning
in Greece, the ancient philosophers sought to
comprehend how the mind works and what the nature
of knowledge is. This age-old quest to unravel the
processes inherent in the working brain has been
undertaken by some of the greatest minds in history.
However, it was only about 50 years ago that computer
operations and actions were linked to cognitive
science, meaning theories of the mind, intellect, or

brain. This association led to the expansion of cognitive
science to examine the complete array of cognitive
processes, from lower-level perceptions to higher-level
critical thinking, logical analysis, and reasoning.

The focus of this chapter is the impact of cognitive
science on nursing informatics (NI). This section
provides the reader with an introduction and overview
of cognitive science, the nature of knowledge, wisdom,
and AI as they apply to the Foundation of Knowledge
model and NI. The applications to NI include problem
solving, decision support systems, usability issues,
user-centered interfaces and systems, and the
development and use of terminologies.

Cognitive Science
The interdisciplinary field of cognitive science studies
the mind, intelligence, and behavior from an
information-processing perspective. H. Christopher
Longuet-Higgins originated the term “cognitive science”
in his 1973 commentary on the Lighthill report, which
pertained to the state of AI research at that time. The
Cognitive Science Society and the Cognitive Science
Journal date back to 1980 (Cognitive Science
Society, 2005). Their interdisciplinary base arises from
psychology, philosophy, neuroscience, computer
science, linguistics, biology, and physics; covers
memory, attention, perception, reasoning, language,
mental ability, and computational models of cognitive

processes; and explores the nature of the mind,
knowledge representation, language, problem solving,
decision making, and the social factors influencing the
design and use of technology. Simply put, cognitive
science is the study of the mind and how information is
processed in the mind. As described in the Stanford
Encyclopedia of Philosophy (2010):

The central hypothesis of cognitive
science is that thinking can best be
understood in terms of representational
structures in the mind and computational
procedures that operate on those
structures. While there is much
disagreement about the nature of the
representations and computations that
constitute thinking, the central hypothesis
is general enough to encompass the
current range of thinking in cognitive
science, including connectionist theories
which model thinking using artificial
neural networks. (para. 9)

Connectionism is a component of cognitive science
that uses computer modeling through artificial neural
networks to explain human intellectual abilities. Neural
networks can be thought of as interconnected simple
processing devices or simplified models of the brain
and nervous system that consist of a considerable

number of elements or units (analogs of neurons)
linked together in a pattern of connections (analogs of
synapses). A neural network that models the entire
nervous system would have three types of units: (1)
input units (analogs of sensory neurons), which receive
information to be processed; (2) hidden units (analogs
to all of the other neurons, not sensory or motor), which
work in between input and output units; and (3) output
units (analogs of motor neurons), where the outcomes
or results of the processing are found.

Connectionism (Figure 4-2) is rooted in how
computation occurs in the brain and nervous system or
biologic neural networks. On their own, single neurons
have minimal computational capacity. When
interconnected with other neurons, however, they have
immense computational power. The connectionism
system or model learns by modifying the connections
linking the neurons. Artificial neural networks are
unique computer programs designed to model or
simulate their biologic analogs, the neurons of the
brain.

Figure 4-2 Connectionism

The mind is frequently compared to a computer, and
experts in computer science strive to understand how
the mind processes data and information. In contrast,
experts in cognitive science model human thinking
using artificial networks provided by computers—an
endeavor sometimes referred to as AI. How does the
mind process all of the inputs received? Which items
and in which ways are things stored or placed into
memory, accessed, augmented, changed,

reconfigured, and restored? Cognitive science provides
the scaffolding for the analysis and modeling of
complicated, multifaceted human performance and has
a tremendous effect on the issues impacting
informatics.

The end user is the focus of this activity because the
concern is with enhancing the performance in the
workplace; in nursing, the end user could be the actual
clinician in the clinical setting, and cognitive science
can enhance the integration and implementation of the
technologies being designed to facilitate this
knowledge worker with the ultimate goal of improving
patient care delivery. Technologies change rapidly, and
this evolution must be harnessed for the clinician at the
bedside. To do this at all levels of nursing practice, one
must understand the nature of knowledge, the
information and knowledge needed, and the means by
which the nurse processes this information and
knowledge in the situational context.

Sources of Knowledge
Just as philosophers have questioned the nature of
knowledge, so they have also strived to determine how
knowledge arises, because the origins of knowledge
can help one understand its nature. How do people
come to know what they know about themselves,
others, and their world? There are many viewpoints on
this issue, both scientific and nonscientific.

According to Holt (2006), “There are two competing
traditions concerning the ultimate source of our
knowledge: empiricism and rationalism” (para. 3).
Empiricism is based on knowledge being derived from
experiences or senses, whereas rationalism contends
that “some of our knowledge is derived from reason
alone and that reason plays an important role in the
acquisition of all of our knowledge” (para. 5).
Empiricists do not recognize innate knowledge,
whereas rationalists believe that reason is more
essential in the acquisition of knowledge than the
senses.

Three sources of knowledge have been identified: (1)
instinct, (2) reason, and (3) intuition. Instinct is when
one reacts without reason, such as when a car is
heading toward a pedestrian and he jumps out of the
way without thinking. Instinct is found in both humans
and animals, whereas reason and intuition are found
only in humans. Reason “[c]ollects facts, generalizes,
reasons out from cause to effect, from effect to cause,
from premises to conclusions, from propositions to
proofs” (Sivananda, 2004, para. 4). Intuition is a way
of acquiring knowledge that cannot be obtained by
inference, deduction, observation, reason, analysis, or
experience. Intuition was described by Aristotle as “[a]
leap of understanding, a grasping of a larger concept
unreachable by other intellectual means, yet
fundamentally an intellectual process” (Shallcross &
Sisk, 1999, para. 4).

Some believe that knowledge is acquired through
perception and logic. Perception is the process of
acquiring knowledge about the environment or situation
by obtaining, interpreting, selecting, and organizing
sensory information from seeing, hearing, touching,
tasting, and smelling. Logic is “[a] science that deals
with the principles and criteria of validity of inference
and demonstration: the science of the formal principles
of reasoning” (Merriam-Webster Online Dictionary,
2007, para. 1). Acquiring knowledge through logic
requires reasoned action to make valid inferences.

The sources of knowledge provide a variety of inputs,
throughputs, and outputs through which knowledge is
processed. No matter how one believes knowledge is
acquired, it is important to be able to explain or
describe those beliefs, communicate those thoughts,
enhance shared understanding, and discover the
nature of knowledge.

Nature of Knowledge
Epistemology is the study of the nature and origin of
knowledge—that is, what it means to know. Everyone
has a conception of what it means to know based on
their own perceptions, education, and experiences;
knowledge is a part of life that continues to grow with
the person. Thus a definition of knowledge is
somewhat difficult to agree on because it reflects the

viewpoints, beliefs, and understandings of the person
or group defining it. Some people believe that
knowledge is part of a sequential learning process
resembling a pyramid, with data on the bottom, rising
to information, then knowledge, and finally wisdom.
Others believe that knowledge emerges from
interactions and experience with the environment, and
still others think that it is religiously or culturally bound.
Knowledge acquisition is thought to be an internal
process derived through thinking and cognition or an
external process from senses, observations, studies,
and interactions. Descartes’s important premise “called
‘the way of ideas’ represents the attempt in
epistemology to provide a foundation for our
knowledge of the external world (as well as our
knowledge of the past and of other minds) in the
mental experiences of the individual” (Encyclopedia
Britannica, 2007, para. 4).

For the purpose of this text, knowledge is defined as
the awareness and understanding of a set of
information and ways that information can be made
useful to support a specific task or arrive at a decision.
It abounds with others’ thoughts and information or
consists of information that is synthesized so that
relationships are identified and formalized.

How Knowledge and Wisdom
Are Used in Decision Making

The reason for collecting and building data,
information, and knowledge is to be able to make
informed, judicious, prudent, and intelligent decisions.
When one considers the nature of knowledge and its
applications, one must also examine the concept of
wisdom. Wisdom has been defined in numerous ways:

Knowledge applied in a practical way or translated
into actions
The use of knowledge and experience to heighten
common sense and insight to exercise sound
judgment in practical matters
The highest form of common sense resulting from
accumulated knowledge or erudition (deep,
thorough learning) or enlightenment (education that
results in understanding and the dissemination of
knowledge)
The ability to apply valuable and viable knowledge,
experience, understanding, and insight while being
prudent and sensible
Focused on our own minds
The synthesis of our experience, insight,
understanding, and knowledge
The appropriate use of knowledge to solve human
problems

In essence, wisdom entails knowing when and how to
apply knowledge. The decision-making process
revolves around knowledge and wisdom. It is through
efforts to understand the nature of knowledge and its

evolution to wisdom that one can conceive of, build,
and implement informatics tools that enhance and
mimic the mind’s processes to facilitate decision
making and job performance.

Cognitive Informatics
Wang (2003) described CI as an emerging
transdisciplinary field of study that bridges the gap in
understanding regarding how information is processed
in the mind and in the computer. Computing and
informatics theories can be applied to help elucidate
the information processing of the brain, and cognitive
and neurologic sciences can likewise be applied to
build better and more efficient computer processing
systems. Wang suggested that the common issue
among the human knowledge sciences is the drive to
develop an understanding of natural intelligence and
human problem solving.

Pacific Northwest National Laboratory (PNNL), an
organization operated on behalf of the U.S.
Department of Energy, suggested the disciplines of
neuroscience, linguistics, AI, and psychology constitute
this field. PNNL (2008) defined CI as “the
multidisciplinary study of cognition and information
sciences, which investigates human information
processing mechanisms and processes and their
engineering applications in computing” (para. 1). CI
helps to bridge this gap by systematically exploring the

mechanisms of the brain and mind and exploring
specifically how information is acquired, represented,
remembered, retrieved, generated, and communicated.
This dawning of understanding can then be applied
and modeled in AI situations resulting in more efficient
computing applications.

Wang (2003) explained further:

Cognitive informatics attempts to solve
problems in two connected areas in a
bidirectional and multidisciplinary
approach. In one direction, CI uses
informatics and computing techniques to
investigate cognitive science problems,
such as memory, learning, and
reasoning; in the other direction, CI uses
cognitive theories to investigate the
problems in informatics, computing, and
software engineering. (p. 120)

Principles of cognitive informatics and an
understanding of how humans interact with computers
can be used to build information technology (IT)
systems that better meet the needs of users (Figure 4-
3). If a system is too complex or too taxing for a user,
he or she is likely to resist its use. The National Center
for Cognitive Informatics and Decision Making in
Healthcare (NCCD) was established to respond to “the

urgent and long-term cognitive challenges in health IT
adoption and meaningful use. NCCD’s vision is to
become a national resource that provides strategic
leadership in patient-centered cognitive support
research and applications in health care”
(HealthIT.gov, 2013, para. 1). Similarly, Longo (2015)
emphasized Human Mental Workload (MWL) as a
key component in effective system design (Figure 4-4).
He stated,

Figure 4-3 Cognitive Informatics Leads to Usable
Systems

Figure 4-4 Human Mental Workload

At a low level of MWL, people may often
experience annoyance and frustration
when processing information. On the
other hand, a high level can also be both
problematic and even dangerous, as it
leads to confusion, decreases
performance in information processing
and increases the chances of errors and
mistakes. (p. 758)

Cognitive Informatics and

Nursing Practice
According to Mastrian (2008), the recognition of the
potential application of principles of cognitive science
to NI is relatively new. The traditional and widely
accepted definition of NI advanced by Graves and
Corcoran (1989) is that NI is a combination of nursing
science, computer science, and information science
used to describe the processes nurses use to manage
data, information, and knowledge in nursing practice.
Turley (1996) proposed the addition of cognitive
science to this mix, as nurse scientists are seen to
strive to capture and explain the influence of the
human brain on data, information, and knowledge
processing and to elucidate how these factors in turn
affect nursing decision making. The need to include
cognitive sciences is imperative as researchers attempt
to model and support nursing decision making in
complex computer programs.

In 2003, Wang proposed the term cognitive informatics
to signify the branch of information and computer
sciences that investigates and explains information
processing in the human brain. The science of CI grew
out of interest in AI, as computer scientists developed
computer programs that mimic the information
processing and knowledge generation functions of the
human brain. CI bridges the gap between artificial and
natural intelligence and enhances the understanding of
how information is acquired, processed, stored, and

retrieved so that these functions can be modeled in
computer software.

What does this have to do with nursing? At its very
core, nursing practice requires problem solving and
decision making. Nurses help people manage their
responses to illnesses and identify ways that patients
can maintain or restore their health. During the nursing
process, nurses must first recognize that there is a
problem to be solved, identify the nature of the
problem, pull information from knowledge stores that is
relevant to the problem, decide on a plan of action,
implement the plan, and evaluate the effectiveness of
the interventions. When a nurse has practiced the
science of nursing for some time, he or she tends to do
these processes automatically; it is instinctively known
what needs to be done to intervene in the problem.
What happens, however, if the nurse faces a situation
or problem for which he or she has no experience on
which to draw? The ever-increasing acuity and
complexity of patient situations coupled with the
explosion of information in health care has fueled the
development of decision support software embedded in
the electronic health record. This software models the
human and natural decision-making processes of
professionals in an artificial program. Such systems
can help decision makers to consider the
consequences of different courses of action before
implementing the action. They also provide stores of
information that the user may not be aware of and can

use to choose the best course of action and ultimately
make a better decision in unfamiliar circumstances.

Decision support programs continue to evolve as
research in the fields of cognitive science, AI, and CI is
continuously generated and then applied to the
development of these systems. Nurses must embrace
—not resist—these advances as support and
enhancement of the practice of nursing science.

What Is AI?
The field of AI deals with the conception, development,
and implementation of informatics tools based on
intelligent technologies. This field captures the complex
processes of human thought and intelligence.

Herbert Simon believes that the field of AI could have
two functions: “One is to use the power of computers to
augment human thinking, just as we use motors to
augment human or horse power. . . . The other is to
use a computer’s artificial intelligence to understand
how humans think. In a humanoid way” (Stewart,
1994, para. 13). According to the AAAI (2014), AI is the
“scientific understanding of the mechanisms underlying
thought and intelligent behavior and their embodiment
in machines” (para. 1).

John McCarthy, one of the men credited with founding
the field of AI in the 1950s, stated that AI “is the

science and engineering of making intelligent
machines, especially intelligent computer programs. It
is related to the similar task of using computers to
understand human intelligence, but AI does not have to
confine itself to methods that are biologically
observable” (2007, p. 2).

Lamont (2007) interviewed Ray Kurzweil, a visionary
who defined AI as “the ability to perform a task that is
normally performed by natural intelligence, particularly
human natural intelligence. We have in fact artificial
intelligence that can perform many tasks that used to
require—and could only be done by—human
intelligence” (para. 6). The intelligence factor is
extremely important in AI and has been defined by
McCarthy as “the computational part of the ability to
achieve goals in the world. Varying kinds and degrees
of intelligence occur in people, many animals, and
some machines” (2007, p. 2).

The challenge of this field rests in capturing, mimicking,
and creating the complex processes of the mind in
informatics tools, including software, hardware, and
other machine technologies, with the goal that the tool
be able to initiate and generate its own mechanical
thought processing. The brain’s processing is highly
intricate and complicated. This complexity is reflected
in Cohn’s (2006) comment that “Artificial intelligence is
50 years old this summer, and while computers can
beat the world’s best chess players, we still can’t get

them to think like a 4-year-old” (para. 1). AI uses
cognitive science and computer science to replicate
and generate human intelligence. This field will
continue to evolve and produce artificially intelligent
tools to enhance nurses’ personal and professional
lives.

AI in the Future
As electronic health records become more ubiquitous
and we have access to physiologic data streamed in
real time, we will have the potential to process large
amounts of data using AI tools and we will begin to see
data analytics that will enable machine processing that
far exceeds the capabilities of the human mind.
According to Neill (2013),

Perhaps the next great challenge for AI in
healthcare is to develop approaches that
can be applied to the entire population of
patients monitoring huge quantities of
data to automatically detect threats to
patient safety (including patterns of
suboptimal care, as well as outbreaks of
hospital acquired illness), and to discover
new best practices of patient care. (p. 93)

Summary

Cognitive science is the interdisciplinary field that
studies the mind, intelligence, and behavior from an
information-processing perspective. CI is a field of
study that bridges the gap in understanding regarding
how information is processed in the mind and in the
computer. Computing and informatics theories can be
applied to help elucidate the information processing of
the brain, and cognitive and neurologic sciences can
likewise be applied to build better and more efficient
computer processing systems.

AI is the field that deals with the conception,
development, and implementation of informatics tools
based on intelligent technologies. This field captures
the complex processes of human thought and
intelligence. AI uses cognitive science and computer
science to replicate and generate human intelligence.

The sources of knowledge, nature of knowledge, and
rapidly changing technologies must be harnessed by
clinicians to enhance their bedside care. Therefore, we
must understand the nature of knowledge, the
information and knowledge needed, and the means by
which nurses process this information and knowledge
in their own situational context. The reason for
collecting and building data, information, and
knowledge is to be able to build wisdom—that is, the
ability to apply valuable and viable knowledge,
experience, understanding, and insight while being
prudent and sensible. Wisdom is focused on our own

minds, the synthesis of our experience, insight,
understanding, and knowledge. Nurses must use their
wisdom and make informed, judicious, prudent, and
intelligent decisions while providing care to patients,
families, and communities. Cognitive science, CI, and
AI will continue to evolve to help build knowledge and
wisdom.

THOUGHT-PROVOKING QUESTIONS

1. How would you describe CI? Reflect on a
plan of care that you have developed for
a patient. How could CI be used to create
tools to help with or support this important
work?

2. Think of a clinical setting with which you
are familiar and envision how AI tools
might be applied in this setting. Are there
any current tools in use? Which current or
emerging tools would enhance practice in
this setting and why?

3. Use your creative mind to think of a tool
of the future based on cognitive
informatics that would support your
practice.

References

Association for the Advancement of
Artificial Intelligence (AAAI). (2014).
Homepage. Retrieved from
http://www.aaai.org

Cognitive Science Society. (2005). CSJ
archive. Retrieved from
http://www.cogsci.rpi.edu/CSJarchive/1980v04/index.html

Cohn, D. (2006). AI reaches the golden
years. Wired. Retrieved from
http://archive.wired.com/science/discoveries/news/2006/07/71389

Encyclopedia Britannica. (2007).
Epistemology. Retrieved from
http://www.britannica.com/eb/article-
247960/epistemology

Graves, J., & Corcoran, S. (1989). The
study of nursing informatics. Image:
Journal of Nursing Scholarship, 21(4),
227–230.

HealthIT.gov. (2013). National center for
cognitive informatics and decision
making in healthcare. Retrieved from

https://www.healthit.gov/policy-
researchers-implementers/national-
center-cognitive-informatics-and-
decision-making-healthcare

Holt, T. (2006). Sources of knowledge.
Retrieved from
http://www.theoryofknowledge.info/sourcesofknowledge.html

Lamont, I. (2007). The grill: Ray Kurzweil
talks about “augmented reality” and the
singularity. Computer World. Retrieved
from
http://www.computerworld.com/action/article.do?
command=viewArticleBasic&articleId=306176

Longo, L. (2015). A defeasible reasoning
framework for human mental workload
representation and assessment.
Behaviour & Information Technology,
34(8), 758–786.
doi:10.1080/0144929X.2015.1015166

Longuet-Higgins, H. C. (1973). Comments
on the Lighthill report and the
Sutherland reply. Artificial Intelligence:
A Paper Symposium, 35–37.

Mastrian, K. (2008, February). Invited
editorial: Cognitive informatics and
nursing practice. Online Journal of
Nursing Informatics, 12(1). Retrieved
from http://ojni.org/12_1/kathy.html

McCarthy, J. (2007). What is artificial
intelligence? Retrieved from
http://www.formal.stanford.edu/jmc/whatisai.pdf

Merriam-Webster Online Dictionary.
(2007). Logic. Retrieved from
http://www.merriam-
webster.com/dictionary/logic

Neill, D. (2013). Using artificial intelligence
to improve hospital inpatient care.
IEEE Intelligent Systems, 92–95.

Pacific Northwest National Laboratory,
U.S. Department of Energy. (2008).
Cognitive informatics. Retrieved from
http://www.pnl.gov/coginformatics

Shallcross, D. J., & Sisk, D. A. (1999).
What is intuition? In T. Arnold (Ed.),
Hyponoesis glossary: Intuition.
Retrieved from
http://www.hyponoesis.org/Glossary/Definition/Intuition

Sivananda, S. (2004). Four sources of
knowledge. The Divine Life Society.
Retrieved from
http://www.dlshq.org/messages/knowledge.htm

Stanford Encyclopedia of Philosophy.
(2010). Cognitive science. Retrieved
from
http://plato.stanford.edu/entries/cognitive-
science

Stewart, D. (1994). The creator of the first
thinking machine on the future of
artificial intelligence: Herbert Simon on
the mind in the machine. OMNI Q&A.
Retrieved from
http://www.omnimagazine.com/archives/interviews/simon/index.html

Turley, J. (1996). Toward a model for
nursing informatics. Image: Journal of
Nursing Scholarship, 28(4), 309–313.

Wang, Y. (2003). Cognitive informatics: A
new transdisciplinary research field.
Brain and Mind, 4(2), 115–127.

CHAPTER 5: Ethical
Applications of
Informatics

Dee McGonigle, Kathleen Mastrian, and Nedra Farcus

Objectives
1. Recognize ethical dilemmas in nursing

informatics.
2. Examine ethical implications of nursing

informatics.
3. Evaluate professional responsibilities for

the ethical use of healthcare informatics
technology.

4. Explore the ethical model for ethical
decision making.

5. Analyze practical ways of applying the
ethical model for ethical decision making
to manage ethical dilemmas in nursing
informatics.

Key Terms
» Alternatives

» Antiprinciplism

» Applications (Apps)

» Autonomy

» Beneficence

» Bioethics

» Bioinformatics

» Care ethics

» Casuist approach

» Confidentiality

» Consequences

» Courage

» Decision making

» Decision support

» Duty

» Ethical decision making

» Ethical dilemma

» Ethical, social, and legal implications

» Ethicists

» Ethics

» Eudaemonistic

» Fidelity

» Good

» Google Glass

» Harm

» Justice

» Liberty

» Moral dilemmas

» Moral rights

» Morals

» Negligence

» Nicomachean

» Nonmaleficence

» Principlism

» Privacy

» Rights

» Security

» Self-control

» Smartphones

» Social media

» Standards

» Truth

» Uncertainty

» Values

» Veracity

» Virtue

» Virtue ethics

» Wisdom

Introduction
Those who followed the actual events of Apollo 13, or
who were entertained by the movie (Howard, 1995),
watched the astronauts strive against all odds to bring
their crippled spaceship back to Earth. The speed of
their travel was incomprehensible to most viewers, and
the task of bringing the spaceship back to Earth
seemed nearly impossible. They were experiencing a
crisis never imagined by the experts at NASA, and they
made up their survival plan moment by moment. What
brought them back to Earth safely? Surely, credit must
be given to the technology and the spaceship’s ability

to withstand the trauma it experienced. Most amazing,
however, were the traditional nontechnological tools,
skills, and supplies that were used in new and different
ways to stabilize the spacecraft’s environment and
keep the astronauts safe while traveling toward their
uncertain future.

This sense of constancy in the midst of change serves
to stabilize experience in many different life events and
contributes to the survival of crisis and change. This
rhythmic process is also vital to the healthcare
system’s stability and survival in the presence of the
rapidly changing events of the Knowledge Age. No one
can dispute the fact that the Knowledge Age is
changing health care in ways that will not be fully
recognized and understood for years. The change is
paradigmatic, and every expert who addresses this
change reminds healthcare professionals of the need
to go with the flow of rapid change or be left behind.

As with any paradigm shift, a new way of viewing the
world brings with it some of the enduring values of the
previous worldview. As health care continues its
journey into digital communications, telehealth, and
wearable technologies, it brings some familiar tools
and skills recognized in the form of values, such as
privacy, confidentiality, autonomy, and
nonmaleficence. Although these basic values remain
unchanged, the standards for living out these values
will take on new meaning as health professionals

confront new and different moral dilemmas brought on
by the adoption of technological tools for information
management, knowledge development, and evidence-
based changes in patient care. Ethical decision-making
frameworks will remain constant, but the context for
examining these moral issues or ethical dilemmas will
become increasingly complex.

This chapter highlights some familiar ethical concepts
to consider on the challenging journey into the
increasingly complex future of healthcare informatics.
Ethics and bioethics are briefly defined, and the
evolution of ethical approaches from the Hippocratic
ethic era, to principlism, to the current antiprinciplism
movement of ethical decision making is examined.
New and challenging ethical dilemmas are surfacing in
the venture into the unfolding era of healthcare
informatics (Figure 5-1). Also presented in this chapter
are findings from some of the more recent literature
related to these issues. Readers are challenged to
think constantly and carefully about ethics as they
become involved in healthcare informatics and to stay
abreast of new developments in ethical approaches.

Figure 5-1 Ethics in Health Care

Ethics
Ethics is a process of systematically examining
varying viewpoints related to moral questions of right
and wrong. Ethicists have defined the term in a variety
of ways, with each reflecting a basic theoretical
philosophic perspective.

Beauchamp and Childress (1994) referred to ethics as
a generic term for various ways of understanding and
examining the moral life. Ethical approaches to this
examination may be normative, presenting standards
of right or good action; descriptive, reporting what

people believe and how they act; or explorative,
analyzing the concepts and methods of ethics.

Husted and Husted (1995) emphasized a practice-
based ethics, stating “ethics examines the ways men
and women can exercise their power in order to bring
about human benefit—the ways in which one can act in
order to bring about the conditions of happiness” (p. 3).

Velasquez, Andre, Shanks, and Myer (1987) posed the
question, “What is ethics?”, and answered it with the
following two-part response: “First, ethics refers to well-
based standards of right and wrong that prescribe what
humans ought to do, usually in terms of rights,
obligations, benefits to society, fairness, or specific
virtues” (para. 10), and “Secondly, ethics refers to the
study and development of one’s ethical standards”
(para. 11).

Regardless of the theoretical definition, common
characteristics regarding ethics are its dialectical, goal-
oriented approach to answering questions that have
the potential for multiple acceptable answers.

Bioethics
Bioethics is defined as the study and formulation of
healthcare ethics. Bioethics takes on relevant ethical
problems experienced by healthcare providers in the
provision of care to individuals and groups. Husted and

Husted (1995) state the fundamental background of
bioethics that forms its essential nature is:

1. The nature and needs of humans as living,
thinking beings

2. The purpose and function of the healthcare
system in a human society

3. An increased cultural awareness of human
beings’ essential moral status (p. 7)

Bioethics emerged in the 1970s as health care began
to change its focus from a mechanistic approach of
treating disease to a more holistic approach of treating
people with illnesses. As technology advanced,
recognition and acknowledgment of the rights and the
needs of individuals and groups receiving this high-
tech care also increased.

In today’s technologically savvy healthcare
environment, patients are being prescribed
applications (apps) for their smartphones instead of
medications in some clinical practices. Patients’
smartphones are being used to interact with them in
new ways and to monitor and assess their health in
some cases. With apps and add-ons, for example, a
provider can see the patient’s ECG immediately, or the
patient can monitor his or her ECG and send it to the
provider as necessary. Another example would be a
sensor attached to the patient’s mobile device that
could monitor blood glucose levels. We are just

beginning to realize the vast potential of these mobile
devices—and the threats they sometimes pose.
Google Glass, for example, can take photos and
videos (Stern, 2013) without anyone knowing that this
is occurring; in the healthcare environment, such a
technological advancement can violate patients’
privacy and confidentiality. Wearable technologies
provide a data-rich environment for diagnosing,
addressing, and monitoring health issues. As we
analyze huge patient datasets, concerns arise about
privacy, confidentiality, and data sharing (Johns
Hopkins, Berman Institute of Bioethics, n.d.). Add these
evolving developments to healthcare providers’
engagement in social media use with their patients,
and it becomes clear that personal and ethical
dilemmas abound for nurses in the new über-
connected world.

Ethical Issues and Social
Media
As connectivity has improved owing to emerging
technologies, a rapid explosion in the phenomenon
known as social media has occurred. Social media is
defined as “a group of Internet-based applications that
build on the ideological and technological foundations
of Web 2.0 and that allow the creation and exchange of
user-generated content” (Spector & Kappel, 2012, p.
1). Just as the electronic health record serves as a

real-time event in recording patient–provider contact,
so the use of social media represents an instantaneous
form of communication. Healthcare providers—
particularly nurses—can enhance the patient care
delivery system, promote professional collegiality, and
provide timely communication and education regarding
health-related matters by using this forum (National
Council of State Boards of Nursing [NCSBN], 2011,
p. 1). In all cases, however, nurses must exercise
judicious use of social media to protect patients’ rights.
Nurses must understand their obligation to their chosen
profession, particularly as it relates to personal
behavior and the perceptions of their image as
portrayed through social media. Above all, nurses must
be mindful that once communication is written and
posted on the Internet, there is no way to retract what
was written; it is a permanent record that can be
tracked, even if the post is deleted (Englund, Chappy,
Jambunathan, & Gohdes, 2012, p. 242).

Social media platforms include such electronic
communication outlets as Facebook, Twitter, LinkedIn,
Snapchat, and YouTube. Other widely used means of
instantaneous communications include wikis, blogs,
tweeting, Skype, and the “hangout” feature on
Google+. Even as recently as 5 years ago, some of
these means of exchanging information were unknown
(Spector & Kappel, 2012, p. 1).

Use of social networking has increased dramatically

among all age groups. Zephoria (2016) reported that,
in 2016, Facebook had over 1.65 billion active monthly
users worldwide as compared to 955 million active
monthly users in 2012, and users spend an average of
20 minutes on Facebook per visit. Twitter’s influence
on health care continues to grow, with Symplur (2016)
reporting 1,603,327,260 tweets, including healthcare-
related Tweet chats, conferences, and diseases such
as breast cancer, diabetes, and irritable bowel
syndrome.

The rapid growth of social media has found many
healthcare professionals unprepared to face the new
challenges or to exploit the opportunities that exist with
these forums. The need to maintain confidentiality
presents a major obstacle to the healthcare industry’s
widespread adoption of such technology; thus social
networking has not yet been fully embraced by many
health professionals (Anderson, 2012, p. 22). Englund
and colleagues (2012) noted that undergraduate
nursing students may face ambiguous and
understudied professional and ethical implications
when using social networking venues.

Another confounding factor is the increased use of
mobile devices by health professionals as well as the
public (Swartz, 2011, p. 345). Smartphones have the
capability to take still pictures as well as live
recordings; they have found their way into treatment
rooms around the globe.

As a consequence of more stringent confidentiality
laws and more widespread availability and use of
social and mobile media, numerous ethical and legal
dilemmas have been posed to nurses. What are not
well defined are the expectations of healthcare
providers regarding this technology. In some cases,
nurses employed in the emergency department (ED)
setting have been subjected to video and audio
recordings by patients and families when they perform
procedures and give care during the ED visit. Nurses
would be wise to inquire—before an incident occurs—
about the hospital policy regarding audio/video
recording by patients and families, as well as the state
laws governing two-party consent. Such laws require
consent of all parties to any recording or
eavesdropping activity (Lyons & Reinisch, 2013, p.
54).

Sometimes the enthusiasm for patient care and
learning can lead to ethics violations. In one case, an
inadvertent violation of privacy laws occurred when a
nurse in a small town blogged about a child in her care
whom she referred to as her “little handicapper.” The
post also noted the child’s age and the fact that the
child used a wheelchair. A complaint about this breach
of confidentiality was reported to the Board of Nursing.
A warning was issued to the nurse blogging this
information, although a more stringent disciplinary

action could have been taken (Spector & Kappel,
2012, p. 2).

In another case cited by Spector and Kappel (2012), a
student nurse cared for a 3-year-old leukemia patient
whom she wanted to remember after finishing her
pediatric clinical experience. She took the child’s
picture, and in the background of the photo the
patient’s room number was clearly displayed. The
child’s picture was posted on the student nurse’s
Facebook page, along with her statement of how much
she cared about this child and how proud she was to
be a student nurse. Someone forwarded the picture to
the nurse supervisor of the children’s hospital. Not only
was the student expelled from the program, but the
clinical site offer made by the children’s hospital to the
nursing school was rescinded. In addition, the hospital
faced citations for violations of the Health Insurance
Portability and Accountability Act (HIPAA) owing to the
student nurse’s transgression (p. 3).

Nurses sometimes use social network sites or blog
about the patients they care for believing that if they
omit the patient’s name, they are not violating the
patient’s privacy and confidentiality. “A nurse who posts
about caring for an 85-year-old female in her city could
cause the patient to be identified by content in the post.
This action does not protect the patient” (Henderson &
Dahnke, 2015, p. 63). A white paper published by the

NCSBN (2011) provides a thorough discussion of the
issues associated with nurses’ use of social media.

Ethical Dilemmas and Morals
An ethical dilemma arises when moral issues raise
questions that cannot be answered with a simple,
clearly defined rule, fact, or authoritative view. Morals
refer to social convention about right and wrong human
conduct that is so widely shared that it forms a stable
(although usually incomplete) communal consensus
(Beauchamp & Childress, 1994). Moral dilemmas
arise with uncertainty, as is the case when some
evidence a person is confronted with indicates an
action is morally right and other evidence indicates that
this action is morally wrong. Uncertainty is stressful
and, in the face of inconclusive evidence on both sides
of the dilemma, causes the person to question what he
or she should do. Sometimes the individual concludes
that based on his or her moral beliefs, he or she cannot
act. Uncertainty also arises from unanticipated effects
or unforeseeable behavioral responses to actions or
the lack of action. Adding uncertainty to the situational
factors and personal beliefs that must be considered
creates a need for an ethical decision-making model to
help one choose the best action.

Ethical Decision Making

Ethical decision making refers to the process of
making informed choices about ethical dilemmas
based on a set of standards differentiating right from
wrong. This type of decision making reflects an
understanding of the principles and standards of ethical
decision making, as well as the philosophic
approaches to ethical decision making, and it requires
a systematic framework for addressing the complex
and often controversial moral questions.

As the high-speed era of digital communications
evolves, the rights and the needs of individuals and
groups will be of the utmost concern to all healthcare
professionals. The changing meaning of
communication, for example, will bring with it new
concerns among healthcare professionals about
protecting patients’ rights of confidentiality, privacy, and
autonomy. Systematic and flexible ethical decision-
making abilities will be essential for all healthcare
professionals.

Notably, the concept of nonmaleficence (“do no harm”)
will be broadened to include those individuals and
groups whom one may never see in person, but with
whom one will enter into a professional relationship of
trust and care. Mack (2000) has discussed the
popularity of individuals seeking information online
instead of directly from their healthcare providers and
the effects this behavior has on patient–provider
relationships. He is emphatic in his reminder that

“organizations and individuals that provide health
information on the Internet have obligations to be
trustworthy, provide high-quality content, protect users’
privacy, and adhere to standards of best practices for
online commerce and online professional services in
healthcare” (p. 41).

RESEARCH BRIEF

Using an online survey of 1,227 randomly
selected respondents, Bodkin and Miaoulis
(2007) sought to describe the characteristics of
information seekers on e-health websites, the
types of information they seek, and their
perceptions of the quality and ethics of the
websites. Of the respondents, 74% had sought
health information on the Web, with women
accounting for 55.8% of the health information
seekers. A total of 50% of the seekers were
between 35 and 54 years of age. Nearly two
thirds of the users began their searches using a
general search engine rather than a health-
specific site, unless they were seeking
information related to symptoms or diseases.
Top reasons for seeking information were
related to diseases or symptoms of medical
conditions, medication information, health news,
health insurance, locating a doctor, and
Medicare or Medicaid information. The level of
education of information seekers was related to

the ratings of website quality, in that more
educated seekers found health information
websites more understandable, but were more
likely to perceive bias in the website information.
The researchers also found that the ethical
codes for e-health websites seem to be
increasing consumers’ trust in the safety and
quality of information found on the Web, but that
most consumers are not comfortable purchasing
health products or services online.

The full article appears in Bodkin, C., & Miaoulis, G. (2007).

eHealth information quality and ethics issues: An exploratory

study of consumer perceptions. International Journal of

Pharmaceutical and Healthcare Marketing, 1(1), 27–42.

Retrieved from ABI/INFORM Global (Document ID:

1515583081).

Makus (2001) suggests that both autonomy and justice
are enhanced with universal access to information, but
that tensions may be created in patient–provider
relationships as a result of this access to outside
information. Healthcare workers need to realize that
they are no longer the sole providers and gatekeepers
of health-related information; ideally, they should
embrace information empowerment and suggest
websites to patients that contain reliable, accurate, and
relevant information (Resnick, 2001).

It is clear that patients’ increasing use of the Internet
for healthcare information may prompt entirely new
types of ethical issues, such as who is responsible if a
patient is harmed as a result of following online health
advice. Derse and Miller (2008) discuss this issue
extensively and conclude that a clear line separates
information and practice. Practice occurs when there is
direct or personal communication between the provider
and the patient, when the advice is tailored to the
patient’s specific health issue, and when there is a
reasonable expectation that the patient will act in
reliance on the information.

A summit sponsored by the Internet Healthcare
Coalition (www.ihealthcoalition.org) in 2000
developed the E-Health Code of Ethics (eHealth code,
n.d.), which includes eight standards for the ethical
development of health-related Internet sites: (1)
candor, (2) honesty, (3) quality, (4) informed consent,
(5) privacy, (6) professionalism, (7) responsible
partnering, and (8) accountability. For more information
about each of these standards, access the full
discussion of the E-Health Code of Ethics
(http://www.ihealthcoalition.org/ehealth-code-of-
ethics).

It is important to realize that the standards for ethical
development of health-related Internet sites are
voluntary; there is no overseer perusing these sites
and issuing safety alerts for users. Although some sites

carry a specific symbol indicating that they have been
reviewed and are trustworthy (HONcode and Trust-e),
the healthcare provider cannot control which
information patients access or how they perceive and
act related to the health information they find online.
The research brief on the previous page describes one
study of consumer perceptions of health information on
the Web.

Theoretical Approaches to
Healthcare Ethics
Theoretical approaches to healthcare ethics have
evolved in response to societal changes. In a 30-year
retrospective article for the Journal of the American
Medical Association, Pellegrino (1993) traced the
evolution of healthcare ethics from the Hippocratic
ethic, to principlism, to the current antiprinciplism
movement.

The Hippocratic tradition emerged from relatively
homogenous societies where beliefs were similar and
most societal members shared common values. The
emphasis was on duty, virtue, and gentlemanly
conduct.

Principlism arose as societies became more
heterogeneous and members began experiencing a
diversity of incompatible beliefs and values; it emerged

as a foundation for ethical decision making. Principles
were expansive enough to be shared by all rational
individuals, regardless of their background and
individual beliefs. This approach continued into the
1900s and was popularized by two bioethicists,
Beauchamp and Childress (1977; 1994), in the last
quarter of the 20th century. Principles are considered
broad guidelines that provide guidance or direction but
leave substantial room for case-specific judgment.
From principles, one can develop more detailed rules
and policies.

Beauchamp and Childress (1994) proposed four
guiding principles: (1) respect for autonomy, (2)
nonmaleficence, (3) beneficence, and (4) justice.

Autonomy refers to the individual’s freedom from
controlling interferences by others and from
personal limitations that prevent meaningful
choices, such as adequate understanding. Two
conditions are essential for autonomy: liberty,
meaning the independence from controlling
influences, and the individual’s capacity for
intentional action.
Nonmaleficence asserts an obligation not to inflict
harm intentionally and forms the framework for the
standard of due care to be met by any professional.
Obligations of nonmaleficence are obligations of not
inflicting harm and not imposing risks of harm.
Negligence—a departure from the standard of due

care toward others—includes intentionally imposing
risks that are unreasonable and unintentionally but
carelessly imposing risks.
Beneficence refers to actions performed that
contribute to the welfare of others. Two principles
underlie beneficence: Positive beneficence requires
the provision of benefits, and utility requires that
benefits and drawbacks be balanced. One must
avoid negative beneficence, which occurs when
constraints are placed on activities that, even
though they might not be unjust, could in some
situations cause detriment or harm to others.
Justice refers to fair, equitable, and appropriate
treatment in light of what is due or owed to a
person. Distributive justice refers to fair, equitable,
and appropriate distribution in society determined
by justified norms that structure the terms of social
cooperation.

Beauchamp and Childress also suggest three types of
rules for guiding actions: substantive, authority, and
procedural. (Rules are more restrictive in scope than
principles and are more specific in content.)
Substantive rules are rules of truth telling,
confidentiality, privacy, and fidelity, and those
pertaining to the allocation and rationing of health care,
omitting treatment, physician-assisted suicide, and
informed consent. Authority rules indicate who may
and should perform actions. Procedural rules establish
procedures to be followed.

The principlism advocated by Beauchamp and
Childress has since given way to the antiprinciplism
movement, which emerged in the 21st century with the
expansive technological changes and the tremendous
rise in ethical dilemmas accompanying these changes.
Opponents of principlism include those who claim that
its principles do not represent a theoretical approach
as well as those who claim that its principles are too far
removed from the concrete particularities of everyday
human existence; are too conceptual, intangible, or
abstract; or disregard or do not take into account a
person’s psychological factors, personality, life history,
sexual orientation, or religious, ethnic, and cultural
background. Different approaches to making ethical
decisions are next briefly explored, providing the
reader with an understanding of the varied methods
professionals may use to arrive at an ethical decision.

The casuist approach to ethical decision making grew
out of the call for more concrete methods of examining
ethical dilemmas. Casuistry is a case-based ethical
reasoning method that analyzes the facts of a case in a
sound, logical, and ordered or structured manner. The
facts are compared to decisions arising out of
consensus in previous paradigmatic or model cases.
One casuist proponent, Jonsen (1991), prefers
particular and concrete paradigms and analogies over
the universal and abstract theories of principlism.

The Husted bioethical decision-making model centers
on the healthcare professional’s implicit agreement
with the patient or client (Husted & Husted, 1995). It is
based on six contemporary bioethical standards: (1)
autonomy, (2) freedom, (3) veracity, (4) privacy, (5)
beneficence, and (6) fidelity.

The virtue ethics approach emphasizes the virtuous
character of individuals who make the choices. A
virtue is any characteristic or disposition desired in
others or oneself. It is derived from the Greek word
aretai, meaning “excellence,” and refers to what one
expects of oneself and others. Virtue ethicists
emphasize the ideal situation and attempt to identify
and define ideals. Virtue ethics dates back to Plato and
Socrates. When asked “whether virtue can be taught or
whether virtue can be acquired in some other way,
Socrates answers that if virtue is knowledge, then it
can be taught. Thus, Socrates assumes that whatever
can be known can be taught” (Scott, 2002, para. 9).
According to this view, the cause of any moral
weakness is not a matter of character flaws but rather
a matter of ignorance. In other words, a person acts
immorally because the individual does not know what
is really good for him or her. A person can, for example,
be overpowered by immediate pleasures and forget to
consider the long-term consequences. Plato
emphasized that to lead a moral life and not succumb
to immediate pleasures and gratification, one must
have a moral vision. He identified four cardinal virtues:

(1) wisdom, (2) courage, (3) self-control, and (4)
justice.

Aristotle’s (350 BC) Nicomachean principles also
contribute to virtue ethics. According to this
philosopher, virtues are connected to will and motive
because the intention is what determines if one is or is
not acting virtuously. Ethical considerations, according
to his eudaemonistic principles, address the question,
“What is it to be an excellent person?” For Aristotle,
this ultimately means acting in a temperate manner
according to a rational mean between extreme
possibilities.

Virtue ethics has experienced a recent resurgence in
popularity (Ascension Health, 2007). Two of the most
influential moral and medical authors, Pellegrino and
Thomasma (1993), have maintained that virtue theory
should be related to other theories within a
comprehensive philosophy of the health professions.
They argue that moral events are composed of four
elements (the agent, the act, the circumstances, and
the consequences), and state that a variety of theories
must be interrelated to account for different facets of
moral judgment.

Care ethics is responsiveness to the needs of others
that dictates providing care, preventing harm, and
maintaining relationships. This viewpoint has been in
existence for some time. Engster (2004) stated that

“Carol Gilligan’s In a Different Voice (1982) established
care ethics as a major new perspective in
contemporary moral and political discourse” (p. 113).
The relationship between care and virtue is complex,
however. Benjamin and Curtis (1992) base their
framework on care ethics; they propose that “critical
reflection and inquiry in ethics involves the complex
interplay of a variety of human faculties, ranging from
empathy and moral imagination on the one hand to
analytic precision and careful reasoning on the other”
(p. 12). Care ethicists are less stringently guided by
rules, but rather focus on the needs of others and the
individual’s responsibility to meet those needs. As
opposed to the aforementioned theories that are
centered on the individual’s rights, an ethic of care
emphasizes the personal part of an interdependent
relationship that affects how decisions are made. In
this theory, the specific situation and context in which
the person is embedded become a part of the decision-
making process.

The consensus-based approach to bioethics was
proposed by Martin (1999), who claims that American
bioethics harbors a variety of ethical methods that
emphasize different ethical factors, including principles,
circumstances, character, interpersonal needs, and
personal meaning. Each method reflects an important
aspect of ethical experience, adds to the others, and
enriches the ethical imagination. Thus working with
these methods provides the challenge and the

opportunity necessary for the perceptive and shrewd
bioethicist to transform them into something new with
value through the process of building ethical
consensus. Diverse ethical insights can be integrated
to support a particular bioethical decision, and that
decision can be understood as a new, ethical whole.

Applying Ethics to Informatics
With the Knowledge Age has come global closeness,
meaning the ability to reach around the globe
instantaneously through technology. Language barriers
are being broken through technologically based
translators that can enhance interaction and exchange
of data and information. Informatics practitioners are
bridging continents, and international panels,
committees, and organizations are beginning to
establish standards and rules for the implementation of
informatics. This international perspective must be
taken into consideration when informatics dilemmas
are examined from an ethical standpoint; it promises to
influence the development of ethical approaches that
begin to accept that healthcare practitioners are
working within international networks and must
recognize, respect, and regard the diverse political,
social, and human factors within informatics ethics.

The various ethical approaches can be used to help
healthcare professionals make ethical decisions in all
areas of practice. The focus of this text is on

informatics. Informatics theory and practice have
continued to grow at a rapid rate and are infiltrating
every area of professional life. New applications and
ways of performing skills are being developed daily.
Therefore, education in informatics ethics is extremely
important.

Typically, situations are analyzed using past
experience and in collaboration with others. Each
situation warrants its own deliberation and unique
approach, because each individual patient seeking or
receiving care has his or her own preferences, quality
of life, and healthcare needs in a situational milieu
framed by financial, provider, setting, institutional, and
social context issues. Clinicians must take into
consideration all of these factors when making ethical
decisions.

The use of expert systems, decision support tools,
evidence-based practice, and artificial intelligence in
the care of patients creates challenges in terms of who
should use these tools, how they are implemented, and
how they are tempered with clinical judgment. All
clinical situations are not the same, and even though
the result of interacting with these systems and tools is
enhanced information and knowledge, the clinician
must weigh this information in light of each patient’s
unique clinical circumstances, including that
individual’s beliefs and wishes. Patients are demanding
access to quality care and the information necessary to

control their lives. Clinicians need to analyze and
synthesize the parameters of each distinctive situation
using a specific decision-making framework that helps
them make the best decisions. Getting it right the first
time has a tremendous impact on expected patient
outcomes. The focus should remain on patient
outcomes while the informatics tools available are
ethically incorporated.

Facing ethical dilemmas on a daily basis and struggling
with unique client situations may cause many clinicians
to question their own actions and the actions of their
colleagues and patients. One must realize that
colleagues and patients may reach very different
decisions, but that does not mean anyone is wrong.
Instead, all parties reach their ethical decision based
on their own review of the situational facts and
understanding of ethics. As one deals with diversity
among patients, colleagues, and administrators, one
must constantly strive to use ethical imagination to
reach ethically competent decisions.

Balancing the needs of society, his or her employer,
and patients could cause the clinician to face ethical
challenges on an everyday basis. Society expects
judicious use of finite healthcare resources. Employers
have their own policies, standards, and practices that
can sometimes inhibit the practice of the clinician. Each
patient is unique and has life experiences that affect
his or her healthcare perspective, choices, motivation,

and adherence. Combine all of these factors with the
challenges posed by informatics, and it is clear that the
evolving healthcare arena calls for an informatics-
competent, politically active, consumer-oriented,
business-savvy, ethical clinician to rule this ever-
changing landscape known as health care.

The goal of any ethical system should be that a
rational, justifiable decision is reached. Ethics is always
there to help the practitioner decide what is right.
Indeed, the measure of an adequate ethical system,
theory, or approach is, in part, its ability to be useful in
novel contexts. A comprehensive, robust theory of
ethics should be up to the task of addressing a broad
variety of new applications and challenges at the
intersection of informatics and health care.

The information concerning an ethical dilemma must
be viewed in the context of the dilemma to be useful.
Bioinformatics could gather, manipulate, classify,
analyze, synthesize, retrieve, and maintain databases
related to ethical cases, the effective reasoning applied
to various ethical dilemmas, and the resulting ethical
decisions. This input would certainly be potent—but the
resolution of dilemmas cannot be achieved simply by
examining relevant cases from a database. Instead,
clinicians must assess each situational context and the
patient’s specific situation and needs and make their
ethical decisions based on all of the information they
have at hand.

Ethics is exciting, and competent clinicians need to
know about ethical dilemmas and solutions in their
professions. Ethicists have often been thought of as
experts in the arbitrary, ambiguous, and ungrounded
judgments of other people. They know that they make
the best decisions they can based on the situation and
stakeholders at hand. Just as clinicians try to make the
best healthcare decisions with and for their patients,
ethically driven practitioners must do the same. Each
healthcare provider must critically think through the
situation to arrive at the best decision.

To make ethical decisions about informatics
technologies and patients’ intimate healthcare data and
information, the healthcare provider must be competent
in informatics. To the extent that information technology
is reshaping healthcare practices or promises to
improve patient care, healthcare professionals must be
trained and competent in the use of these tools. This
competency needs to be evaluated through
instruments developed by professional groups or
societies; such assessment will help with consistency
and quality. For the healthcare professional to be an
effective patient advocate, he or she must understand
how information technology affects the patient and the
subsequent delivery of care. Information science and
its effects on health care are both interesting and
important. It follows that information technology and its

ethical, social, and legal implications should be
incorporated into all levels of professional education.

The need for confidentiality was perhaps first
articulated by Hippocrates; thus if anything is different
in today’s environment, it is simply the ways in which
confidentiality can be violated. Perhaps the use of
computers for clinical decision support and data mining
in research will raise new ethical issues. Ethical
dilemmas associated with the integration of informatics
must be examined to provide an ethical framework that
considers all of the stakeholders. Patients’ rights must
be protected in the face of a healthcare provider’s duty
to his or her employer and society at large when
initiating care and assigning finite healthcare
resources. An ethical framework is necessary to help
guide healthcare providers in reference to the ethical
treatment of electronic data and information during all
stages of collection, storage, manipulation, and
dissemination. These new approaches and means
come with their own ethical dilemmas. Often they are
dilemmas not yet faced owing to the cutting-edge
nature of these technologies.

Just as processes and models are used to diagnose
and treat patients in practice, so a model in the
analysis and synthesis of ethical dilemmas or cases
can also be applied. An ethical model for ethical
decision making (Box 5-1) facilitates the ability to
analyze the dilemma and synthesize the information

into a plan of action (McGonigle, 2000). The model
presented here is based on the letters in the word
ethical. Each letter guides and prompts the healthcare
provider to think critically (think and rethink) through
the situation presented. The model is a tool because, in
the final analysis, it allows the nurse objectively to
ascertain the essence of the dilemma and develop a
plan of action.

BOX 5-1 ETHICAL MODEL FOR

ETHICAL DECISION MAKING

Examine the ethical dilemma (conflicting
values exist).
Thoroughly comprehend the possible
alternatives available.
Hypothesize ethical arguments.
Investigate, compare, and evaluate the
arguments for each alternative.
Choose the alternative you would
recommend.
Act on your chosen alternative.
Look at the ethical dilemma and examine the
outcomes while reflecting on the ethical
decision.

APPLYING THE ETHICAL
MODEL

Examine the ethical dilemma:

Use your problem-solving, decision-
making, and critical-thinking skills.

What is the dilemma you are analyzing?
Collect as much information about the
dilemma as you can, making sure to
gather the relevant facts that clearly
identify the dilemma. You should be able
to describe the dilemma you are
analyzing in detail.

Ascertain exactly what must be decided.

Who should be involved in the decision-
making process for this specific case?

Who are the interested players or
stakeholders?

Reflect on the viewpoints of these key
players and their value systems.

What do you think each of these
stakeholders would like you to decide as
a plan of action for this dilemma?

How can you generate the greatest
good?

Thoroughly comprehend the possible
alternatives available:

Use your problem-solving, decision-

making, and critical-thinking skills.

Create a list of the possible alternatives.
Be creative when developing your
alternatives. Be open minded; there is
more than one way to reach a goal.
Compel yourself to discern at least three
alternatives.

Clarify the alternatives available and
predict the associated consequences—
good and bad—of each potential
alternative or intervention.

For each alternative, ask the following
questions:

– Do any of the principles or rules,
such as legal, professional, or
organizational, automatically nullify
this alternative?

– If this alternative is chosen, what do
you predict as the best-case and
worst-case scenarios?

– Do the best-case outcomes
outweigh the worst-case outcomes?

– Could you live with the worst-case
scenario?

– Will anyone be harmed? If so, how
will they be harmed?

– Does the benefit obtained from this
alternative overcome the risk of
potential harm that it could cause to
anyone?

Hypothesize ethical arguments:

Use your problem-solving, decision-
making, and critical-thinking skills.

Determine which of the five approaches
apply to this dilemma.

Identify the moral principles that can be
brought into play to support a conclusion
as to what ought to be done ethically in
this case or similar cases.

Ascertain whether the approaches
generate converging or diverging
conclusions about what ought to be done.

Investigate, compare, and evaluate the
arguments for each alternative:

Use your problem-solving, decision-
making, and critical-thinking skills.

Appraise the relevant facts and
assumptions prudently.

– Is there ambiguous information that
must be evaluated?

– Are there any unjustifiable factual or
illogical assumptions or debatable
conceptual issues that must be
explored?

Rate the ethical reasoning and
arguments for each alternative in terms of
their relative significance.

– 4 = extreme significance

– 3 = major significance

– 2 = significant

– 1 = minor significance

Compare and contrast the alternatives
available with the values of the key
players involved.

Reflect on these alternatives:

– Does each alternative consider all of
the key players?

– Does each alternative take into
account and reflect an interest in the
concerns and welfare of all of the key
players?

– Which alternative will produce the
greatest good or the least amount of
harm for the greatest number of
people?

Refer to your professional codes of
ethical conduct. Do they support your
reasoning?

Choose the alternative you would
recommend:

Use your problem-solving, decision-
making, and critical-thinking skills.

Make a decision about the best
alternative available.

– Remember the Golden Rule: Does
your decision treat others as you
would want to be treated?

– Does your decision take into account
and reflect an interest in the concerns
and welfare of all of the key players?

– Does your decision maximize the
benefit and minimize the risk for
everyone involved?

Become your own critic; challenge your
decision as you think others might. Use
the ethical arguments you predict they
would use and defend your decision.

– Would you be secure enough in your
ethical decision-making process to

see it aired on national television or
sent out globally over the Internet?

– Are you secure enough with this
ethical decision that you could have
allowed your loved ones to observe
your decision-making process, your
decision, and its outcomes?

Act on your chosen alternative:

Use your problem-solving, decision-
making, and critical-thinking skills.

Formulate an implementation plan
delineating the execution of the decision.

– This plan should be designed to
maximize the benefits and minimize
the risks.

– This plan must take into account all
of the resources necessary for
implementation, including personnel
and money.

Implement the plan.

Look at the ethical dilemma and examine
the outcomes while reflecting on your
ethical decision:

Use your problem-solving, decision-
making, and critical-thinking skills.

Monitor the implementation plan and its
outcomes. It is extremely important to
reflect on specific case decisions and
evaluate their outcomes to develop your
ethical decision-making ability.

If new information becomes available, the
plan must be reevaluated.

Monitor and revise the plan as necessary.

The ethical model for ethical decision making was developed by

Dr. Dee McGonigle and is the property of Educational

Advancement Associates (EAA). The permission for its use in

this text has been granted by Mr. Craig R. Goshow, Vice

President, EAA.

Case Analysis Demonstration
The following case study is intended to help readers
think through how to apply the ethical model. Review
the model and then read through the case. Try to apply
the model to this case or follow along as the model is
implemented. Readers are challenged to determine
their decision in this case and then compare and
contrast their response with the decision the authors
reached.

Allison is a charge nurse on a busy
medical–surgical unit. She is expecting

the clinical instructor from the local
university at 2:00 pm to review and
discuss potential patient assignments for
the nursing students scheduled for the
following day. Just as the university
professor arrives, one of the patients on
the unit develops a crisis requiring
Allison’s attention. To expedite the
student nurse assignments for the
following day, Allison gives her electronic
medical record access password to the
instructor.

Examine the Ethical Dilemma
Allison made a commitment to meet with the university
instructor to develop student assignments at 2:00 pm.
The patient emergency that developed prevented
Allison from living up to that commitment. Allison had
an obligation to provide patient care during the
emergency and a competing obligation to the
professor. She solved the dilemma of competing
obligations by providing her electronic medical record
access password to the university professor.

By sharing her password, Allison most likely violated
hospital policy related to the security of healthcare
information. She may also have violated the American
Nurses Association code of ethics, which states that
nurses must judiciously protect information of a

confidential nature. Because the university professor
was also a nurse and had a legitimate interest in the
protected healthcare information, there might not be a
code of ethics violation.

Thoroughly Comprehend the Possible
Alternatives Available
The possible alternatives available include the
following: (1) Allison could have asked the professor to
wait until the patient crisis was resolved; (2) Allison
could have delegated another staff member to assist
the university professor; or (3) Allison could have
logged on to the system for the professor.

Hypothesize Ethical Arguments
The utilitarian approach applies to this situation. An
ethical action is one that provides the greatest good for
the greatest number; the underlying principles in this
perspective are beneficence and nonmaleficence. The
rights to be considered are as follows: right of the
individual to choose for himself or herself (autonomy);
right to truth (veracity); right of privacy (the ethical right
to privacy avoids conflict and, like all rights, promotes
harmony); right not to be injured; and right to what has
been promised (fidelity).

Does the action respect the moral rights of everyone?
The principles to consider are autonomy, veracity, and
fidelity.

As for the fairness or justice, how fair is an action?
Does it treat everyone in the same way, or does it show
favoritism and discrimination? The principles to
consider are justice and distributive justice.

Thinking about the common good assumes one’s own
good is inextricably linked to good of the community;
community members are bound by pursuit of common
values and goals and ensure that the social policies,
social systems, institutions, and environments on which
one depends are beneficial to all. Examples of such
outcomes are affordable health care, effective public
safety, a just legal system, and an unpolluted
environment. The principle of distributive justice is
considered.

Virtue assumes that one should strive toward certain
ideals that provide for the full development of humanity.
Virtues are attitudes or character traits that enable one
to be and to act in ways that develop the highest
potential; examples include honesty, courage,
compassion, generosity, fidelity, integrity, fairness, self-
control, and prudence. Like habits, virtues become a
characteristic of the person. The virtuous person is the
ethical person. Ask yourself, what kind of person
should I be? What will promote the development of

character within myself and my community? The
principles considered are fidelity, veracity, beneficence,
nonmaleficence, justice, and distributive justice.

In this case, there is a clear violation of an institutional
policy designed to protect the privacy and
confidentiality of medical records. However, the
professor had a legitimate interest in the information
and a legitimate right to the information. Allison trusted
that the professor would not use the system password
to obtain information outside the scope of the legitimate
interest. However, Allison cannot be sure that the
professor would not access inappropriate information.
Further, Allison is responsible for how her access to the
electronic system is used. Balancing the rights of
everyone—the professor’s right to the information, the
patients’ rights to expect that their information is
safeguarded, and the right of the patient in crisis to
expect the best possible care—is important and is the
crux of the dilemma. Does the patient care obligation
outweigh the obligation to the professor? Yes, probably.
Allison did the right thing by caring for the patient in
crisis. By giving out her system access password,
Allison also compromised the rights of the other
patients on the unit to expect that their confidentiality
and privacy would be safeguarded.

Virtue ethics suggests that individuals use power to
bring about human benefit. One must consider the
needs of others and the responsibility to meet those

needs. Allison must simultaneously provide care,
prevent harm, and maintain professional relationships.

Allison may want to effect a long-term change in
hospital policy for the common good. It is reasonable to
assume that this event was not an isolated incident and
that the problem may recur in the future. Can the
institutional policy be amended to provide professors
with access to the medical records system? As
suggested in the HIPAA administrative guidelines, the
professor could receive the same staff training
regarding appropriate and inappropriate use of access
and sign the agreement to safeguard the records. If the
institution has tracking software, the professor’s access
could be monitored to watch for inappropriate use.

Identify the moral principles that can be brought into
play to support a conclusion as to what ought to be
done ethically in this case or similar cases. The
International Council of Nurses (2006) code of ethics
states that “The nurse holds in confidence personal
information and uses judgment in sharing this
information” (p. 4). The code also states, “The nurse
uses judgment in relation to individual competence
when accepting and delegating responsibilities” (p. 5).
Both of these statements apply to the current situation.

Ascertain whether the approaches generate
converging or diverging conclusions about what ought
to be done. From the analysis, it is clear that the best

immediate solution is to delegate assisting the
professor with assignments to another nurse on the
unit.

Investigate, Compare, and Evaluate
the Arguments for Each Alternative
Review and think through the items listed in Table 5-1.

Table 5-1 Detailed Analysis of Alternative Actions

Alternative Good
Consequences

Bad
Consequences

Do Any
Rules
Nullify

Expected
Outcome

1. Wait

until

crisis

was

resolved

No policy

violation

Patient rights

safeguarded

Not the best

use of the

professor’s time

No Best: Crisis

will require a

short time

Worst: Crisis

may take a

long time

2.

Delegate

to

another

staff

member

No policy

violated

Other staff may

be equally busy

or might not be

as familiar with

all patients

No Best:

Assignments

will be

completed

Worst: May

not have

benefit of

expert

advice

3. Log on

to the

system

for the

professor

Professor can

begin making

assignments

May still be a

violation of

policy regarding

system access

Rules

regarding

access to

medical

record

Best:

Assignments

can be

completed

Worst:

Abuse of

access to

information

Choose the Alternative You Would
Recommend
The best immediate solution is to delegate another
staff member to assist the professor. The best long-
term solution is to change the hospital policy to include
access for professors, as described previously.

Act on Your Chosen Alternative
Allison should delegate another staff member to assist
the professor in making assignments.

Look at the Ethical Dilemma and
Examine the Outcomes While
Reflecting on the Ethical Decision
As already indicated in the alternative analyses,
delegation may not be an ideal solution because the

staff nurse who is assigned to assist the professor may
not possess the same extensive information about all
of the patients as the charge nurse. It is, however, the
best immediate solution to the dilemma and is certainly
safer than compromising the integrity of the hospital’s
computer system. As noted previously, Allison may
want to pursue a long-term solution to a potentially
recurring problem by helping the professor gain
legitimate access to the computer system with the
professor’s own password. The system administrator
would then have the ability to track who used the
system and which types of information were accessed
during use.

This case analysis demonstration provides the authors’
perspective on this case and the ethical decision made.
If your decision did not match this perspective, what
was the basis for the difference of opinion? If you
worked through the model, you might have reached a
different decision based on your individual background
and perspective. This does not make the decision right
or wrong. A decision should reflect the best decision
one can make given review, reflection, and critical
thinking about this specific situation.

Six additional cases are provided in the online learner’s
manual for review. Apply the model to each case study,
and discuss these cases with colleagues or
classmates.

New Frontiers in Ethical Issues
The expanding use of new information technologies in
health care will bring about new and challenging ethical
issues. Consider that patients and healthcare providers
no longer have to be in the same place for a quality
interaction. How, then, does one deal with licensing
issues if the electronic consultation takes place across
a state line? Derse and Miller (2008) describe a
second-opinion medical consultation on the Internet
where the information was provided to the referring
physician and not to the patient, thus avoiding the
licensing issue. In essence, provider-to-provider
consultation does not constitute practicing in a state in
which you are not licensed. As new technologies for
healthcare delivery are developed, new ethical
challenges may arise. It is important for all healthcare
providers to be aware of the code of ethics for their
specific practices, and to understand the laws
governing their practice and private health information.

Consider also the ethical issues created by genomic
databases or by sharing of information in a health
information exchange to promote population health.
Alpert (2008) asks, “Is it wise to put genomic sequence
data into electronic medical records that are poorly
protected, that cannot adhere well to Fair Information
Practice Principles for privacy, and that can potentially
be seen by tens of thousands of people/entities, when
it is clear that we do not understand the functionality of

the genome and likely will not for several years?” (p.
382).

Further, how does one really obtain informed consent
for such data collection, when how the data will
ultimately be used is not known, but clearly that
application will be important to health research uses
that go beyond the immediate medical care of the
patient? Angst (2009) asks whether the public good
outweighs individual interests in such a case because
the information contained in these databases is
important to developing new understandings and
creating new knowledge by matching data in
aggregated pools: “Thus, science adds meaning and
context to data, but to what extent do we agree to
make the data available such that this discovery
process can take place, and are the impacts of
discovery great enough to justify the risks?” (p. 172).
Further, if a voluntary system where patients can opt
out of such data collection is adopted, then are
healthcare disparities related to incomplete electronic
health records created?

In an ideal world, healthcare professionals must not be
affected by conflicting loyalties; nothing should interfere
with judicious, ethical decision making. As the
technologically charged waters of health care are
navigated, one must hone a solid foundation of ethical
decision making and practice it consistently.

Summary
As science and technology advance, and policy
makers and healthcare providers continue to shape
healthcare practices including information
management, it is paramount that ethical decisions are
made. Healthcare professionals are typically honest,
trustworthy, and ethical, and they understand that they
are duty bound to focus on the needs and rights of their
patients. At the same time, their day-to-day work is
conducted in a world of changing healthcare
landscapes populated by new technologies, diverse
patients, varied healthcare settings, and changing
policies set by their employers, insurance companies,
and providers. The technologies themselves are not
the problem, but the misuse of the technology can
cause harm to our patients. If we use them to the
patient’s advantage while protecting the patient, they
can be beneficial tools in accessing our technologically
savvy patients to garner the data and information
necessary to address their healthcare needs, including
patient education, while impacting public health and
enhancing our relationship with our patients.
Healthcare professionals need to juggle all of these
balls simultaneously, and so the ethical considerations
must be at the forefront, a task that often results in far
too many gray areas or ethical decision-making
dilemmas with no clear correct course of action.
Patients rely on the ethical competence of their
healthcare providers, believing that their situation is

unique and will be respected and evaluated based on
their own needs, abilities, and limitations. The
healthcare professional cannot allow conflicting
loyalties to interfere with judicious, ethical decision
making. Just as in the opening example of the Apollo
mission, it is uncertain where this technologically
heightened information era will lead, but if a solid
foundation of ethical decision making is relied upon,
duties and rights will be judiciously and ethically
fulfilled.

THOUGHT-PROVOKING QUESTIONS

1. Identify moral dilemmas in healthcare
informatics that would best be
approached with the use of an ethical
decision-making framework, such as the
use of smartphones to interact with
patients as well as to monitor and assess
patient health.

2. Discuss the evolving healthcare ethics
traditions within their social and historical
contexts.

3. Differentiate among the theoretical
approaches to healthcare ethics as they
relate to the theorists’ perspectives of
individuals and their relationships.

4. Select one of the healthcare ethics
theories and support its use in examining
ethical issues in healthcare informatics.

5. Select one of the healthcare ethics
theories and argue against its use in
examining ethical issues in healthcare
informatics.

References
Alpert, S. (2008). Privacy issues in clinical

genomic medicine, or Marcus Welby,
M.D., meets the $1000 genome.
Cambridge Quarterly of Healthcare
Ethics, 17(4), 373–384. Retrieved from
Health Module (Document ID:
1880623501).

Anderson, K. (2012). Social media a new
way to care and communicate.
Australian Nursing Journal, 20(3), 22–
25.

Angst, C. (2009). Protect my privacy or
support the common-good? Ethical
questions about electronic health
information exchanges. Journal of
Business Ethics, 90(suppl), 169–178.
Retrieved from ABI/INFORM Global
(Document ID: 2051417481).

Aristotle. (350 BC). Nichomachean ethics.
Book I. (W. D. Ross, Trans.). Retrieved
from
http://www.constitution.org/ari/ethic_00.htm

Ascension Health. (2007). Healthcare
Ethics: Virtue ethics. Retrieved from
http://www.ascensionhealth.org/ethics/public/issues/virtue.asp

Beauchamp, T. L., & Childress, J. F.
(1977). Principles of biomedical ethics.
New York, NY: Oxford University
Press.

Beauchamp, T. L., & Childress, J. F.
(1994). Principles of biomedical ethics
(4th ed.). New York, NY: Oxford
University Press.

Benjamin, M., & Curtis, J. (1992). Ethics in
nursing (3rd ed.). New York, NY:
Oxford University Press.

Derse, A., & Miller, T. (2008). Net effect:
Professional and ethical challenges of

medicine online. Cambridge Quarterly
of Healthcare Ethics, 17(4), 453–464.
Retrieved from Health Module
(Document ID: 1540615461).

eHealth code. (n.d.). Retrieved from
http://www.ihealthcoalition.org/ehealth-
code

Englund, H., Chappy, S., Jambunathan,
J., & Gohdes, E. (2012,
November/December). Ethical
reasoning and online social media.
Nurse Educator, 37, 242–247.
http://dx.doi.org/10.1097/NNE.0b013e31826f2c04

Engster, D. (2004). Care ethics and
natural law theory: Toward an
institutional political theory of caring.
The Journal of Politics, 66(1), 113–
135.

Henderson, M., & Dahnke, M. (2015). The
ethical use of social media in nursing
practice. MEDSURG Nursing, 24(1),
62–64.

Howard, R. (Director). (1995). Apollo 13
[Motion picture]. Universal City, CA:
MCA Universal Studios.

Husted, G. L., & Husted, J. H. (1995).
Ethical decision-making in nursing
(2nd ed.). New York, NY: Mosby.

International Council of Nurses (ICN).
(2006). The ICN code of ethics for
nurses. Retrieved from
http://www.icn.ch/icncode.pdf

Johns Hopkins, Berman Institute of
Bioethics. (n.d.). A blueprint for 21st
century nursing ethics. Retrieved from
http://www.bioethicsinstitute.org/nursing-
ethics-summit-report/literature-
review

Jonsen, A. R. (1991). Casuistry as
methodology in clinical ethics.
Theoretical Medicine, 12, 295–307.

Lyons, R., & Reinisch, C. (2013). The
legal and ethical implications of social

media in the emergency department.
Advanced Emergency Nursing Journal,
35(1), 53–56.
http://dx.doi.org/10.1097/TME.0b013e31827a4926

Mack, J. (2000). Patient empowerment,
not economics, is driving e-health:
Privacy and ethics issues need
attention too! Frontiers of Health
Services Management, 17(1), 39–43;
discussion 49–51. Retrieved from
ABI/INFORM Global (Document ID:
59722384).

Makus, R. (2001). Ethics and Internet
healthcare: An ontological reflection.
Cambridge Quarterly of Healthcare
Ethics, 10(2), 127–136. Retrieved from
Health Module (Document ID:
1409693941).

Martin, P. A. (1999). Bioethics and the
whole: Pluralism, consensus, and the
transmutation of bioethical methods
into gold. Journal of Law, Medicine &
Ethics, 27(4), 316–327.

McGonigle, D. (2000). The ethical model
for ethical decision making. Inside
Case Management, 7(8), 1–5.

National Council of State Boards of
Nursing (NCSBN). (2011). White
paper: A nurse’s guide to the use of
social media. Retrieved from
https://www.ncsbn.org/Social_Media.pdf

Pellegrino, E. D. (1993). The
metamorphosis of medical ethics: A
thirty-year retrospective. Journal of the
American Medical Association, 269,
1158–1162.

Pellegrino, E., & Thomasma, D. (1993).
The virtues in medical practice. New
York, NY: Oxford University Press.

Resnik, D. (2001). Patient access to
medical information in the computer
age: Ethical concerns and issues.
Cambridge Quarterly of Healthcare
Ethics, 10(2), 147–154; discussion
154–156. Retrieved from Health
Module (Document ID: 1409693961).

Scott, A. (2002). Plato’s Meno. Retrieved
from
http://www.angelfire.com/md2/timewarp/plato.html

Spector, N., & Kappel, D. M. (2012).
Guidelines for using electronic and
social media: The regulatory
perspective. Online Journal of Nursing,
17(3). Retrieved from
http://www.nursingworld.org/MainMenuCategories/ANAMarketplace/ANAPeriodicals/OJIN/TableofContents/Vol-
17-2012/No3-Sept-2012/Guidelines-
for-Electronic-and-Social-Media.htm

Stern, J. (2013). Google Glass: What you
can and can’t do with Google’s
wearable computer. ABC News.
Retrieved from
http://abcnews.go.com/Technology/google-
glass-googles-wearable-
gadget/story?id=19091948

Swartz, M. K. (2011,
November/December). The potential
for social media. Journal of Pediatric
Health Care, 25, 345.

Symplur. (2016). Why the healthcare
Hashtag project? Retrieved from
http://www.symplur.com/healthcare-
hashtags

Velasquez, M., Andre, C., Shanks, T., &
Myer, M. (for the Markkula Center for
Applied Ethics). (1987). What is
ethics? Retrieved from
http://www.scu.edu/SCU/Centers/Ethics/practicing/decision/whatisethics.shtml

Zephoria. (2016). Top 20 valuable
Facebook statistics. Retrieved from
https://zephoria.com/top-15-
valuable-facebook-statistics

SECTION II: Perspectives
on Nursing Informatics

Chapter 6 History and Evolution of Nursing
Informatics

Chapter 7 Nursing Informatics as a Specialty

Chapter 8 Legislative Aspects of Nursing
Informatics: HITECH and HIPAA

Nursing informatics (NI) is the synthesis of nursing
science, information science, computer science, and
cognitive science for the purpose of managing and
enhancing healthcare data, information, knowledge,
and wisdom to improve patient care and the nursing
profession. In the Building Blocks of Nursing
Informatics section, the reader learned about the four
sciences of NI, also referred to as the four building
blocks, and the ethical application of these sciences to
manage patient information. Nursing knowledge
workers must be able to understand the evolving
specialty of NI to harness and use the tools available
for managing the vast amount of healthcare data and
information. It is essential that NI capabilities be
appreciated, promoted, expanded, and advanced to
facilitate the work of the nurse, improve patient care,
and enhance the nursing profession.

This section presents the perspectives of nursing
experts on NI. The History and Evolution of Nursing
Informatics chapter begins this exploration by providing
the historical development and evolution of NI. This
transitions into the Nursing Informatics as a Specialty
chapter, where the reader learns about NI roles,
competencies, and skills. The Legislative Aspects of
Nursing Informatics: HITECH and HIPAA chapter
considers the evolving NI needs of nurses and nurse
informaticists based on the current regulations
impacting the healthcare arena.

In the History and Evolution of Nursing Informatics
chapter, interrelationships among major NI concepts
are discussed. As data are transformed into
information and information into knowledge, increasing
complexity and interrelationships ensue. The
boundaries between concepts can become blurred,
and feedback loops from one concept level to another
evolve. Structured languages and human–computer
interaction concepts, which are critical elements for NI,
are noted in this chapter. Taxonomies and other current
structured languages for nursing are listed. Human–
computer interaction concepts are briefly defined and
discussed because they are critical to the success of
informatics solutions. Importantly, the construct of
decision making is added to the traditional nursing
metaparadigms: nurse, person, health, and
environment. Decision making is not only at the crux of
nursing practice in all settings and roles, but it is a

fundamental concern of NI. The work of nursing is
centered on the concepts of NI: data, information,
knowledge, and wisdom. Information technology (IT)
per se is not the focus; it is the information that the
technology conveys that is central. Moreover, NI is no
longer the domain of experts in the IT field. More
interestingly, one does not need technology to perform
informatics. The centerpiece of informatics is the
manipulation of data, information, and knowledge,
especially related to decision making in any aspect of
nursing or in any setting. In a way, nurses are all
already informatics nurses. Note that the core concepts
and competencies of informatics are particularly well
suited to a model of interprofessional education.
Ideally, when educational programs are emulating
clinical settings, informatics knowledge should be
integrated with the processes of interprofessional
teams and decision making. Because simulation
laboratories are becoming increasingly common
fixtures in the delivery of health-related professional
education, they provide a perfect opportunity to
incorporate the electronic health records applications.
The learning laboratory for nursing education will then
more closely approximate the IT-enabled clinical
settings that are emerging in the real world. A
presumption is often made that future graduates will be
more computer literate than nurses currently in
practice. Although this may be true, computer literacy
or comfort does not equate to an understanding of the
facilitative and transformative role of information

technology. It is essential that the future curricula of
basic nursing programs embed the concepts of the role
of IT in supporting clinical care delivery. The need for
standardizing nursing terminology is also discussed in
this chapter as a way to improve the clinical support
functions of the electronic health record. The
healthcare industry employs the largest number of
knowledge workers—a fact that has resulted in the
realization that healthcare administrators must begin to
change the way they look at their employees. Nurses
and physicians are bright, highly skilled, and dedicated
to giving the best patient care. Administrators who tap
into this wealth of knowledge find that patient care
becomes safer and more efficient.

The Nursing Informatics as a Specialty chapter
discusses NI as a relatively new nursing specialty that
combines the building block sciences covered earlier in
the text. Combining these sciences results in nurses
being able to care for their patients effectively and
safely because the information that they need is readily
available. Nurses have been actively involved in NI
since computers were introduced into health care. With
the advent of electronic health records, it became
apparent that nursing needed to develop its own
language for this evolving field. NI was instrumental in
assisting in nursing language development. NI is
governed by standards established by the American
Nurses Association and is a very diverse field, which
results in many nurse informaticist specialists

becoming focused on one segment of NI. Although NI
is a recognized specialty area of practice, in the future
all nurses will be expected to have some knowledge of
the field. NI competencies have been developed to
ensure that all entry-level nurses are ready to enter a
field that is becoming more technologically advanced.
The competencies may also be used to determine the
educational needs of currently practicing nurses as well
as Level 4 nurse informatics specialists. Nurse
informatics specialists no longer have to enter the field
solely through on-the-job exposure, but can now obtain
an advanced degree in NI at many well-established
universities throughout the United States. NI has grown
tremendously as a specialty since its inception and is
predicted to continue growing.

The Legislative Aspects of Nursing Informatics:
HITECH and HIPAA chapter provides insights into
HIPAA rules and an overview of the rules associated
with technology implementation as defined by the
HITECH Act. Equally important in informatics practice
is a thorough understanding of current legislation and
regulations that shape 21st century practice. The
information provided in this text reflects current rules
that were in effect at the time of publication. The reader
should follow the rules development and evolution of
informatics legislation at the U.S. Department of Health
and Human Services website (www.hhs.gov) to obtain
the most current information related to health
information management.

There is an emerging global focus on information
technology to support clinical care and on the potential
benefits for clinicians and patients. In the future, nurses
will likely have sufficient computing power at their
disposal to aggregate and transform additional
multidimensional data and information sources (e.g.,
historical, multisensory, experiential, genetic) into a
clinical information system to engage with individuals,
families, and groups in ways not yet imagined. Every
nurse’s practice will make contributions to new nursing
knowledge in these dynamically interactive clinical
information system environments. With the right tools
to support the management of data, complex
information processing, and ready access to
knowledge, the core concepts and competencies
associated with informatics will be embedded in the
practice of every nurse, whether administrator,
researcher, educator, or practitioner. Information
technology is not a panacea, but it provides the
profession with unprecedented capacity to generate
and disseminate new knowledge more rapidly.

The material within this text is placed within the context
of the Foundation of Knowledge model (Figure II-1) to
meet the needs of healthcare delivery systems,
organizations, patients, and nurses. Through
involvement in NI and learning about this evolving
specialty, one will be able to use the current theories,
architecture, and tools, while beginning to challenge

what is known. This questioning and search for what
could be will provide the basis for the future landscape
of nursing. By using the Foundation of Knowledge
model as an organizing framework for this text, the
authors have attempted to capture this process.

Figure II-1 Foundation of Knowledge Model

Designed by Alicia Mastrian.

In this section, the reader learns about NI. Those
readers who are beginning their education will
consciously focus on input and knowledge acquisition,
trying to glean as much information and knowledge as
possible. As these readers become more comfortable
in their clinical setting and with nursing science, they
will begin to take over some of the other knowledge

functions. Experienced nurses, also known as
“seasoned nurses,” question what is known and search
for ways to enhance their knowledge and the
knowledge of others. What is not available must be
created. It is through these leaders, researchers, or
clinicians that new knowledge is generated and
disseminated and nursing science is advanced.
Sometimes, however, to keep up with the explosion of
information in nursing and health care, one must
continue to rely on the knowledge generated and
disseminated by others. In this sense, nurses are
committed to lifelong learning and the use of
knowledge in the practice of nursing science. How
nurses interact within their environment and apply what
is learned depends on their placement in the
Foundation of Knowledge model.

Readers of this section are challenged to ask how they
can (1) apply knowledge gained from the practice
setting to benefit patients and enhance their practice,
(2) help colleagues and patients understand and use
current technology, and (3) use wisdom to help create
the theories, tools, and knowledge of the future.

CHAPTER 6: History and
Evolution of Nursing
Informatics

Kathleen Mastrian and Dee McGonigle

With contributions by Ramona Nelson, Nancy
Staggers, Lynn M. Nagle, and Nicholas Hardiker

Objectives
1. Trace the evolution of nursing informatics

from concept to specialty practice.
2. Relate nursing informatics

metastructures, concepts, and tools to
the knowledge work of nursing.

3. Explore the quest for consistent
terminology in nursing and describe
terminology approaches that accurately
capture and codify the contributions of
nursing to health care.

4. Explore the concept of nurses as
knowledge workers.

5. Explore how nurses can create and
derive clinical knowledge from
information systems.

Key Terms
» Accessibility

» Cognitive activity

» Data

» Data gatherer

» Enumerative approach

» Expert systems

» Industrial Age

» Information

» Information Age

» Information user

» International Classification of Nursing
Practice

» Knowledge

» Knowledge builder

» Knowledge user

» Knowledge worker

» Ontological approach

» Reusability

» Standardized Nursing Terminology

» Technologist

» Terminology

» Ubiquity

» Wisdom

Introduction
The information and knowledge informing the 21st
century of healthcare delivery have been growing at an
unprecedented pace in recent years. Clinical research
in particular has propelled the understanding of the
efficacy of various clinical practices, treatment
regimens, and interventions. Extended and expanded
access to clinical research findings and decision
support tools has been significantly influenced by the
advent of computerization and the Internet. Indeed, the
conduct of research itself has been accelerated by
virtue of ubiquitous computing. Working in
environments of increasingly complex clinical care and

contending with the management of large volumes of
data and information, all nurses need to avail
themselves of the technological tools that can support
quality practice that is optimally safe, informed, and
knowledge based. Although the increased deployment
of information technologies within healthcare settings
presumes that nurses and other health professionals
are proficient in the use of computing devices, the
processes and potential outcomes associated with
informatics are yet to be fully realized or understood.
Nurses need to participate in the creation of those
possibilities.

Health service organizations, societies, and
governments throughout the industrialized world are
committed to ensuring that healthcare delivery is safer,
knowledge based, cost effective, seamless, and timely.
Beyond these deliverables, there are expectations of
improved efficiency and quality and of the active
engagement of consumers in their care. In particular,
given the evolving emphasis on such issues as chronic
disease management and aging at home, informatics
tools need to include the use of technologies to
empower citizens to manage their own health and
wellness more effectively.

This chapter explores the history and evolution of
nursing informatics and defines and addresses the goal
of informatics as it relates to nursing practice. The
ways in which nursing informatics supports the creation

of a culture of knowledge-based nursing practice that is
enabled and advanced through the use of information
and communication technologies are described. The
chapter also addresses some of the challenges
associated with the attainment of this knowledge-based
culture, as well as the opportunities for nurses to create
and derive knowledge from emerging health
information technologies. Finally, the chapter provides
a contemplative view of the future for nurses and
informatics.

The Evolution of a Specialty
Nurses have historically gathered and recorded data,
albeit in a paper record. For example, nurses gather
atomic-level data (e.g., blood pressure, pulse, blood
glucose, pallor), aggregate data to derive information
(e.g., impending shock), and apply knowledge (e.g.,
lowering the head of the bed to minimize the potentially
deleterious effects of impending shock). Over the
years, these data have been recorded into individuals’
hard-copy health records, thereby chronicling findings,
actions, and outcomes; these data and information
were then forever lost unless manually extracted for
research purposes. As computers were introduced into
health care, and data and information were recorded
electronically, a nursing specialty was born.

Florence Nightingale has been credited as one of the
first statisticians to collect and use data to change the

way she cared for her patients. While serving in the
Crimean War, she began to gather data regarding the
conditions in which patients were living and the
diseases they contracted and from which they died.
These data were later used to improve patient
conditions at both city and military hospitals (O’Connor
& Robertson, 2003). There is no doubt that nursing
experiences build knowledge and skill in nursing
practice, but paper-based documentation has hindered
the ability to share knowledge and to aggregate
experiences to build new knowledge.

Nursing informatics pioneers recognized early on that
computers had the potential to fundamentally change
health care and they became actively involved in
shaping how computers were used in health care. For
more specific information on nursing informatics
pioneers, and to view video recordings of the
contributions of each in the nursing informatics history
project, please visit this website:
https://www.amia.org/working-groups/nursing-
informatics/history-project/video-library-1

According to Ozbolt and Saba (2008), one very early
pioneer, Harriet Werley, a nurse researcher at Walter
Reed Army Research Institute, consulted with IBM in
the late 1950s to explore computer use in health care.
Ms. Werley recognized the need for a minimum set of
data to be collected from every patient, so that
comparisons could be made, and thus set the stage for

the development of informatics. As computers became
more commonplace in the 1970s and 1980s, more
nurses became involved with developing approaches
to use computers in health care. It is important to note
that this was also the time that nurse leaders were
writing about the need for and developing
terminologies to represent patient data and nursing
contributions to health care, were beginning to conduct
informatics research, and were advocating for
informatics education in nursing curricula (Ozbolt &
Saba, 2008).

In 1989, Graves and Cocoran offered what is widely
viewed as the seminal definition of nursing informatics
(NI). They defined NI as: “a combination of computer
science, information science, and nursing science
designed to assist in the management and processing
of nursing data, information, and knowledge to support
the practice of nursing and the delivery of nursing care”
(p. 227). In this same article, acknowledging the 1986
work of Blum, Graves and Cocoran provided the
definitions and descriptions of the concepts of data
(discrete entities described objectively without
interpretation), information (data that are interpreted,
organized, or structured), and knowledge (information
that is synthesized so that relationships are identified
and formalized) as these terms apply to the science
and practice of NI. They also described what is meant
by management and processing. “The management
component of informatics is the functional ability to

collect, aggregate, organize, move, and re-present
information in an economical, efficient way that is
useful to the users of the system. . . . In practice,
processing is considered as a transformation of data or
information from one form to another form, usually at a
more complex state of organization or meaning. There
is a progression of transformation of data into
information and of information into knowledge” (p. 227).
We will return to a discussion of these concepts later in
the chapter. For now, we continue our exploration of
the evolution of informatics as a specialty.

In the 1990s, the American Medical Informatics
Association was founded with a nursing informatics
work group, the American Nurses Association (ANA)
recognized nursing informatics as a specialty, ANA
published two documents related to informatics
practice, and the first informatics certification was
established (Ozbolt & Saba, 2008). As nursing
informatics pioneers and emerging leaders continued
to champion the use of computers in health care, the
need for computer-friendly terminologies to represent
the work of nursing was increasingly apparent. Several
different terminology schemes were developed during
this time, and there were also international efforts at
developing a standardized nursing terminology to
capture and codify the contributions of nursing to
health care. At this same time, healthcare
organizations were beginning to implement electronic
information systems. There was little coordination of

these various efforts and approaches. As Ozbolt and
Saba (2008) explain, “Faced with the bewildering array
of choices and the licensing fees required for the use of
NANDA [North American Nursing Diagnosis
Association (as it was known until 2002)], NIC [Nursing
Interventions Classification], NOC [Nursing Outcomes
Classification], and SNOMED [Systematized
Nomenclature of Medicine], many health care
organizations adopting nursing information systems
opted to use their own or vendor-provided, non-
standard terms. This approach allowed entry of data
via familiar terms, but because the terms were not
consistent in definition or usage, investigators could not
retrieve meaningful data to analyze for quality
improvement or research” (p. 202). We will discuss this
issue in more detail later in the chapter.

President Bush’s call for electronic health records in
2004 further stimulated the development of nursing
informatics, informatics competency identification, and
informatics education reform, and spawned several
national and international informatics organizations.
“While nursing informatics leaders work to transform
nursing education and practice, nursing informatics
scientists are creating the knowledge and tools that will
enable the transformation. As research in nursing
terminology and knowledge representation moves from
creation to implementation and use, other domains of
research reflect the maturation of nursing informatics
as a science” (Ozbolt & Saba, 2008 p. 204). In this

profound statement, we see the clear connection
between nursing science and nursing informatics. That
is, knowledge creation in nursing is dependent on
knowledge representation in the information
management tools that are central to nursing
informatics. As the NI pioneers recognized these
important connections and synergies, both nursing as a
science and nursing informatics as a specialty evolved.
Indeed, the evolution is not complete, as you will
experience as you read the subsequent chapters in this
text.

As the NI specialty was evolving, informatics pioneers
and other nurse leaders collaborated on several ANA
publications. As mentioned previously, NI was
identified by the ANA as a specialty in 1992. In 1994,
the first formal document identifying the scope of
practice was published, followed by a separate
standards of practice document in 1995. In 2001, a
combined scope and standards document was
published by the ANA, followed by a more robust
scope and standards publication in 2008. Finally, in
2015 the ANA released the second edition of Nursing
Informatics: Scope and Standards of Practice.

What Is Nursing Informatics?
The ANA’s Nursing Informatics: Scope and Standards
of Practice (2015) offers the following definition of NI:

Nursing informatics (NI) is the specialty
that integrates nursing science with
multiple information and analytical
sciences to identify, define, manage, and
communicate data, information,
knowledge and wisdom in nursing
practice. NI supports nurses, consumers,
patients, the interprofessional healthcare
team, and all other stakeholders in their
decision-making in all roles and settings
to achieve desired outcomes. This
support is accomplished through the use
of information structures, information
processes, and information technology.
(p. 1–2)

The definition of nursing informatics has undergone
several revisions to arrive at this current form. The
1994 ANA definition of informatics indicated that
informatics was the integration of nursing science,
computer science, and information science, and that
nursing informatics supports practice, education,
research, and knowledge development (Murphy,
2010). The 2001 version incorporated mention of the
support of decision making by patients and providers
across all roles and settings and identified information
structures, processes, and IT (information technology)
as central to informatics (Murphy, 2010). An important
change in the 2008 definition of NI is the addition of

wisdom to the key concepts of the management of
data, information, and knowledge (Murphy, 2010).
Finally, in the 2015 version, we note that the sciences
are no longer limited to nursing science, information
science, and computer science. Cognitive science is
also a very important part of nursing informatics. Other
sciences that may contribute to NI include library
science and information management, mathematics,
archival science, and the science of terminologies and
taxonomies (ANA, 2015).

Let us reflect more carefully on the current definition of
NI by deconstructing each of the statements contained
in the ANA’s (2015) definition (statements from the
definition are italicized):

Nursing informatics (NI) is the specialty that
integrates nursing science with multiple information
and analytical sciences to identify, define, manage,
and communicate data, information, knowledge and
wisdom in nursing practice. As we established
previously, there are concepts drawn from several
sciences that are integrated to support and
contribute to NI. The contributions of these sciences
become apparent in the actions of NI: identify,
define, manage, and communicate. The last part of
this statement contains the critical central concepts
of NI: the data, information, knowledge, and wisdom
that are integral to our practice. We will explore

these central concepts in more detail in the next
section.
NI supports nurses, consumers, patients, the
interprofessional healthcare team, and all other
stakeholders in their decision-making in all roles
and settings to achieve desired outcomes. This
statement refers to the information technology (IT)
tools that support our practice and help us to
collaborate and communicate with other healthcare
professionals, as well as the evolving trends and
tools related to patient engagement in managing
their own health. All of these contribute to better
health outcomes. Examples of such tools are
electronic health records, bar-code medication
administration systems, clinical decision support
and other expert systems, patient monitoring
devices, and telehealth tools. These and other NI
tools are discussed in subsequent chapters.
This support is accomplished through the use of
information structures, information processes, and
information technology. This section of the definition
clearly identifies the need for information
technologies to provide structure to the data we
collect from our patients, and allow for processing
of data and information to create knowledge and
support wisdom in nursing practice. Think about the
fact that with the advent of clinical information
systems (CISs), specifically electronic
documentation and clinical decision support (CDS)
applications, every nurse has the capacity to

contribute to the advancement of nursing
knowledge on many levels. Imagine the use of IT
solutions to capture not only discrete, quantifiable
data, but also the nurse’s experiential and intuitive
personal knowledge not typically documented in
paper records. Further add to that mix the family
history, culture, environmental and social factors,
past experiences, and perspectives from patients
and families, and it becomes clear that the
possibilities for generating new understandings
within populations and across the life span and care
continuum are endless. Many of these technologies
are covered in subsequent chapters.

The DIKW Paradigm
The conceptual framework underpinning the science
and practice of NI centers on the core concepts of
data, information, knowledge, and wisdom, also known
as the DIKW paradigm. As an aside, it is important to
note that this paradigm is not exclusive to nursing, and
is in fact used by others who work with data and
information. When we assess a patient to determine
his or her nursing needs, we gather and then analyze
and interpret data to form a conclusion. This is the
essence of nursing science. Information is composed
of data that were processed using knowledge.
Knowledge is the awareness and understanding of a
set of information and ways that information can be
made useful to support a specific task or arrive at a

decision. When we apply previous knowledge to data,
we convert those data into information, and information
into new knowledge—that is, an understanding of
which interventions are appropriate in practice. Thus
information is data made functional through the
application of knowledge. Wisdom is the appropriate
application of knowledge to a specific situation. In the
practice of nursing science, one expects actions to be
ultimately directed by wisdom. Wisdom uses
knowledge and experience to heighten common sense
and insight to exercise sound judgment in practical
matters.

Drawing on the work of Matney, Brewster, Sward,
Cloyes, and Staggers (2011), Topaz (2013) provided
these expanded definitions and examples of the DIKW
paradigm:

Data: The smallest components of the DIKW
framework. They are commonly presented as
discrete facts; product of observation with little
interpretation (Matney et al., 2011). These are the
discrete factors describing the patient or his/her
environment. Examples include patient’s medical
diagnosis (e.g. International Statistical Classification
of Diseases [ICD-9] diagnosis #428.0: Congestive
heart failure, unspecified) or living status (e.g., living
alone, living with family, living in a retirement
community, etc.). A single piece of data, known as
datum, often has little meaning in isolation.

Information: Might be thought of as “data +
meaning” (Matney et al., 2011). Information is often
constructed by combining different data points into
a meaningful picture, given certain context.
Information is a continuum of progressively
developing and clustered data; it answers questions
such as “who,” “what,” “where,” and “when.” For
example, a combination of patient’s ICD-9
diagnosis #428.0 “Congestive heart failure,
unspecified” and living status “living alone” has a
certain meaning in a context of an older adult.
Knowledge: Information that has been synthesized
so that relations and interactions are defined and
formalized; it is a build of meaningful information
constructed of discrete data points (Matney et al.,
2011). Knowledge is often affected by assumptions
and central theories of a scientific discipline and is
derived by discovering patterns of relationships
between different clusters of information.
Knowledge answers questions of “why” or “how.”
For healthcare professionals, the combination of
different information clusters, such as the ICD-9
diagnosis #428.0 “Congestive heart failure,
unspecified” + living status “living alone” with an
additional information that an older man (78 years
old) was just discharged from hospital to home with
a complicated new medication regimen (e.g., blood
thinners) might indicate that this person is at a high
risk for drug-related adverse effects (e.g., bleeding).
Wisdom: An appropriate use of knowledge to

manage and solve human problems (ANA, 2008;
Matney et al., 2011). Wisdom implies a form of
ethics, or knowing why certain things or procedures
should or should not be implemented in healthcare
practice. In nursing, wisdom guides the nurse in
recognizing the situation at hand based on patients’
values, nurse’s experience, and healthcare
knowledge. Combining all these components, the
nurse decides on a nursing intervention or action.
Benner (2000) presents wisdom as a clinical
judgment integrating intuition, emotions, and the
senses; using the previous examples, wisdom will
be displayed when the homecare nurse will
consider prioritizing the elderly heart failure patient
using blood thinners for an immediate intervention,
such as a first nursing visit within the first hours of
discharge from hospital to assure appropriate use
of medications (para. 2).

Reflect on the examples given by Topaz and create
your own application example the DIKW scenario.

In the 2015 Nursing Informatics: Scope and Standards
of Practice, Ramona Nelson offers a graphic depiction
of the DIKW paradigm in NI and how it relates to the
evolution of information systems, decision support
systems, and expert systems to support clinical
practice. Her model indicates that as one moves from
data to information to knowledge to wisdom, there is
increasing complexity (shown as the X-axis) and

increasing interactions and relationships (shown as the
Y-axis). Information systems are shown at the
intersection of data and information, decision support
systems are depicted at the intersection of information
and knowledge and expert systems, the most complex
of the systems, reside at the intersection of knowledge
and wisdom (Figure 6-1). The development of
informatics tools to support nursing practice will
continue to evolve as we develop more and better
understanding of these complex relationships. “The
addition of wisdom raises new and important research
questions, challenging the profession to develop tools
and processes for classifying, measuring, and
encoding wisdom as it relates to nursing and
informatics education. Research in these directions will
help clarify the relationship between wisdom and the
intuitive thinking of expert nurses. Such research will
be invaluable in building information systems to better
support healthcare practitioners in decision-making”
(ANA, 2015, p.6).

Figure 6-1 The Relationship of Data, Information,
Knowledge, and Wisdom

Copyright Ramona Nelson. Used with the permission of Ramona Nelson,

President, Ramona Nelson Consulting at [email protected]

All rights reserved.

Central to the development of robust expert systems is
the agreement on and use of standard terminologies
that accurately codify and capture the nature of nursing
in these electronic systems. Consider that physician
contributions to the health of a patient have been
codified for some time, i.e., ICD-10. What if we were
able to code and thus capture nursing contributions in
a similar way? This would help to highlight the specific
nursing contributions to patient outcomes.

Capturing and Codifying the
Work of Nursing
There are major efforts under way—internationally
through the International Council of Nurses’ (2013)
International Classification of Nursing Practice
(ICNP) and in many other initiatives among and within
countries—in which nurses are attempting to
standardize the language of nursing practice (Hannah,
White, Nagle, & Pringle, 2009). These efforts are
particularly important in the face of the development of
EHRs and HIE (health information exchanges)
stimulated by the HITECH Act of 2009. The capacity to
encourage and enforce consistent nomenclatures that
reflect the practice of nurses is now possible.
Standardized language gives both the nursing
profession and healthcare delivery systems the
capability to capture, codify, retrieve, and analyze the
impact of nursing care on client outcomes. For
example, with the use and documentation of
standardized client assessments, including risk
measures, interventions based on best practices, and
consistently measured outcomes within different care
settings and across the continuum of care, there will be
an ability to demonstrate more clearly the contributions
and impact of nursing care through the analysis of EHR
outputs. Additionally, clinical outcomes can be further
understood in the context of care environments,
particularly implications related to the availability of

human and material resources to support care delivery.
The standardization of clinical inputs and outputs into
EHRs will eventually provide a rich knowledge base
from which practice and research can be enhanced,
and will inform better administrative and policy
decisions (Nagle, White, & Pringle, 2010). Rutherford
(2008) echoed these same sentiments:

A standardized nursing language should
be defined so that nursing care can be
communicated accurately among nurses
and other health care providers. Once
standardized, a term can be measured
and coded. Measurement of the nursing
care through a standardized vocabulary
by way of an ED [electronic
documentation] will lead to the
development of large databases. From
these databases, evidence-based
standards can be developed to validate
the contribution of nurses to patient
outcomes. (para. 5)

Thede and Schwiran (2011) identified the benefits of
using standardized terminology as (1) better
communication among nurse and other healthcare
providers, (2) increased visibility of nursing
interventions, (3) improved patient care, (4) enhanced
data collection to evaluate nursing care outcomes, (5)

greater adherence to standards of care, and (6)
facilitation of assessment of nursing competency (para.
2).

Think about this. Some EHRs measure height in feet
and inches, others in centimeters. Weight may be
measured in pounds or kilograms. If we want to
compare patient data from multiple EHRs in several
different healthcare institutions to develop a model to
predict the onset of Type II diabetes, these disparate
measures will not translate well. Some EHRs force
data collection into coded database fields, and these
data are more easily analyzed for trends than that
same data recorded as free text. Clinicians used to
recording data (charting) as text may resist the use of
the coded data fields typically presented as dropdown
menus in the EHR. As Skrocki (2013) pointed out,
“Data interoperability is hindered when clinicians utilize
free text documentation. Although text data can be
searched with a specific word or word phases, it does
not allow for optimal data sharing. When an
organization transfers data to another organization,
standardized codified data allows for better data
interpretation” (p. 77).

Although significant progress has been made in this
standardization work, it is still evolving. Box 6-1
discusses standardizing terminologies in nursing; it
was contributed by Nicholas Hardiker (2011), a leader
in the development of standardized languages that

support clinical applications of information and
communication technology.

BOX 6-1 THE NEED FOR

STANDARDIZED TERMINOLOGIES TO

SUPPORT NURSING PRACTICE

Nicholas Hardiker

Agreement on the consistent use of a term, such
as “impaired physical mobility,” allows that term
to be used for a number of purposes: to provide
continuity of care from care provider to care
provider, to ensure care quality by facilitating
comparisons between care providers, or to
identify trends through data aggregation. Since
the early 1970s, there has been a concerted
effort to promote consistency in nursing
terminology. This work continues today, driven
by the following increasing demands placed on
health-related information and knowledge:

Accessibility: It should be easy to access
the information and knowledge needed to
deliver care or manage a health service.
Ubiquity: With changing models of
healthcare delivery, information and
knowledge should be available anywhere.
Longevity: Information should be usable
beyond the immediate clinical encounter.

Reusability: Information should be useful for
a range of purposes.

Without consistent terminology, nursing runs the
risk of becoming invisible; it will remain difficult
to quantify nursing, the unique contribution and
impact of nursing will go unrecognized, and the
nursing component of electronic health record
systems will remain at best rudimentary. Not
least, without consistent terminology, the nursing
knowledge base will suffer in terms of
development and in terms of access, thereby
delaying the integration of evidence-based
health care into nursing practice.

External pressures merely compound this
problem. For example, in the United States, the
Health Information Technology for Economic
and Clinical Health (HITECH) Act, signed in
January 2009, provides a financial incentive for
the use of electronic health records; similar
steps are being taken in other regions. The
HITECH Act mandates that EHRs are used in a
meaningful way; achieving this goal will be
problematic without consistent terminology.
Finally, the current and future landscape of
information and communication technologies
(e.g., connection anywhere, borderless
communication, Web-based applications,
collaborative working, disintermediation and

reintermediation, consumerization, ubiquitous
advanced digital content [van Eecke, da
Fonseca Pinto, & Egyedi, 2007]) and their
inevitable infiltration into health care will only
serve to reinforce the need for consistent
nursing terminology while providing an
additional sense of urgency.

This box explains what is meant by a
standardized nursing terminology and lists
several examples. It describes in detail the
different approaches taken in the development
of two example terminologies. It presents, in the
form of an international technical standard, a
means of ensuring consistency among the
plethora of contemporary standardized nursing
terminologies, with a view toward harmonization
and possible convergence. Finally, it provides a
rationale for the shared development of models
of terminology use—models that embody both
clinical and pragmatic knowledge to ensure that
contemporary nursing record systems reflect the
best available evidence and fit comfortably with
routine practice.

STANDARDIZED NURSING
TERMINOLOGIES
A term at its simplest level is a word or phrase
used to describe something concrete (e.g., leg)

or abstract (e.g., plan). A nursing terminology is
a body of the terms used in nursing. Many
nursing terminologies exist, both formal and
informal. Nursing terminologies allow nurses to
consistently capture, represent, access, and
communicate nursing data, information, and
knowledge. A standardized nursing
terminology is a nursing terminology that is in
some way approved by an appropriate authority
(de jure standardization) or by general consent
(de facto standardization).

In North America, one such authority is the ANA
(2007), which operates a process of de jure
standardization through its Committee for
Nursing Practice Information Infrastructure
(CNPII). The ANA-approved list of nursing
languages is presented in Box 6-2.

CNPII has also recognized two data element
sets: the Nursing Minimum Data Set (NMDS)
and the Nursing Management Minimum Data
Set (NMMDS). Work on a standardized data
element set for nursing, which in the United
States began in the 1980s with the NMDS
(Werley & Lang, 1988), provided an additional
catalyst for the development of many of the
aforementioned nursing terminologies that could
provide values (e.g., chronic pain) for particular
data elements in the NMDS (e.g., nursing
diagnosis). The data element sets provide a

framework for the uniform collection and
management of nursing data; the use of a
standardized nursing terminology to represent
those data serves further to enhance
consistency.

APPROACHES TO NURSING
TERMINOLOGY
From relatively humble beginnings, nursing
terminologies have evolved significantly over the
past several decades in line with best practices
in terminology work. The enumerative
approach consists of simple lists of words or
phrases represented in a list or a simple
hierarchy. In the nursing diagnosis terminology
system of the North American Nursing
Diagnosis Association (NANDA), a nursing
diagnosis has an associated name or label and
a textual definition (NANDA International, 2008).
Each nursing diagnosis may have a set of
defining characteristics and related or risk
factors. These additional features do not
constitute part of the core terminology but
instead are intended to be used as an aid to
diagnosis. What an enumerative approach to
standardizing terminology may lack in terms of
hierarchical sophistication, it makes up for in

terms of simplicity and potential ease of
implementation and use.

In contrast, the ontological approach is
compositional in nature and provides a partial
representation of the entities within a domain
and the relationships that hold between them.
The evolution of this approach to terminology
standardization has been facilitated by
advances in knowledge representation (e.g., the
refinement of the description logic that
underpins many contemporary ontologies) and
in their accompanying technologies (e.g.,
automated reasoners that can check
consistency and identify equivalence) as well as
the subsumption (i.e., subclass–superclass)
relationships within those ontologies.

ICNP version 2 is an example of an ontology.
ICNP is described as a unified nursing language
system. It seeks to provide a resource that can
be used to develop local terminologies and to
facilitate cross-mapping between terminologies
to compare and combine data from different
sources; the existence of a number of
overlapping but inconsistent standardized
nursing terminologies is problematic in terms of
data comparison and aggregation. The core of
ICNP is represented in the Web ontology
language (OWL), a recommendation of the
World Wide Web Consortium (W3C), and a de

facto standard language for representing
ontologies (McGuiness & van Harmelen, 2004).
Because it is underpinned by description logic,
OWL permits the use of automated reasoners
that can check consistency, identify equivalence,
and support classification within the ICNP
ontology.

The results of contemporary terminology work
are encouraging. Nevertheless, further work is
needed to harmonize standardized nursing
terminologies and to scale up and mainstream
the development and implementation of models
of terminology use.

In an ideal world, one would see standardized
nursing terminologies and the structures and
systems that support their implementation and
use merely as means to an end—that is, as
tools to support good nursing practice and good
patient care. Standardized nursing terminologies
are important, but they do not obviate the need
to think and work creatively, to do right by the
people in our care, and to continue to advance
nursing.

REFERENCES

American Nurses Association
(ANA). (2007). Nursing practice
information infrastructure.
Retrieved from

http://www.nursingworld.org/MainMenuCategories/Policy-
Advocacy/Positions-and-
Resolutions/ANAPositionStatements/Position-
Statements-
Alphabetically/PrivacyandConfidentiality.html

McGuiness, D. L., & van Harmelen,
F. (Eds.). (2004). OWL Web
ontology language overview.
World Wide Web Consortium.
Retrieved from
http://www.w3.org/TR/owl-
features

NANDA International. (2008).
Nursing diagnoses: Definitions
and classification 2009–2011
edition. Indianapolis, IN: Wiley-
Blackwell.

van Eecke, P., da Fonseca Pinto, P.,
& Egyedi, T., for the European
Commission. (2007). EU study
on the specific policy needs for
ICT standardisation [Final
report]. Retrieved from
http://ec.europa.eu/idabc/en/document/7040/254.html

Werley, H. H., & Lang, N. M. (Eds.).
(1988). Identification of the
Nursing Minimum Data Set. New
York, NY: Springer.

BOX 6-2 ANA-RECOGNIZED

TERMINOLOGIES THAT SUPPORT

NURSING PRACTICE (AUGUST 2012)

1. NANDA: Nursing Diagnoses, Definitions,
and Classification, 1992; website:
www.nanda.org

2. Nursing Interventions Classification
System (NIC), 1992; website:
nursing.uiowa.edu/cncce/nursing-
interventions-classification-overview

3. Clinical Care Classification (CCC), 1992;
formerly Home Health Care Classification
(HHCC); website: www.sabacare.com

4. Omaha System, 1992; website:
www.omahasystem.org

5. Nursing Outcomes Classification (NOC),
1997; Sue Moorehead, PhD, RN, Center
Director; website:

nursing.uiowa.edu/cncce/nursing-
outcomes-classification-overview

6. Nursing Management Minimum Data Set
(NMMDS), 1998; website:
www.nursing.umn.edu/sites/nursing.umn.edu/files/nmds-
monograph.pdf

7. PeriOperative Nursing Data Set (PNDS),
1999; website: www.aorn.org

8. SNOMED CT, 1999; website:
www.ihtsdo.org/snomed-ct

9. Nursing Minimum Data Set (NMDS),
1999; website:
www.nursing.umn.edu/sites/nursing.umn.edu/files/usa-
nmds.pdf

10. International Classification for Nursing
Practice (ICNP), 2000; website:
www.icn.ch/icnp.htm

11. ABC Codes, 2000; website:
www.abccodes.com

12. Logical Observation Identifiers Names
and Codes (LOINC), 2002; website:
www.loinc.org

At least two decades of work has been directed toward
articulating standardized data elements that reflect
nursing practice. The nursing profession has been
steadily moving toward consensus on the adoption of
data standards. In fact, several “consensus
conferences” have been hosted in recent years by the

University of Minnesota, with the goal of developing “a
national action plan and harmonize existing and new
efforts of multiple individuals and organizations to
expedite integration of standardized nursing data within
EHRs and ensure their availability in clinical data
repositories for secondary use” (Westra et al., 2015
para. 3). Consider that as clinical information systems
are widely implemented, as standards for nursing
documentation and reporting are adopted, and as
healthcare IT solutions continue to evolve, the
synthesis of findings from a variety of methods and
worldviews becomes much more feasible. As we move
toward a standard terminology to capture the work of
nursing, we also will have the ability to mine electronic
record data to tease out best practices and promote
care improvements. Information technology is not a
panacea for all of the challenges found in health care,
but it will provide the nursing profession with an
unprecedented capacity to generate and disseminate
new knowledge at rapid speed, thus supporting the
knowledge work of nursing.

The Nurse as a Knowledge
Worker
As we have already established, all nurses use data
and information. This information is then converted to
knowledge. The nurse then acts on this knowledge by
initiating a plan of care, updating an existing one, or

maintaining status quo. Does this use of knowledge
make the nurse a knowledge worker?

The term knowledge worker was first coined by Peter
Drucker in his 1959 book, Landmarks of Tomorrow
(Drucker, 1994). Knowledge work is defined as
nonrepetitive, nonroutine work that entails a significant
amount of cognitive activity (Sorrells-Jones &
Weaver, 1999a). Drucker (1994) describes a
knowledge worker as one who has advanced formal
education and is able to apply theoretical and analytical
knowledge. According to Drucker, the knowledge
worker must be a continuous learner and a specialist in
a field. McCormick (2009) estimates that a knowledge
worker spends at least 50% of his or her work time
searching for and evaluating information.

According to Androwich (2010), it is important to
understand that there is a dual role for accessing and
using information (content) in health care. In the first
instance, when the nurse is caring for an individual
patient, evidence-based information (content) and
patient data need to be available at the point of care to
inform the present patient encounter. In the second
instance, patient data that are entered by the nurse in
the process of documentation need to be entered in
such a manner that they are able to be aggregated to
inform future patient encounters.

The world is transitioning from the Industrial Age to

the Information Age (Snyder-Halpern, Corcoran-
Perry, & Narayan, 2001; Sorrells-Jones & Weaver,
1999a). In the early 1900s, the workforce consisted
predominantly of farmers. After World War I, the
workforce began to become predominantly industrial.
This transition occurred when many farmers and
domestic help moved to the cities to take jobs at
factories. Today, the industrial worker is slowly being
replaced by the technologist (Drucker, 1994); the
technologist is adept at using both mind and hand.
Many industrial workers are finding it increasingly more
difficult to obtain jobs because they do not have the
educational base or mindset required of knowledge
workers (Drucker, 1994). The technologist is no longer
trained on the job, as industrial workers traditionally
were, which can cause significant problems for the
industrial worker who does not have the education
required to transition to a knowledge worker position
(Drucker, 1994; Sorrells-Jones & Weaver, 1999a).

Knowledge workers are innovators, and the work they
produce is the foundation for organizational
sustainability and growth. Knowledge workers are
specialized, have advanced education, and typically
have a high degree of autonomy and control over their
own work environments (Davenport, Thomas, &
Cantrell, 2002; Sorrells-Jones & Weaver, 1999a).
Such individuals are most efficient when they are
working in a multidisciplinary team. These teams are
typically composed of members with complementary

knowledge bases. The team members possess
problem-solving and decision-making skills and
advanced interpersonal skills. All members of the team
are considered equal and are there to contribute their
expertise. Leadership shifts and changes as the team
tackles different parts of the project, with the topic
expert taking the lead. A well-functioning team can
consistently outperform an individual (Sorrells-Jones
& Weaver, 1999b). Many of these teams become
focused and passionate about the project on which
they are working.

A key impediment to team effectiveness is a lack of
understanding among team members and a lack of
respect for one another’s knowledge and experience
(Sorrells-Jones & Weaver, 1999a). Another barrier to
efficiency within the multidisciplinary team is the
individual knowledge worker who does not want to give
up his or her own identity even though he or she may
be swayed by other professional opinions.
Professionals have a more difficult time adjusting to
working in a team than do nonprofessionals.
Professionals fail very few times in their lives, which
often results in their not being able to learn from their
failures (Sorrells-Jones & Weaver, 1999b).
Knowledge workers also tend to be resistant to
change, and as a result they dig in their heels and
refuse to adapt to changes that management has
implemented to improve the work process or workflow
(Davenport et al., 2002).

Companies that employ knowledge workers have been
forced to change their management structures to better
support these employees. Management no longer
commands, but rather seeks to inspire workers to
produce the best product (Drucker, 1992). Companies
that rely on knowledge workers have come to the
realization that the machines are unproductive without
the knowledge of those workers. Loyalty is no longer
purchased with a paycheck but is earned by giving
knowledge workers the ability to use their knowledge
effectively and innovatively (Drucker, 1992). In turn,
the physical environment and workplace arrangements
have been adjusted to maximize the workflow of the
knowledge workers (Davenport et al., 2002). Many of
these changes have occurred in the business world but
have been slow to be adopted in health care.

Right now, health care is in the process of transitioning
from the Industrial Age to the Information Age. This
transition has proved challenging because of the
success of healthcare institutions that have enjoyed
using current management methods. Its history of
success will make it difficult for the healthcare industry
to abandon the old so as to learn the new. A new
philosophy recognizing that employees are mature,
self-reliant, independent-thinking adults who function
as partners in carrying out the work of the organization
is needed. The organization needs to view (knowledge
worker) employees as an asset and supply the

resources, tools, information, and power they need to
self-manage their work. Innovation needs to be
supported, especially when it meets the customers’
needs, desires, and wishes (Weaver & Sorrells-
Jones, 1999).

Nursing entails a significant amount of knowledge and
nonknowledge work. Knowledge work includes such
duties as interpreting trends in laboratories and
symptoms. Nonknowledge work includes such tasks as
calling the laboratory to check on laboratory results or
making beds. Nurses, on a daily basis, rely on their
extensive clinical information and specialized
knowledge to implement and evaluate the processes
and outcomes related to patient care (Snyder-Halpern
et al., 2001).

Snyder-Halpern and colleagues (2001) have identified
four tasks associated with human information
processing: (1) data gathering, (2) information use, (3)
creative application of knowledge to clinical practice,
and (4) generation of new knowledge. These four tasks
are associated with four roles that nursing takes on as
a knowledge worker: data gatherer, information user,
knowledge user, and knowledge builder,
respectively.

Nurses are data gatherers by nature. They collect and
record objective clinical data on a daily basis. These
items include such things as patient history information,

vital signs, and patient assessment data. Nurses as
data gatherers transition to information users when
they begin to interpret the data that they have collected
and recorded. Nurses as information users then
structure the clinical data into information that can be
used to guide patient care decisions (Snyder-Halpern
et al., 2001). An example of this is when the nurse
notices that the patient’s blood pressure is elevated.
Information users transition to knowledge users when
they begin to notice trends in a patient’s clinical data
and determine whether the clinical data fall within or
outside of the normal data range. Nurses transition
from knowledge users to knowledge builders when
they examine clinical data and trends across groups of
patients. These trends are interpreted and compared to
current scientific data to determine whether these data
would improve the nursing knowledge domain. An
example of the transition of a nurse as knowledge user
to a nurse as knowledge builder is an observation of
medication compliance rates over a specified time
period for patients diagnosed with chronic high blood
pressure, with the nurse then comparing these rates to
evidence-based literature to determine if this
information improves the nursing knowledge base
(Snyder-Halpern et al., 2001).

Snyder-Halpern and colleagues (2001) found that as
nurses assumed each of these roles, they required
different types of decision support processes to support
their knowledge needs. The data gatherer requires a

system that captures and stores data accurately and
reliably and allows the data to be readily accessed.
Most current healthcare decision support systems
(DSSs) support the nurse in this role. The information
user role requires a system that can transform clinical
data into a format that allows for easy recognition of
patterns and trends. These systems recognize the
trend and display it for the nurse, who in turn uses this
information to adjust the plan of care for the patient.
The information user role is generally well supported by
current DSSs. The knowledge user role is the least
supported role, and many systems are currently
looking at ways to support nurses in this role. One
advantage of these DSSs is their ability to bring
knowledge to nurses so that they do not have to
retrieve the information themselves, which allows them
to adjust a patient’s plan of care in a more efficient and
timely manner. The knowledge builder role is typically
seen in conjunction with the nurse researcher role and
quality management roles. These roles typically look at
aggregated data that have been captured over time
and from numerous patients, with these data then
being compared to clinical variables and interventions;
this analysis results in the development of new domain
knowledge (Snyder-Halpern et al., 2001).

Most of the available DSS tools for nursing practice,
although promising, are simplistic and in early
development. Typically, DSS includes such tools as (1)
computerized alerts and reminders (e.g., medication

due, patient has an allergy, potassium level abnormal),
(2) clinical guidelines (e.g., best practice for prevention
of skin breakdown), (3) online information retrieval
(e.g., CINAHL, drug information), (4) clinical order sets
and protocols, and (5) online access to organizational
policies and procedures. In the future, these tools may
be expanded to include applications with embedded
case-based reasoning.

In the context of nursing practice supported by CISs,
nurses will eventually have access to evidence and
knowledge derived from large aggregates of clinical
data, including nursing interventions and resultant
outcomes. Experiential evidence provides practice
guidelines and directives to ensure concurrence with
optimal clinical decisions and actions. To illustrate,
consider this example: A nurse assesses a patient who
has experienced a stroke for signs of skin breakdown,
photographs and documents early ulcerations, and
submits the photos and documentation to CIS. The
nurse receives an option to review the best practices
for care of the patient and to submit a request for a
consult to a wound management specialist. The
ongoing clinical findings, treatment, and response are
logged and aggregated with similar cases, thereby
contributing to the knowledge base related to nursing
and care of the integumentary system.

The informational elements of CISs can also be
designed to include specifics about individuals’

multicultural practices and beliefs. Consider the
situation where a client voices concerns about her
prescribed dietary treatment and expresses a
preference for a female care provider. With a query to
the CIS for the client’s history and sociocultural
background, the nurse obtains explanations for these
requests that derive from the patient’s religious and
cultural background and makes a notation to highlight
and carry this information forward in the electronic
record for any future admissions. Future systems may
also be designed to provide access to standards of
ethical practice and online access to experts in the field
of moral reasoning to guide clinical interactions and
decision making.

Through each and every instance of interacting with
the CIS, nurses add to these repositories of knowledge
by chronicling their daily clinical challenges and
queries. The continued expansion and aggregation of
knowledge about clients and populations; their
personal, cultural, physical, and clinical presentations;
and individuals’ experiences and the guidance received
from others enhance the delivery of personalized,
knowledge-based care.

Graves and Corcoran (1989) have suggested that
nursing knowledge is “simultaneously the laws and
relationships that exist between the elements that
describe the phenomena of concern in nursing (factual
knowledge) and the laws or rules that the nurse uses to

combine the facts to make clinical nursing decisions”
(p. 230). In their view, not only does knowledge support
decision making, but it also leads to new discoveries.
Thus one might think about the future creation of
nursing knowledge as being the discovery of new laws
and relationships that can continue to advance nursing
practice.

New technologies have made the capture of
multifaceted data and information possible through the
use of such technologies as digital imaging (e.g.,
photography to support wound management). Now
included as part of the clinical record, such images add
a new dimension to the assessment, monitoring, and
treatment of illness and the maintenance of wellness.
Beyond the use of computer keyboards, input devices
are being integrated with CISs and used to gather data
and information for the following clinical and
administrative purposes:

Biometrics (e.g., facial recognition, security)
Voice and video recordings (e.g., client interviews
and observations, diagnostic procedures,
ultrasounds)
Voice-to-text files (e.g., voice recognition for
documentation)
Medical devices, (e.g., infusion pumps, ventilators,
hemodynamic monitors)
Bar-code and radio-frequency identification (RFID)
technologies (e.g., medication administration)

Telehomecare monitoring (e.g., for use in diabetes
and other chronic disease management)

These are but a few of the emerging capabilities that
allow for numerous data inputs to be transposed,
combined, analyzed, and displayed to provide
information and views of clinical situations currently not
possible in a world dominated by hard-copy
documentation. Through the application of information
and communication technologies to support the
capture and processing (i.e., interpretation,
organization, and structuring) of all relevant clinical
data, relationships can be identified and formalized into
new knowledge. This transformational process is at the
core of generating new nursing knowledge at a rate
never experienced before; in the context of current
research paradigms, the same relationships would
likely take years to uncover.

As CISs advance, nurses will eventually become
generators of new knowledge by virtue of designs that
embed machine learning and case-based reasoning
methods within their core functionality. This
functionality will become possible only with national
and international adoption of standardized nursing
language, as previously described. Imagine the power
of having access to systems that aggregate the same
data elements and information garnered from multiple
clinical situations and provide a probability estimate of
the likely outcome for individuals of a certain age, with

a specific diagnosis and comorbid conditions,
medication profile, symptoms, and interventions. How
much more rapidly would an understanding of the
efficacy of clinical interventions be elucidated?
Historically, some knowledge might have taken years
of research to discover (e.g., that long-standing
practices are sometimes more harmful than beneficial).
A case in point is the long-standing practice of instilling
endotracheal tubes with normal saline before
suctioning (O’Neal, Grap, Thompson, & Dudley,
2001). Based on the evidence gathered through
several studies, the potentially deleterious effects of
this practice have become widely recognized.
Conceivably, a meta-analysis approach to clinical
studies will be expedited by convergence of large
clinical data repositories across care settings, thereby
making available to practitioners the collective
contributions of health professionals and longitudinal
outcomes for individuals, families, and populations.

Nurses need to be engaged in the design of CIS tools
that support access to and the generation of nursing
knowledge. As we have emphasized, the adoption of
clinical data standards is of particular importance to the
future design of CIS tools. We are also beginning to
see the development and use of expert systems that
implement knowledge automatically without human
intervention. For example, an insulin pump that senses
the patient’s blood glucose level and administers
insulin based on those data is a form of expert system.

The expert system differs from decision support tools in
that the decision support tools require the human to act
on the information provided, whereas the expert
system intervenes automatically based on an algorithm
that directs the intervention. Consider that as CISs are
widely implemented, as standards for nursing
documentation and reporting are adopted, and as
healthcare IT solutions continue to evolve, the
synthesis of findings from a variety of methods and
worldviews becomes much more feasible.

The Future
The future landscape is yet to be fully understood, as
technology continues to evolve with a rapidity and
unfolding that is rich with promise and potential peril.
Box 6-3 helps us to imagine what future practice might
entail. It is anticipated that computing power will be
capable of aggregating and transforming additional
multidimensional data and information sources (e.g.,
historical, multisensory, experiential, and genetic
sources) into CIS. With the availability of such rich
repositories, further opportunities will open up to
enhance the training of health professionals, advance
the design and application of CDSs, deliver care that is
informed by the most current evidence, and engage
with individuals and families in ways yet unimagined.

BOX 6-3 CASE STUDY: CASTING TO

THE FUTURE

In the year 2025, nursing practice enabled by
technology has created a professional culture of
reflection, critical inquiry, and interprofessional
collaboration. Nurses use technology at the
point of care in all clinical settings (e.g., primary
care, acute care, community, and long-term
care) to inform their clinical decisions and effect
the best possible outcomes for their clients.
Information is gathered and retrieved via
human–technology biometric interfaces
including voice, visual, sensory, gustatory, and
auditory interfaces, which continuously monitor
physiologic parameters for potentially harmful
imbalances. Longitudinal records are maintained
for all citizens from their initial prenatal
assessment to death; all lifelong records are
aggregated into the knowledge bases of expert
systems. These systems provide the basis of
the artificial intelligence being embedded in
emerging technologies. Smart technologies and
invisible computing are ubiquitous in all sectors
where care is delivered. Clients and families are
empowered to review and contribute actively to
their record of health and wellness. Invasive
diagnostic techniques are obsolete,
nanotechnology therapeutics are the norm, and
robotics supplement or replace much of the
traditional work of all health professions. Nurses

provide expertise to citizens to help them
effectively manage their health and wellness life
plans, and navigate access to appropriate
information and services.

The basic education of all health professions will
evolve over the next decade to incorporate core
informatics competencies. In general, the clinical care
environments will be connected, and information will be
integrated across disciplines to the benefit of care
providers and citizens alike. The future of health care
will be highly dependent on the use of CISs and CDSs
to achieve the global aspiration of safer, quality care for
all citizens.

The ideal is a nursing practice that has wholly
integrated informatics and nursing education and that
is driven by the use of information and knowledge from
a myriad of sources, creating practitioners whose way
of being is grounded in informatics. Nursing research is
dynamic and an enterprise in which all nurses are
engaged by virtue of their use of technologies to gather
and analyze findings that inform specific clinical
situations. In every practice setting, the contributions of
nurses to health and well-being of citizens will be highly
respected and parallel, if not exceed, the preeminence
granted physicians.

Summary

In this chapter, we have traced the development of
informatics as a specialty, defined nursing informatics,
and explored the DIKW paradigm central to
informatics. We also explored the need for and the
development of standardized terminologies to capture
and codify the work of nursing and how informatics
supports the knowledge work of nursing. This chapter
advanced the view that every nurse’s practice will
make contributions to new nursing knowledge in
dynamically interactive CIS environments. The core
concepts associated with informatics will become
embedded in the practice of every nurse, whether
administrator, researcher, educator, or practitioner.
Informatics will be prominent in the knowledge work of
nurses, yet it will be a subtlety because of its eventual
fulsome integration with clinical care processes.
Clinical care will be substantially supported by the
capacity and promise of technology today and
tomorrow.

Most importantly, readers need to contemplate a future
without being limited by the world of practice as it is
known today. Information technology is not a panacea
for all of the challenges found in health care, but it will
provide the nursing profession with an unprecedented
capacity to generate and disseminate new knowledge
at rapid speed. Realizing these possibilities
necessitates that all nurses understand and leverage
the informatician within and contribute to the future.

THOUGHT-PROVOKING QUESTIONS

1. How is the concept of wisdom in NI like or
unlike professional nursing judgment?
Can any aspect of nursing wisdom be
automated?

2. How can a single agreed-upon model of
terminology use (with linkages to a single
terminology) help to integrate knowledge
into routine clinical practice?

3. Can you create examples of how expert
systems (not decision support systems
but true expert systems) can be used to
support nursing practice?

4. How would you incorporate the data-to-
wisdom continuum into a job description
for nurse?

5. What are the possibilities to accelerate
the generation and uptake of new nursing
knowledge?

References
American Nurses Association (ANA).

(2008). Nursing informatics: Scope and
standards of practice. Springfield, MD:
Nursesbooks.org.

American Nurses Association (ANA).
(2015). Nursing informatics: Scope and
standards of practice (2nd ed.). Silver
Spring, MD: Nursesbooks.org.

Androwich, I. (2010, June). Paper
presented at Delaware Valley Nursing
Informatics Annual Meeting, Malvern,
PA.

Benner, P. (2000). The wisdom of our
practice. The American Journal of
Nursing, 100(10), 99–101, 103, 105.

Blum, B. (1986). Clinical information
systems. New York, NY: Springer-
Verlag.

Davenport, T. H., Thomas, R., & Cantrell,
S. (2002). The mysterious art and
science of knowledge worker
performance. MIT Sloan Management
Review, 44(1), 23–30.

Drucker, P. F. (1992). The new society of
organizations. Harvard Business

Review, 70(5), 95–104.

Drucker, P. F. (1994). The age of social
transformation. Atlantic Monthly,
274(5), 52–80.

Graves, J., & Corcoran, S. (1989). The
study of nursing informatics. Image,
21(4), 227–230.

Hannah, K. J., White, P., Nagle, L. M., &
Pringle, D. M. (2009). Standardizing
nursing information in Canada for
inclusion in electronic health records:
C-HOBIC. Journal of the American
Medical Informatics Association, 16(4),
524–530.

Hardiker, N. (2011). Developing
standardized terminologies to support
nursing practice. In D. McGonigle & K.
Mastrian (Eds.), Nursing informatics
and the foundation of knowledge (2nd
ed., pp. 111–120). Sudbury, MA: Jones
& Bartlett Learning.

Matney, S., Brewster, P., Sward, K.,
Cloyes, K., & Staggers, N. (2011).
Philosophical approaches to the data–
information–knowledge–wisdom
framework. Advances in Nursing
Science, 34(1), 6–18.

McCormick, J. (2009, May 14). Preparing
for the future of knowledge work: A day
in the life of the knowledge worker.
Infomanagment Direct Online.
Retrieved from
http://www.information-
management.com/infodirect/2009_121/knowledge_worker_information_management_ecm_content_management-
10015405-1.html

Murphy, J. (2010). Nursing informatics:
The intersection of nursing, computer,
and information sciences. Nursing
Economic$, 28(3), 204–207.

Nagle, L. M., White, P., & Pringle, D.
(2010). Realizing the benefits of
standardized measures of clinical
outcomes. Electronic Healthcare, 9(2),
e3–e9.

O’Connor, J. J., & Robertson, E. F. (2003).
Florence Nightingale. Retrieved from
http://www-history.mcs.st-
andrews.ac.uk/history/Printonly/Nightingale.html

O’Neal, P. V., Grap, M. J., Thompson, C.,
& Dudley, W. (2001). Level of dyspnea
experienced in mechanically ventilated
adults with and without saline
instillation prior to endotracheal
suctioning. Intensive Critical Care
Nursing, 17(6), 356–363.

Ozbolt, J., & Saba, V. (2008). A brief
history of nursing informatics in the
United States of America. Nursing
Outlook, 56(5), 199–205.

Rutherford, M. (2008). Standardized
nursing language: What does it mean
for nursing practice? OJIN: The Online
Journal of Issues in Nursing, 13(1).
doi:10.3912/OJIN.Vol13No01PPT05

Skrocki, M. (2013). Standardization needs
for effective interoperability.
Transactions of the International

Conference on Health Information
Technology Advancement. Paper 32,
76–83. Retrieved from
http://scholarworks.wmich.edu/ichita_transactions/32

Snyder-Halpern, R., Corcoran-Perry, S., &
Narayan, S. (2001). Developing clinical
practice environments supporting the
knowledge work of nurses. Computers
in Nursing, 19(1), 17–26.

Sorrells-Jones, J., & Weaver, D. (1999a).
Knowledge workers and knowledge-
intense organizations, Part 1: A
promising framework for nursing and
healthcare. Journal of Nursing
Administration, 29(7/8), 12–18.

Sorrells-Jones, J., & Weaver, D. (1999b).
Knowledge workers and knowledge-
intense organizations, Part 3:
Implications for preparing healthcare
professionals. Journal of Nursing
Administration, 29(10), 14–21.

Thede, L., Schwiran, P. (2011).
Informatics: The standardized nursing

terminologies: A national survey of
nurses’ experiences and sttitudes—
Survey I*. OJIN: The Online Journal of
Issues in Nursing, 16(2). doi:
10.3912/OJIN.Vol16No02InfoCol01

Topaz, M. (2013). Invited editorial: The
hitchhiker’s guide to nursing
informatics theory: Using the Data-
Knowledge-Information-Wisdom
framework to guide informatics
research. Online Journal of Nursing
Informatics (OJNI), 17(3). Retrieved
from http://ojni.org/issues/?p=2852

Weaver, D., & Sorrells-Jones, J. (1999).
Knowledge workers and knowledge-
intense organizations, Part 2:
Designing and managing for
productivity. Journal of Nursing
Administration, 29(9), 19–25.

Westra, B., Latimer, G., Matney, S., Park,
J., Sensmeier, J., Simpson, R., . . .
Delaney, C. (2015). A national action
plan for sharable and comparable
nursing data to support practice and

translational research for transforming
health care. Journal of the American
Medical Informatics Assocociation,
22(3), 600–607.
doi:10.1093/jamia/ocu011

CHAPTER 7: Nursing
Informatics as a
Specialty

Dee McGonigle, Kathleen Mastrian, Julie A. Kenney,
and Ida Androwich

Objectives
1. Describe the nursing informatics

specialty.
2. Explore the scope and standards of

nursing informatics practice.
3. Assess the evolving roles and

competencies of nursing informatics
practice.

4. Appreciate the future of nursing
informatics in our rich, technology-laden
healthcare environments.

Key Terms
» Advocate/policy developer

» Certification

» Consultant

» Data

» Decision support/outcomes manager

» Educator

» Entrepreneur

» Informatics

» Informatics innovator

» Informatics nurse specialist

» Information

» Knowledge

» Knowledge worker

» Medical informatics

» Nursing informatics competencies

» Product developer

» Project manager

» Researcher

» TIGER initiative

Introduction
In the previous chapter, you reviewed the history and
evolution of nursing informatics, and the ways that all
nurses use informatics for practice. In this chapter, we
will focus on nursing informatics as a specialty.
Nursing informatics (NI) is an established, yet ever-
evolving, specialty. Those choosing NI as a career find
it full of numerous and varied opportunities. Previously,
most nurse informaticists entered the field by showing
an understanding and enthusiasm for working with
computers. Now, however, nurses have many
educational opportunities available to become formally
trained in the field of NI to become an informatics nurse
specialist (INS). We will explore the scope and
standards of NI; NI roles, education, and specialization;
rewards of working in the field; and organizations and
professional journals of the INS.

Nursing Contributions to
Healthcare Informatics
Nursing has been involved in the purchase, design,
and implementation of information systems (ISs) since
the 1970s (Saba & McCormick, 2006). One of the first
health IS vendors studied how nurses managed patient

care and realized that nursing activity was the core of
patient activity and needed to be the foundation of the
health or clinical IS. Nursing informaticists have been
instrumental in developing, critiquing, and promoting
standard nursing terminologies to be used in the health
IS. Nursing is involved heavily in the design of
educational materials for practicing nurses, student
nurses, other healthcare workers, and patients.
Computers have revolutionized the way individuals
access information and have revolutionized
educational and social networking processes.

Scope and Standards
NI is important to nursing and health care because it
focuses on representing nursing data, information,
and knowledge. As identified in the earlier edition of
the Nursing Informatics: Scope and Standards of
Practice, NI meets the following needs for health
informatics (American Nurses Association [ANA],
2008; Brennan, 1994):

Provides a nursing perspective
Showcases nursing values and beliefs
Provides a foundation for nurses in NI
Produces unique knowledge
Distinguishes groups of practitioners
Emphasizes the interest for nursing
Provides needed nursing language and word
context

In 2008, the ANA published a revised scope and
standards of nursing informatics practice. This
publication included the most recent INS standards of
practice and the INS standards of professional
performance, and addressed the who, what, when,
where, how, why, and functional roles of INS practice.
There were three overarching standards of practice
(ANA, 2008, p. 33):

1. Incorporate theories, principles, and concepts
from appropriate sciences into informatics
practice.

2. Integrate ergonomics and human–computer
interaction (HCI) principles into informatics
solution design, development, selection,
implementation, and evaluation.

3. Systematically determine the social, legal, and
ethical impact of an informatics solution within
nursing and health care.

The standards of practice and professional
performance for an INS are listed in Box 7-1.

BOX 7-1 INFORMATICS NURSE

SPECIALIST STANDARDS OF

PRACTICE AND PERFORMANCE

STANDARDS OF

PROFESSIONAL PRACTICE
FOR NURSING INFORMATICS

Standard 1: Assessment

Standard 2: Diagnosis, Problems, and Issues
Identification

Standard 3: Outcomes Identification

Standard 4: Planning

Standard 5: Implementation

Standard 5A: Coordination of Activities

Standard 5B: Health Teaching and Health
Promotion

Standard 5C: Consultation

Standard 6: Evaluation

STANDARDS OF
PROFESSIONAL
PERFORMANCE FOR NURSING
INFORMATICS

Standard 7: Ethics

Standard 8: Education

Standard 9: Evidence-Based Practice and
Research

Standard 10: Quality of Practice

Standard 11: Communication

Standard 12: Leadership

Standard 13: Collaboration

Standard 14: Professional Practice
Evaluation

Standard 15: Resource Utilization

Standard 16: Environmental Health

Data from American Nurses Association (ANA). (2015). Nursing

informatics: Scope and standards of practice (2nd ed.). Silver

Spring, MD: Nursesbooks.org.

In 2015, the second edition of the ANA’s Nursing
Informatics: Scope and Standards of Practice was
released. The ANA described the functional areas of
nursing informatics as follows (p. 19):

Administration, leadership, and management
Systems analysis and design
Compliance and integrity management
Consultation
Coordination, facilitation, and integration
Development of systems, products, and resources

Educational and professional development
Genetics and genomics
Information management/operational architecture
Policy development and advocacy
Quality and performance improvement
Research and evaluation
Safety, security, and environmental health

As INSs assume their roles, it is evident that typical
roles cover more than one functional area and that our
“informatics solutions are more closely integrated with
the delivery of care” (ANA, 2015, p. 36). The ANA also
denoted telehealth as an integrated functional area that
is a dynamic health information technology. As nursing,
information, computer, and cognitive sciences continue
to evolve, so will NI functions. With the rapid
advancements we have already seen in the previous
decade, we know that the INSs of the future will be
assuming roles and working in areas that we have not
imagined yet.

Nursing Informatics Roles
NI has become a viable and essential nursing specialty
with the introduction of computers and the EHR to
health care. Many nurses entered the NI field because
of their natural curiosity and their dedication to being
lifelong learners. Others who entered this field might
have done so by accident: Perhaps they were
comfortable working with computers and their

coworkers used them as a resource for computer-
related questions. The introduction of the EHR has
forced all clinicians to learn to use this new technology
and incorporate it into their already busy days.
According to one estimate, nurses spend as little as
10–15% of their days with their patients and as much
as 28–50% of their day documenting (Healthcare
Information and Management Systems Society
[HIMSS] Nursing Informatics Awareness Task
Force, 2007; Munyisia, Yu, & Hailey, 2014). Assisting
nurses to incorporate this new technology into their
daily workflow is one of many challenges that the INS
may tackle. Even though INSs appear to work behind
the scenes, INSs impact the health and clinical
outcomes of patients.

The INS may take on numerous roles; refer to Figure
7-1. For example, one position that INSs fill quite well
is the role of the project manager, as a result of their
ability to simultaneously manage multiple complex
situations. Because of the breadth of the NI field,
however, many INSs find that they need to further
specialize. The following list includes some typical INS
positions. It is far from comprehensive, because this
field changes rapidly, as does technology (ANA, 2015;
Thede, 2003).

Figure 7-1 NI Roles

Project Manager. In the project manager role, the
INS is responsible for the planning and
implementation of informatics projects. The INS
uses communication, change management,
process analysis, risk assessment, scope definition,
and team building. This role acts as the liaison
among clinicians, management, IS, stakeholders,
vendors, and all other interested parties.
Consultant. The INS who takes on the consultant
role provides expert advice, opinions, and
recommendations based on his or her area of
expertise. Flexibility, good communication skills,
excellent interpersonal skills, and extensive clinical
and informatics knowledge are highly desirable skill
sets needed by the NI consultant.
Educator. The success or failure of an informatics
solution can be directly related to the education and
training that were provided for end users. The INS

who chooses the educator role develops and
implements educational materials and sessions and
provides education about the system to new or
current employees during a system implementation
or an upgrade.
Researcher. The researcher role entails
conducting research (especially data mining) to
create new informatics and clinical knowledge.
Research may range from basic informatics
research to developing clinical decision support
tools for nurses.
Product Developer. An INS in the product
developer role participates in the design,
production, and marketing of new informatics
solutions. An understanding of business and
nursing is essential in this role.
Decision Support/Outcomes Manager. Nurses
assuming the role of decision support/outcomes
manager use tools to maintain data integrity and
reliability. Contributing to the development of a
nursing knowledge base is an integral component
of this role.
Advocate/Policy Developer. INSs are key to
advocating for the patients and healthcare systems
and developing the infrastructure of health policy.
Policy development on a local, national, and
international level is an integral part of the
advocate/policy developer role.
Clinical Analyst/System Specialist. INSs may work
at varying levels and serve as a link between

nursing and information services in healthcare
organizations.
Entrepreneur. Those nurses involved in the
entrepreneur role combine their passion, skills,
and knowledge to develop marketable business
ideas by analyzing nursing information needs and
developing and marketing solutions.

Specialty Education and
Certification
Many nurses who entered into NI did so without any
formal education in this field. In many cases, these
nurses served as the unit resource for computer or
program questions. Often, they acquired their skills
through on-the-job training or by attending classes.
Although this pathway to the NI field is still available
today, more formal ways of acquiring these skills exist.
The informatics nurse has a bachelor of science
degree in nursing and additional knowledge and
expertise in the informatics field (ANA, 2015). The INS
holds an advanced degree or a post-master’s
certificate and is prepared to assume roles requiring
this advanced knowledge. INSs may attend informatics
conferences and obtain contact hours or continuing
education units.

Box 7-2 lists some of the pioneering colleges and
universities that offer advanced degrees or certificates

in NI. This is not a comprehensive list; new programs
are continually being developed. Local colleges and
universities should be researched to see which may
have informatics programs.

BOX 7-2 FORMAL NURSING

INFORMATICS EDUCATIONAL

PROGRAMS

GRADUATE DEGREE
PROGRAMS

Chamberlin College of Nursing:
www.chamberlain.edu/admissions/graduate/Master-
of-Science-in-Nursing/informatics-track

Duke University:
http://nursing.duke.edu/academics/programs/msn/health-
informatics-major

Excelsior College:
www.excelsior.edu/nursing-masters-
informatics-faq

Loyola University Chicago:
www.luc.edu/hsm

New York University:
http://nursing.nyu.edu/academics/masters

Northeastern University:
www.healthinformatics.neu.edu

University of Alabama at Birmingham:
www.uab.edu/nursing/home/msn/nursing-
informatics-major

University of Colorado at Denver:
www.ucdenver.edu/academics/colleges/nursing/programs-
admissions/masters-programs/ms-
program/specialties/healthcareinformatics/Pages/default.aspx

University of Iowa:
http://informatics.grad.uiowa.edu/health-
informatics/curriculum

University of Kansas:
http://nursing.kumc.edu/academics/master-
of-science/nursing-informatics.html

University of Maryland:
www.nursing.umaryland.edu/academics/grad/specialties/ni

University of North Carolina at Chapel Hill:
http://nursing.unc.edu/academics/graduate-
practice-
programs/master_of_science_in_nursing/health-
care-systems-msn/

University of Pittsburgh:
www.nursing.pitt.edu/degree-
programs/master-science-nursing-

msn/msn-program-majors/nursing-
informatics/nursing

University of Utah:
http://nursing.utah.edu/programs/msnursinginformatics.php

University of Washington:
www.son.washington.edu/portals/cipct

Vanderbilt University:
www.nursing.vanderbilt.edu/msn/ni.html

CERTIFICATE PROGRAMS
Chamberlain College of Nursing:
www.chamberlain.edu/admissions/graduate/graduate-
certificate-programs

Indiana University:
nursing.iupui.edu/continuing/informatics.shtml

Loyola University Chicago:
www.luc.edu/media/lucedu/nursing/pdfs/Informatics%20Certificate.pdf

Northeastern University:
www.ccis.northeastern.edu/program/health-
informatics-grad-certificate/

Penn State University:
www.worldcampus.psu.edu/degrees-and-
certificates/nursing-informatics-
certificate/overview

University of Iowa:
informatics.grad.uiowa.edu/health-
informatics/curriculum

Nurses who choose to specialize in NI have two
certification options available to them. The first is
obtained through the American Nurses Credentialing
Center (ANCC). The ANCC’s examination is specific
for the informatics nurse. The applicant must be a
licensed registered nurse with at least 2 years of recent
experience and have a baccalaureate degree in
nursing. The applicant must have completed 30 contact
hours of continuing education in informatics. The
applicant must meet one of the following criteria: (1)
2,000 hours practicing as an informatics nurse, (2)
1,000 hours practicing as an informatics nurse and 12
semester hours of graduate academic credit toward an
NI degree, or (3) completion of an NI degree that
included at least 200 supervised practicum hours. For
further information on this certification examination,
visit
www.nursecredentialing.org/Certification/NurseSpecialties/Informatics
This website includes the aforementioned criteria and
provides further information about test eligibility, fees,
examination content, examination locations, study
materials, and practice tests.

The second certification examination is sponsored by
the Healthcare Information and Management Systems

Society (HIMSS). Candidates who successfully pass
this examination are designated as certified
professionals in healthcare information and
management systems. The HIMSS examination is
open to any candidate who is involved in healthcare
informatics. Candidates must hold positions in the
following fields: administration/management, clinical IS,
e-health, IS, or management engineering. Candidates
may include any of the following: chief executive
officers, chief information officers, chief operating
officers, senior executives, senior managers, IS
technical staff, physicians, nurses, consultants,
attorneys, financial advisors, technology vendors,
academicians, management engineers, and students.
Candidates must meet the following criteria to be
eligible to sit for the examination: a baccalaureate
degree plus 5 years of associated information and
management systems experience, with 3 of those
years being in health care; or a graduate degree plus 3
years of associated information and management
systems experience, with 2 of those years being in
health care. The information discussed in this text and
additional information about the examination can be
found by visiting
http://www.himss.org/ASP/certification_cphims.asp.

Nursing Informatics
Competencies

One challenge that has been identified in the literature
and continues to plague health care is the vast
differences in computer literacy and information
management skills that healthcare workers possess
(Gassert, 2008; McNeil, Elfrink, Beyea, Pierce, &
Bickford, 2006; Topkaya & Kaya, 2014). Gassert
(2008) felt that new graduates were not adequately
literate. Barton (2005) believed that new nurses should
have the following critical skills: use e-mail, operate
Windows applications, search databases, and know
how to work with the institution-specific nursing
software used for charting and medication
administration. These skills should not be limited to just
new nurses, but instead should be required of all
nurses and healthcare workers.

Staggers, Gassert, and Curran (2001) advocated that
nursing students and practicing nurses should be
educated on core NI competencies. Although
information technology and informatics concepts
certainly need to be incorporated into nursing school
curricula, progress in this area has been slow. In the
1980s, a nursing group of the International Medical
Informatics Association convened to develop the first
level of nursing competencies. While developing these
competencies, the nursing group found that nurses fell
in to one of the following three categories: (1) user, (2)
developer, or (3) expert. These categories have since
been expanded.

Staggers and colleagues (2001) decided that the NI
competencies developed in the 1980s were inadequate
and needed to be updated. These authors reviewed 35
NI competency articles and 14 job descriptions, which
resulted in 1,159 items that were sorted into three
broad categories: (1) computer skills, (2) informatics
knowledge, and (3) informatics skills. These items were
then placed in a database, where redundant items
were removed. When this process was completed, 313
items remained.

When these items were then further subdivided,
Staggers and colleagues, along with the American
Medical Informatics Association (AMIA) work group,
realized that these competencies were not universal to
all nurses; thus, before it could be determined if the
competency was an NI competency, nursing skill levels
needed to be defined. The group determined that
practicing nurses could be classified into four
categories: (1) beginning nurse, (2) experienced nurse,
(3) informatics nurse specialist, and (4) informatics
innovator. Each of these skill levels needed to be
defined before Staggers and colleagues (2001) could
determine which level was the most appropriate for that
skill set. Table 7-1 provides the definition criteria for
each skill level. Once the levels were defined, the
group determined that 305 items were NI
competencies and placed them into appropriate
categories.

TABLE 7-1 Definitions of Four Levels of Practicing
Nurses

Beginning Nurse

Has basic computer technology skills and information

management skills

Uses institution’s information systems and the contained

information to manage patients

Experienced Nurse

Proficient in a specialty

Highly skilled in using computer technology skills and information

management skills to support his or her specialty area of practice

Pulls trends out of data and makes judgments based on this

information

Uses current systems, but will collaborate with informatics nurse

specialist regarding concerns or suggestions provided by staff

Informatics Nurse Specialist

RN with advanced education who possesses additional knowledge

and skills specific to computer technology and information

management

Focuses on nursing’s information needs, which include education,

administration, research, and clinical practice

Application and integration of the core informatics sciences:

information, computer, and nursing science

Uses critical thinking, process skills, data management skills,

systems life cycle development, and computer skills

Informatics Innovator

Conducts informatics research and generates informatics theory

Vision of what is possible

Keen sense of timing to make things happen

Creative in developing solutions

Leads the advancement of informatics practice and research

Sophisticated level of skills and understanding in computer

technology and information management

Cognizant of the interdependence of systems, disciplines, and

outcomes and is able to finesse situations to obtain the best

outcome

Reproduced from Staggers, N., Gassert, C., & Curran, C. (2001).
Informatics competencies for nurses at four levels of practice. Journal

of Nursing Education, 40(7), 303–316. With permission of SLACK

Incorporated.

Staggers, Gassert, and Curran (2002) conducted the
seminal work in this area, a Delphi study to validate the
placement of the competencies into the correct skill
level. Of the 305 original competencies identified, 281
achieved an 80% approval rating for both importance
as a competency and placement in the correct practice
level. The authors stressed that this is a
comprehensive list; thus, for a nurse to enter a
particular skill level, he or she need not have mastered
every item listed for that skill level. For a list of
competencies by skill level, see Table 7-2.

Table 7-2 Nursing Informatics Compentencies by Skill
Level

Based on research conducted by Hunter, Mc

Gonigle, and Hebda (2013), the online self-assessment instrument,
TIGER-based Assessment of Nursing Informatics Competencies

(TANIC) was developed. This instrument assesses the Level I:

Beginning Nurse and Level 2: Experienced Nurse competencies.

Level 1: Beginning Nurse

Start the computer and log on securely to access select

applications/software

Access and send email

Collect and enter patient data into the information system

Level 2: Experienced Nurse

Identify the risks and limitations of surfing the Internet to locate

evidence-based practice information

Gather data to draw and synthesize conclusions

Explain how to sustain the integrity of information resources

Based on the research conducted by Mc

Gonigle, Hunter, Hebda, and Hill (2014), the online self-assessment
instrument, Nursing Informatics Competency Assessment – Level

3/Level 4 (NICA L3/L4) was developed. This instrument assesses the

Level 3: Informatics Nurse Specialist and Level 4: Informatics

Innovator competencies.

Level 3: Informatics Nurse Specialist

Fluent in nursing informatics and nursing terminologies

Applies aspects of human technology interface to screen, device,

and software design

Teach nurses how to locate, access, retrieve, and evaluate

information

Level 4: Informatics Innovator

Analyze systems

Transform software programs to support data analysis and

aggregation

Lead research efforts to determine and address application needs

References

Hill, T., Mc

Gonigle, D., Hunter, K., Sipes, C. & Hebda, T. (2014). An instrument
for assessing advanced nursing informatics competencies. Journal of

Nursing Education and Practice, 4(7), 104–112.

Hunter, K., Mc

Gonigle, D. & Hebda, T. (2011, December). Operationalizing TIGER
NI competencies for online assessment of perceived competency.

TIGER Initiative Foundation Newsletter. Retrieved from

http://www.thetigerinitiative.org [must subscribe to access]

Hunter, K., Mc

Gonigle, D., & Hebda, T. (2013). TIGER-based measurement of
nursing informatics competencies: The development and

implementation of an online tool for self-assessment. Journal of

Nursing Education and Practice, 3(12), 70–80. doi:

10.5430/jnep.v3n12p70

Hunter, K., Mc

Gonigle, D., Hebda, T., Sipes, C., Hill, T., & Lamblin, J. (2015).
TIGER-based assessment of nursing informatics competencies

(TANIC). In A. Rocha, S. Correia, S. Costanza, & L. Reis (Eds.). New

contributions in information systems and technologies: Volume 1

(advances in intelligent systems and computing) (pp. 171–177).

Basel, Switzerland: Springer. DOI: 10.1007/978-3-319-16486-1_7

Mc

Gonigle, D., Hunter, K., Hebda, T., & Hill, T. (2014). Self-assessment
of Level 3 and Level 4 NI competencies tool development. Retrieved

from http://www.himss.org/file/1307246/download?
token=cNOya_Lm

Mc

Gonigle, D., Hunter, K., Hebda, T., Sipes, C., Hill, T., & Lamblin, J.

(2015). Nursing informatics competencies assessment Level 3 and
Level 4 (NICA L3/L4). In A. Rocha, S. Correia, S. Costanza, & L. Reis

(Eds.). New contributions in information systems and technologies:

Volume 1 (advances in intelligent systems and computing) (pp. 209–

214). Basel, Switzerland: Springer. DOI: 10.1007/978-3-319-16486-

1_21

In 2004, a group of nurses came together after
attending a national informatics conference to ensure
that nursing was equally recognized in the national
informatics movement. This so-called Technology
Informatics Guiding Education Reform (TIGER) team
determined that using informatics was a core
competency for all healthcare workers. They also
determined that many nurses lack information
technology skills, which limits their ability to access
evidence-based information that could otherwise be
incorporated into their daily practice. This group is
currently working on a plan to include informatics
courses in all levels of nursing education; when that
effort is complete, they will examine how to get the
information out to practicing nurses who are not
currently enrolled in an academic program (HIMSS,
2016). Many of the items identified by the TIGER team
as lacking in both nursing students and practicing
nurses are items that Staggers et al. (2002) determined
to be NI competencies. To learn more about the TIGER
initiative, visit
http://www.himss.org/professionaldevelopment/tiger-
initiative.

Through the work of Hunter et al. (2011; 2013; 2015)
and McGonigle et al. (2014; 2015), the competencies
for nursing informatics practice Levels 1 through 4
have been further refined with two self-assessment
tools developed. Hunter and colleagues focused on the
Level 1 and Level 2 competencies and developed the

self-assessment of competencies TANIC tool, Tiger-
based Assessment of Nursing Informatics
Competencies. McGonigle and colleagues focused on
the competencies related to the advanced levels 3 and
4, developing the self-assessment of competencies
NICA L3/L4 tool, Nursing Informatics Competency
Assessment Level 3/Level 4 (ANA, 2015, p. 43).

It is critical that nurses and INSs can demonstrate
competence. As there were many definitions of the
term competency, the authors of these tools first had to
define the term competency. Hunter et al. (2013)
concluded that

Competency, then, is a concept
applicable to multiple situations. At its
most basic, competency denotes having
the knowledge, skills, and ability to
perform or do a specific task, act, or job.
Depending on the context, competency
can refer to adequate or expert
performance. For this research,
competency was used to mean adequate
knowledge, skills, and ability. Nursing-
informatics competency was defined as
adequate knowledge, skills, and ability to
perform specific informatics tasks. (p. 71)

The teams began instrument development by
synthesizing both seminal and current literature to
construct instrument items; they reviewed, formatted,
and initiated instrument testing with a Delphi study and
then piloted the resulting instrument with experts.
Cronbach’s alpha values were calculated. The TANIC
Cronbach was 0.944 for clinical information
management, 0.948 for computer skills, and 0.980 for
information literacy. The NICA L3/L4 reliability
estimates were as follows: computer skills, 0.909;
informatics knowledge, 0.982; and informatics skills,
0.992. The Cronbach’s reliability estimates for each
tool showed strong internal consistency reliability.

The TANIC self-assessment instrument has four parts,
including questions about demographics and the self-
assessment, consisting of 85 items covering basic
computer literacy, clinical information management,
and information literacy. The NICA L3/L4 self-
assessment instrument also has four parts: questions
about demographics and the 178 item self-
assessment, consisting of computer skills, informatics
knowledge, and informatics skills.

These tools and those that will follow are extremely
important because they help each of us identify our
own level of comfort with technology and our self-
confidence in our ability to perform these skills/tasks.
Nurse educators in all practice settings and school-
based programs must help their nurses or nursing

students recognize deficits in their current knowledge
and skills. The nurse educators can facilitate the
professional development of their nurses or nursing
students through the identification of courses or skill-
based labs that will help them turn their deficits into
strengths.

Rewards of NI Practice
NI is a nursing specialty that does not focus on direct
patient care but instead focuses on enhancing patient
care and safety and improving the workflow and work
processes of nurses and other healthcare workers. The
INS is instrumental in designing the electronic
healthcare records that healthcare workers use on a
daily basis. This nurse is also responsible for designing
tools that allow healthcare workers to access patient
information more efficiently than they have been able
to do so in the past. Watching these changes take
place brings great satisfaction to the INS.

Change is a factor that an INS deals with on a daily
basis. This dynamic nature of the position is probably
its most difficult aspect, because people deal with
change differently. Understanding change theory and
processes and appreciating how change affects people
assist the INS in developing strategies to encourage
healthcare workers to accept changes and become
proficient in informatics solutions that have been

implemented. Seeing the change adopted with a
minimal amount of discord is very rewarding to the INS.

The INS also participates in informatics organizations
that allow INSs to network and share experiences with
one another. Such interactions allow INSs to bring
these new solutions back to their respective
organizations and improve informatics trouble spots.
Attending professional conferences allows the INS to
stay abreast of changes in the industry. Continuing
education may help the INS to improve a process or
workflow within the hospital or to change the way a
system upgrade is rolled out.

NI Organizations and Journals
One of the first informatics organizations founded was
HIMSS. HIMSS, which celebrated its 55th year in 2016,
was launched in 1961 and now has offices throughout
the United States and Europe. HIMSS currently
represents more than 20,000 individuals and 300
corporations. This organization supports both local and
national chapters. It has many associated work groups,
one of which is an NI work group. HIMSS is well known
for its development of industry-wide policies and its
educational and professional development initiatives,
all of which are directed toward the goal of ensuring
safe patient care. Membership in HIMSS offers many
advantages for nurses, such as access to numerous
weekly and monthly publications, and two scholarly

journals, the Journal of Healthcare Information
Management and the Online Journal of Nursing
Informatics. HIMSS offers many educational programs,
including virtual expos, which allow participants to
experience the expo without having to travel. These
educational opportunities allow participants to network
with colleagues and peers, which is a valuable asset in
this field. HIMSS also periodically conducts NI
workforce surveys. It is interesting to review the most
current survey results and compare them to your
setting and role.

The American Medical Informatics Association (AMIA)
was founded in 1990 when three health informatics
associations merged. AMIA currently has more than
3,000 members who reside in 42 countries. This
organization focuses on the development and
application of biomedical and healthcare informatics.
Members include physicians, nurses, dentists,
pharmacists, health information technology
professionals, and biomedical engineers. AMIA offers
many benefits to its members, such as weekly and
monthly publications and a scholarly journal, JAMIA—
The Journal of the American Medical Informatics
Association. Members may join a working group that is
specific to their specialty, including an NI work group.
AMIA offers multiple educational opportunities and
many opportunities for networking with colleagues.

The American Nursing Informatics Association (ANIA)

was established in 1992 to provide an opportunity for
southern California informatics nurses to meet. It has
since grown to a national organization whose members
include healthcare professionals who work with clinical
IS, educational applications, data collection/research
applications, administrative/DSS, and those who have
an interest in the field of NI. In 2009, ANIA merged with
the Capital Area Roundtable on Informatics in Nursing
(CARING). Membership benefits include the following:

Access to a network of more than 3,200 informatics
professionals in 50 states and 30 countries
Active email list
Quarterly newsletter indexed in CINAHL and
Thomson
Job bank with employee-paid postings
Reduced rate at the ANIA Annual Conference
Reduced rate for CIN: Computers, Informatics,
Nursing
ANIA Online Library of on-demand and webinar
education activities
Membership in the Alliance for Nursing Informatics
Web-based meetings
In-person meetings and conferences held nationally
and worldwide

The Alliance for Nursing Informatics (ANI) is a coalition
of NI groups that represents more than 3,000 nurses
and 20 distinct NI groups in the United States. Its
membership represents local, national, and

international NI members and groups. These individual
groups have developed organizational structures and
have established programs and publications. ANI
functions as the link between NI organizations and the
general nursing and healthcare communities and
serves as the united voice of NI.

These groups have been instrumental in establishing
the informatics community. Box 7-3 lists some of these
organizations and their publications, but many other
informatics groups exist.

BOX 7-3 NURSING INFORMATICS

WEBSITES AND CORRESPONDING

JOURNALS

Alliance for Nursing Informatics

Website: www.allianceni.org

American Health Information
Management Association

Website: www.ahima.org

Journal: Journal of AHIMA & Perspectives in
Health Information Management (online)

American Medical Informatics
Association

Website: www.amia.org

Journal: JAMIA—Journal of the American
Medical Informatics Association

NI website:
www.amia.org/programs/working-
groups/nursing-informatics

American Nursing Informatics
Association

(includes Capital Area Roundtable on
Informatics in Nursing [CARING]) Website:
www.ania.org

Resources link:
www.ania.org/Resources.htm

Journal: CIN: Computers, Informatics,
Nursing

Health Information and Management
Systems Society

Website: www.himss.org

Chapter websites:
www.himss.org/ASP/chaptersHome.asp

Journal: The Journal of Healthcare
Information Management

NI website:
www.himss.org/asp/topics_nursingInformatics.asp

International Medical Informatics
Association

Website: www.imia.org

Journal: International Journal of Medical
Informatics

NI website: www.imia.org/ni

Online Journal of Nursing Informatics

Website: www.himss.org/ojni

The Future of Nursing
Informatics
NI is still in its infancy, as is the technology that the INS
uses on a daily basis. NI will continue to influence
development of the EHR; in turn, the EHR will continue
to improve and will one day accurately capture the care
nurses give to their patients. This is a formidable
challenge because much of the care provided by
nurses is intangible in nature. In the future, the EHR
will provide data to the INS that can then be used to
improve nursing workflow and to determine whether
current practices are the most efficient and beneficial to
the patient.

Nursing and health care are on a roller-coaster ride
that will undoubtedly prove very interesting. New

technology is being introduced at a breakneck speed,
and nursing and health care must be ready to ride this
roller coaster. Programs need to be developed to keep
nurses and healthcare workers abreast of the new
technological changes as they occur, and educating
new and current nurses presents a significant
challenge to the INS. Therefore, the INS’s future looks
very promising and rewarding.

According to the ANA (2015), five trends will influence
the future of nursing informatics:

1. Changing practice roles in nursing
2. Increasing informatics competence requirements

for all nurses
3. Rapidly evolving technology
4. Regulatory changes and quality standards that

include healthcare consumers as partners in
healthcare models

5. Care delivery models and innovation (p. 52)

As the future becomes yesterday, people are waking
up to the fact that we need the healthcare team
prepared with informatics competencies. All healthcare
providers should receive education on informatics
because they need basic informatics skills, such as the
ability to use search engines to find information about a
specific topic. Consequently, all healthcare providers
need to be able to attend classes to improve their
computer skills and knowledge. Those entering the

nursing field need a general knowledge of computer
capabilities. Many new trends—such as Web 2.0,
increased attention to evidence-based practice, and a
better understanding of genomics—will impact care
delivery in the 21st century, and NI nurses need to be
prepared to lead these efforts to improve care and help
nurses have a voice in the informatics skills they need,
as well as in the advances and tools they use,
including the EHR (Bakken, Stone, & Larson, 2008;
Lavin, Harper, & Barr, 2015).

Change plays a significant part in health care today,
and those interested in NI must embrace change. They
must also be good at enticing others to embrace
change. Nevertheless, NI candidates must realize that
change is often accompanied by resistance. For their
part, INSs must be ready to leave the bedside,
because nurses entering into this field will no longer be
giving hands-on care. NI is a very challenging but very
rewarding field. In an ideal world, all healthcare
agencies will employ at least one INS, and all nurses
will embrace the knowledge worker title.

Summary
Nursing informatics is a specialty that integrates
nursing science, computer science, and information
science to manage and communicate data,
information, knowledge, and wisdom in nursing
practice. Our definition: the synthesis of nursing

science, information science, computer science, and
cognitive science for the purpose of managing,
disseminating, and enhancing healthcare data,
information, knowledge, and wisdom to improve
collaboration and decision making, provide high-quality
patient care, and advance the profession of nursing.
Informatics practices support nurses as they seek to
care for their patients effectively and safely, by making
the information that they need more readily available.
Nurses have been actively involved in this field since
computers were introduced to health care. With the
advent of the EHR, it became apparent that nursing
needed to develop its own terminology related to the
new technology and its applications; NI has been
instrumental in this process.

Today, the healthcare industry employs the largest
number of knowledge workers in the world. Nurses, as
knowledge workers in technology-laden healthcare
facilities, must continuously improve their informatics
competencies. The INS is instrumental in leading the
advancement of informatics concepts and tools in all
settings and across all specialties. NI is a specialty
governed by standards that have been established by
the ANA. Because NI is a very diverse field, many INSs
eventually specialize in one segment of the field. While
NI is an established specialty, the core NI principles are
utilized by all nurses. Nursing informatics
competencies have been developed to encompass all
levels of practice and ensure that entry-level nurses

are ready to enter the more technologically advanced
field of nursing, as well as establish advanced
competencies for the INS’s specialty practice. These
competencies may be used to determine the
educational needs of current staff members.

The growth of the NI field has resulted in the formation
of numerous NI organizations or subgroups of the
medical informatics organizations. Nurses no longer
have to enter the field by chance but can obtain an
advanced degree in NI at many well-established
universities. In addition, INSs may continue their
learning by attending the numerous conferences
offered.

NI has grown tremendously as a specialty since its
inception and has the expectation of continued growth.
The NI specialty not only engages nurses and patients,
but also engages data to improve patient outcomes,
enhance patient care, and advance the science of
nursing. It will be interesting to see where NI and INSs
take health care in the future.

THOUGHT-PROVOKING QUESTIONS

1. A hospital is seeking to update its EHR. It
has been suggested that an INS be hired.
This position does not involve direct
patient care and the administration is

struggling with how to justify the position.
How can this position be justified?

2. It is important that all nurses be
informatics competent at all levels. In
particular, at which levels should the INS
be able to exhibit competency? Provide
several examples of the knowledge and
skills that an INS might demonstrate.

3. How does nursing move from measuring
the tasks completed to measuring the
final outcome of the patient? How can the
INS help us reach this goal?

References
Alliance for Nursing Informatics. (2013).

Homepage. Retrieved from
http://www.allianceni.org

American Medical Informatics Association.
(2013). Homepage. Retrieved from
http://www.amia.org

American Nurses Association (ANA).
(2008). Nursing informatics: Scope and
standard of practice. Silver Spring,
MD: Nursesbooks.org.

American Nurses Association (ANA).
(2015). Nursing informatics: Scope and
standard of practice (2nd ed.). Silver
Spring, MD: Nursesbooks.org.

Androwich, I. (2010, June). Paper
presented at Delaware Valley Nursing
Informatics Annual Meeting, Malvern,
PA.

Bakken, S., Stone, P., & Larson, E.
(2008). A nursing informatics research
agenda for 2008–2018: Contextual
influences and key components.
Nursing Outlook, 56(5), 206–214.

Barton, A. J. (2005). Cultivating
informatics competencies in a
community of practice. Nursing
Administration Quarterly, 29(4), 323–
328.

Brennan, P. F. (1994). On the relevance of
discipline to informatics. Journal of the
American Medical Informatics
Association, 1(2), 200–201.

Davenport, T. H., Thomas, R., & Cantrell,
S. (2002). The mysterious art and
science of knowledge worker
performance. MIT Sloan Management
Review, 44(1), 23–30.

Drucker, P. F. (1992). The new society of
organizations. Harvard Business
Review, 70(5), 95–104.

Drucker, P. F. (1994). The age of social
transformation. Atlantic Monthly,
274(5), 52–80.

Gassert, C. (2008). Technology and
informatics competencies. Nursing
Clinics of North America, 43(4), 507–
521. doi: 10.1016/j.cnur.2008.06.005

Health Information and Management
Systems Society (HIMSS). (2006).
HIMSS dictionary of healthcare
information technology terms,
acronyms and organizations. Chicago,
IL: Author.

Health Information and Management
Systems Society (HIMSS). (2013).
Homepage. Retrieved from
http://www.himss.org

Health Information and Management
Systems Society (HIMSS). (2016). The
TIGER initiative. Retrieved from
http://www.himss.org/professionaldevelopment/tiger-
initiative

HIMSS Nursing Informatics Awareness
Task Force. (2007). An emerging giant:
Nursing informatics. Nursing
Management, 13(10), 38–42.

Hunter, K., McGonigle, D. & Hebda, T.
(2011, December). Operationalizing
TIGER NI competencies for online
assessment of perceived competency.
TIGER Initiative Foundation
Newsletter. Retrieved from
http://www.thetigerinitiative.org

Hunter, K., McGonigle, D., & Hebda, T.
(2013). TIGER-based measurement of

nursing informatics competencies: The
development and implementation of an
online tool for self-assessment. Journal
of Nursing Education and Practice
(JNEP), 3(12), 70–80. doi:
10.5430/jnep.v3n12p70

Hunter, K., McGonigle, D., Hebda, T.,
Sipes, C., Hill, T., & Lamblin, J. (2015).
TIGER-Based assessment of nursing
informatics competencies (TANIC). In
A. Rocha, S. Correia, S. Costanza, &
L. Reis (Eds.), New contributions in
information systems and technologies:
Volume 1 (Advances in intelligent
systems and computing) (pp. 171–
177). Basel, Switzerland: Springer.
DOI: 10.1007/978-3-319-16486-1_7

Lavin, M., Harper, E., & Barr, N. (2015).
Health information technology, patient
safety, and professional nursing care
documentation in acute care settings.
OJIN The Online Journal of Issues in
Nursing, 20(2). doi:
10.3912/OJIN.Vol20No02PPT04

McCormick, J. (2009, May 14). Preparing
for the future of knowledge work: A day
in the life of the knowledge worker.
Infomanagment Direct Online.
Retrieved from
http://www.information-
management.com/infodirect/2009_121/knowledge_worker_information_management_ecm_content_management-
10015405-1.html

McGonigle, D., Hunter, K., Hebda, T., &
Hill, T. (2014). Self-assessment of
Level 3 and Level 4 NI competencies
tool development. Retrieved from
http://www.himss.org/file/1307246/download?
token=cNOya_Lm

McGonigle, D., Hunter, K., Hebda, T.,
Sipes, C., Hill, T., & Lamblin, J. (2015).
Nursing informatics competencies
assessment Level 3 and Level 4 (NICA
L3/L4). In A. Rocha, S. Correia, S.
Costanza, & L. Reis (Eds.), New
contributions in information systems
and technologies: Volume 1 (Advances
in intelligent systems and computing)
(pp. 209–214). Basel, Switzerland:
Springer. DOI: 10.1007/978-3-319-
16486-1_21

McNeil, B. J., Elfrink, V., Beyea, S. C.,
Pierce, S., & Bickford, C. J. (2006).
Computer literacy study: Report of
qualitative findings. Professional
Nursing, 22(1), 52–59.

Merriam-Webster Online. (2011). Worker.
Retrieved from http://mw1.merriam-
webster.com/dictionary/worker

Munyisia, E., Yu, P., & Hailey, D. (2014).
The effect of an electronic health
record system on nursing staff time in
a nursing home: A longitudinal study.
Australasian Medical Journal, 7(7),
285–293.
http//dx.doi.org/10.4066/AMJ.2014.2072

O’Connor, J. J., & Robertson, E. F. (2003).
Florence Nightingale. Retrieved from
http://www-history.mcs.st-
andrews.ac.uk/history/Printonly/Nightingale.html

Saba, V. K., & McCormick, K. A. (Eds.).
(2006). Essentials of nursing

informatics (4th ed.). New York, NY:
McGraw-Hill.

Snyder-Halpern, R., Corcoran-Perry, S., &
Narayan, S. (2001). Developing clinical
practice environments supporting the
knowledge work of nurses. Computers
in Nursing, 19(1), 17–26.

Sorrells-Jones, J., & Weaver, D. (1999a).
Knowledge workers and knowledge-
intense organizations, Part 1: A
promising framework for nursing and
healthcare. Journal of Nursing
Administration, 29(7/8), 12–18.

Sorrells-Jones, J., & Weaver, D. (1999b).
Knowledge workers and knowledge-
intense organizations, Part 3:
Implications for preparing healthcare
professionals. Journal of Nursing
Administration, 29(10), 14–21.

Staggers, N., Gassert, C., & Curran, C.
(2001). Informatics competencies for
nurses at four levels of practice.

Journal of Nursing Education, 40(7),
303–316.

Staggers, N., Gassert, C., & Curran, C.
(2002). A Delphi study to determine
informatics competencies for nurses at
four levels of practice. Nursing
Research, 51(6), 383–390.

Thede, L. Q. (2003). Informatics and
nursing: Opportunities and challenges
(2nd ed.). Philadelphia, PA: Lippincott
Williams & Wilkins.

Topkaya, S. & Kaya, N. (2014). Nurses’
computer literacy and attitudes
towards the use of computers in health
care. Retrieved from http://nursing-
informatics.com/niassess/Topkaya_2014.pdf

Weaver, D., & Sorrells-Jones, J. (1999).
Knowledge workers and knowledge-
intense organizations, Part 2:
Designing and managing for
productivity. Journal of Nursing
Administration, 29(9), 19–25.

Wickramasinghe, N., & Ginzberg, M. J.
(2001). Integrating knowledge workers
and the organization: Role of IT.
International Journal of Health Care
Quality Assurance, 14(6), 245–253.

CHAPTER 8: Legislative
Aspects of Nursing
Informatics: HITECH and
HIPAA

Kathleen M. Gialanella, Kathleen Mastrian, and Dee
McGonigle

Objectives
1. Explore the Health Insurance Portability

and Accountability Act (HIPAA) of 1996.
2. Describe the purposes of the Health

Information Technology for Economic and
Clinical Health (HITECH) Act of 2009.

3. Explore how the HITECH Act is
enhancing the security and privacy
protections of HIPAA.

4. Determine how the HITECH Act and its
impact on HIPAA apply to nursing
practice.

5. Identify informatics technologies likely to
be legislated in the future.

Key Terms
» Access

» Agency for Healthcare Research and
Quality

» American National Standards Institute

» American Recovery and Reinvestment
Act

» Centers for Medicare and Medicaid
Services

» Certified EHR technology

» Civil monetary penalties

» Compliance

» Confidentiality

» Consequences

» Electronic health records

» Enterprise integration

» Entities

» Gramm-Leach-Bliley Act

» Health disparities

» Health information technology

» Health Insurance Portability and
Accountability Act

» Health Level Seven

» Healthcare-associated infections

» International Standards Organization

» Meaningful use

» National Institute of Standards and
Technology

» Office of Civil Rights

» Office of the National Coordinator for
Health Information Technology

» Open Systems Interconnection

» Patient-centered care

» Policies

» Privacy

» Protected health information

» Qualified electronic health record

» Rights

» Sarbanes-Oxley Act

» Security

» Standards

» Standards-developing organizations

» Treatment/payment/operations

Introduction
Two key pieces of legislation have shaped the nursing
informatics landscape: the Health Insurance Portability
and Accountability Act (HIPAA) of 1996 and the Health
Information Technology for Economic and Clinical
Health Act (HITECH) of 2009. This chapter presents an
overview of the HITECH Act, including the Medicare
and Medicaid health information technology (HIT)
provisions of the law. Nurses need to be familiar with
the goals and purposes of this law, know how it
enhances the security and privacy protections of the
Health Insurance Portability and Accountability Act
(HIPAA) of 1996, and appreciate how it otherwise
affects nursing practice in the emerging electronic
health records age. The concepts of “meaningful use”
and “certified EHR technology” also are explored in this
chapter, as well as potential future legislation regulating
medical devices and apps and the movement toward
payment based on quality. Figure 8-1 provides a

snapshot of the legislation affecting the informatics
landscape.

Figure 8-1 Health Informatics Regulations

HIPAA Came First
HIPAA was signed into law by President Bill Clinton in
1996. Hellerstein (1999) summarized the intent of the
act as follows: to curtail healthcare fraud and abuse,
enforce standards for health information, guarantee the
security and privacy of health information, and ensure
health insurance portability for employed persons.
Consequences were put into place for institutions and
individuals who violate the requirements of this act. For
this text, we concentrate on the health information

security and privacy aspects of HIPAA, which are
outlined as follows:

The privacy provisions of the federal law,
the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), apply
to health information created or
maintained by healthcare providers who
engage in certain electronic transactions,
health plans, and healthcare
clearinghouses. The U.S. Department of
Health and Human Services (USDHHS)
issued the regulation, “Standards for
Privacy of Individually Identifiable Health
Information,” applicable to entities
covered by HIPAA. The Office for Civil
Rights (OCR) is the Departmental
component responsible for implementing
and enforcing the privacy regulation.
(U.S. Department of Health and Human
Services, 2015, para. 5–6)

The need and means to guarantee the security and
privacy of health information was the focus of
numerous debates. Comprehensive standards for the
implementation of this portion of the Act eventually
were finalized, but the process to adopt final standards
took years. In August 1998, the USDHHS released a
set of proposed rules addressing health information

management. Proposed rules specific to health
information privacy and security were released in
November 1999. The purpose of the proposed rules
was to balance patients’ rights to privacy and providers’
needs for access to information (Hellerstein, 2000).

Hellerstein (2000) summarized the proposed privacy
rules. The rules do the following:

Define protected health information as “information
relating to one’s physical or mental health, the
provision of one’s health care, or the payment for
that health care, that has been maintained or
transmitted electronically and that can be
reasonably identified with the individual it applies to”
(Hellerstein, 2000, p. 2). Figure 8-2 depicts the
types of information protected under HIPAA.

Figure 8-2 What Is Protected Health Information?

Propose that authorization by patients for release of
information is not necessary when the release of
information is directly related to treatment and
payment for treatment. Specific patient
authorization is not required for research, medical
or police emergencies, legal proceedings, and
collection of data for public health concerns. All
other releases of health information require a
specific form for each release and only information
pertinent to the issue at hand is allowed to be
released. All releases of information must be
formally documented and accessible to the patient
on request.

Establish patient ownership of the healthcare record
and allow for patient-initiated corrections and
amendments.
Mandate administrative requirements for the
protection of healthcare information. All healthcare
organizations are required to have a privacy official
and an office to receive privacy violation
complaints. A specific training program for
employees that includes a certification of
completion and a signed statement by all
employees that they will uphold privacy procedures
must be developed and implemented. All
employees must re-sign the agreement to uphold
privacy every 3 years. Sanctions for violations of
policy must be clearly defined and applied.
Mandate that all outside entities that conduct
business with healthcare organizations (e.g.,
attorneys, consultants, auditors) must meet the
same standards as the organization for information
protection and security.
Allow protected health information to be released
without authorization for research studies. Patients
may not access their information in blinded
research studies because this access may affect
the reliability of the study outcomes.
Propose that protected health information may be
deidentified before release in such a manner that
the identity of the patient is protected. The
healthcare organization may code the

deidentification so that the information can be
reidentified once it has been returned.
Apply only to health information maintained or
transmitted by electronic means.

As concerns mounted and deadlines loomed, the
healthcare arena prepared to comply with the
requirements of the law. The administrative
simplification portion of this law was intended to
decrease the financial and administrative burdens by
standardizing the electronic transmission of certain
administrative and financial transactions. This section
also addressed the security and privacy of healthcare
data and information for the covered entities of
healthcare providers who transmit any health
information in electronic form in connection with a
covered transaction, health plans, and healthcare
clearinghouses (Centers for Medicare & Medicaid
Services, 2014).

The privacy requirements, which went into effect on
April 14, 2003, limited the release of protected health
information without the patient’s knowledge and
consent. Covered entities must comply with the
requirements. Notably, they must dedicate a privacy
officer, adopt and implement privacy procedures,
educate their personnel, and secure their electronic
patient records. Most individuals are familiar with the
need to notify patients of their privacy rights, having
signed forms on interacting with healthcare providers.

According to the USDHHS (2002), the privacy rule
provides certain rights to patients: the right to request
restrictions to access of the health record; the right to
request an alternative method of communication with a
provider; the right to receive a paper copy of the notice
of privacy practices; the right to file a complaint if the
patient believes his or her privacy rights were violated;
the right to inspect and copy one’s health record; the
right to request an amendment to the health record;
and the right to see an account of disclosures of one’s
health record. This places the burden of maintaining
privacy and accuracy on the healthcare system, rather
than the patient.

On October 16, 2003, the electronic transaction and
code set standards became effective. At the time, they
did not require electronic transmission, but rather
mandated that if transactions were conducted
electronically, they must comply with the required
federal standards for electronically filed healthcare
claims. “The Secretary has made the Centers for
Medicare & Medicaid Services (CMS) responsible for
enforcing the electronic transactions and code sets
provisions of the law” (“Guidance on Compliance with
HIPAA Transactions and Code Sets,” 2003, para. 3).

The security requirements went into effect on April 21,
2005, and required the covered entities to put
safeguards that protect the confidentiality, integrity, and

availability of protected health information when stored
and transmitted electronically into place.

The safeguards that were addressed were
administrative, physical, and technical. The
administrative safeguards refer to the documented
formal policies and procedures that are used to
manage and execute the security measures. They
govern the protection of healthcare data and
information and the conduct of the personnel. The
physical safeguards refer to the policies and
procedures that must be in place to limit physical
access to electronic information systems. Technical
safeguards are the policies and procedures used to
control access to healthcare data and information.
Safeguards need to be in place to control access
whether the data and information are at rest, residing
on a machine or storage medium, being processed, or
in transmission, such as being backed up to storage or
disseminated across a network.

Overview of the HITECH Act
The federal Health Information Technology for
Economic and Clinical Health Act of 2009 (HITECH
Act; Leyva & Leyva, 2011), enacted February 17,
2009, is part of the American Recovery and
Reinvestment Act (ARRA). The ARRA, also known as
the “Stimulus” law, was enacted to stimulate various
sectors of the U.S. economy during the most severe

recession this country had experienced since the Great
Depression of the late 1920s and early 1930s. The
health information technology (HIT) industry was
one area where lawmakers saw an opportunity to
stimulate the economy and improve the delivery of
health care at the same time. This explains why the
title of the HITECH Act contains the phrase “for
Economic and Clinical Health.”

The ARRA is a lengthy piece of legislation that is
organized into two major sections: Division A and
Division B. Each division contains several titles. Title
XIII of Division A of the ARRA is the HITECH Act. It
addresses the development, adoption, and
implementation of HIT policies and standards and
provides enhanced privacy and security protections
for patient information—an area of the law that is of
paramount concern in nursing informatics. Title IV of
Division B of the ARRA is considered part of the
HITECH Act. It addressed Medicare and Medicaid HIT
and provided significant financial incentives to
healthcare professionals and hospitals that adopted
and engaged in the “meaningful use” of electronic
health records (EHRs) technology.

At the time the HITECH Act was enacted, it was
estimated that less than 8% of U.S. hospitals used a
basic EHR system in at least one of their clinical units,
and less than 2% of U.S. hospitals had an EHR system
in all of their clinical settings (Ashish, 2009). Not

surprisingly, the cost of an EHR system has been a
major barrier to widespread adoption of this technology
in most healthcare facilities. The HITECH Act sought to
change that situation by providing each person in the
United States with an EHR. In addition, a nationwide
HIT infrastructure would be developed so that access
to a person’s EHR will be readily available to every
healthcare provider who treats the patient, no matter
where the patient may be located at the time treatment
is rendered. According to the Office of the National
Coordinator for Health Information Technology (2015),
three out of four hospitals now have at least a basic
EHR with clinician notes, and for larger acute care
hospitals, nearly 97% have EHR technology certified
by USDHHS.

Definitions
The HITECH Act includes some important definitions
that anyone involved in nursing informatics should
know:

“Certified EHR Technology”: An EHR that meets
specific governmental standards for the type of
record involved, whether it is an ambulatory EHR
used by office-based healthcare practitioners or an
inpatient EHR used by hospitals. The specific
standards that are to be met for any such EHRs are
set forth in federal regulations.

“Enterprise Integration”: The electronic linkage of
healthcare providers, health plans, the government,
and other interested parties to enable the electronic
exchange and use of health information among all
the components in the health care infrastructure.
“Healthcare Provider”: Hospitals, skilled nursing
facilities, nursing homes, long-term care facilities,
home health agencies, hemodialysis centers,
clinics, community mental health centers,
ambulatory surgery centers, group practices,
pharmacies and pharmacists, laboratories,
physicians, and therapists, among others.
“Health Information Technology” (HIT): “Hardware,
software, integrated technologies or related
licenses, intellectual property, upgrades, or
packaged solutions sold as services that are
designed for or support the use by healthcare
entities or patients for the electronic creation,
maintenance, access, or exchange of health
information.”
“Qualified Electronic Health Record”: “An
electronic record of health-related information on an
individual.” A “qualified” EHR contains a patient’s
demographic and clinical health information,
including the medical history and a list of health
problems, and is capable of providing support for
clinical decisions and entry of physician orders. It
must also have the capacity “to capture and query
information relevant to health care quality” and
“exchange electronic health information with, and

integrate such information from other sources”
(Readthestimulus.org, 2009, pp. 32–35).

Purposes
The HITECH Act established the Office of the
National Coordinator for Health Information
Technology (ONC) within the USDHHS. The ONC is
headed by the national coordinator, who is responsible
for overseeing the development of a nationwide HIT
infrastructure that supports the use and exchange of
information to achieve the following goals:

1. Improve healthcare quality by enhancing
coordination of services between and among the
various healthcare providers a patient may have,
fostering more appropriate healthcare decisions
at the time and place of delivery of services, and
preventing medical errors and advancing the
delivery of patient-centered care

2. Reduce the cost of health care by addressing
inefficiencies, such as duplication of services
within the healthcare delivery system, and by
reducing the number of medical errors

3. Improve people’s health by promoting
prevention, early detection, and management of
chronic diseases

4. Protect public health by fostering early detection
and rapid response to infectious diseases,
bioterrorism, and other situations that could have

a widespread impact on the health status of
many individuals

5. Facilitate clinical research
6. Reduce health disparities
7. Better secure patient health information

Improving healthcare quality has been an ongoing
challenge in the United States. According to the
Agency for Healthcare Research and Quality
(AHRQ), quality health care is care that is “safe, timely,
patient centered, efficient, and equitable” (AHRQ,
2009, p. 1). AHRQ, an agency within USDHHS, has
been releasing a national healthcare quality report
(NHQR) every year since 2003. Access the most
recent report at
www.ahrq.gov/research/findings/nhqrdr/index.html.
The NHQR emphasized the need for HIT to support the
goal of improving quality of care.

Providers need reliable information about
their performance to guide improvement
activities. Realistically, HIT infrastructure
is needed to ensure that relevant data are
collected regularly, systematically, and
unobtrusively while protecting patient
privacy and confidentiality…. Systems
need to generate information that can be
understood by end users and that are
interoperable across different institutions’
data platforms… Quality improvement

typically requires examining patterns of
care across panels of patients rather than
one patient at a time . . . Ideally,
performance measures should be
calculated automatically from health
records in a format that can be easily
shared and compared across all
providers involved with a patient’s care.
(AHRQ, 2009, p. 13)

The prevalence of healthcare-associated infections
serves as an excellent example of how use of EHR
technology and a nationwide HIT infrastructure can
play a significant role in addressing healthcare quality
issues. According to the NHQR, “wound infections are
a common occurrence following surgery, but hospitals
can reduce the risk of these health care–associated
infections by making sure patients receive an
appropriate antibiotic within an hour before their
procedures” (AHRQ, 2009, p. 110). The Centers for
Medicare and Medicaid Services (CMS) already has
the capacity to track Medicare patients who receive this
prophylactic treatment and the rate of postsurgical
wound infections for those patients who do and do not
receive the treatment. Imagine being able to track this
issue for all surgical patients and developing evidence-
based care plans to ensure that all patients within the
infrastructure receive the same quality of care. This is

just one of many examples in which the end result of
EHR adoption is better patient outcomes.

EHR technology also will make it easier for all
providers involved in a patient’s care to readily access
that patient’s complete and current healthcare record,
thereby allowing providers to make well-informed,
efficient, and effective decisions about a patient’s care
at the time those decisions need to be made. This is of
tremendous benefit to the patient and promotes a
higher level of patient-centered care. It also allows
effective coordination of care between and among all
providers involved in the patient’s care, including
doctors, nurses, therapists, nutritionists, hospitals,
nursing homes, rehabilitation facilities, home health
agencies, laboratories, and other diagnostic centers,
thereby assuring the continuum of patient care.

Such an integrated system would have clear benefits
for patients and providers alike. For example, imagine
how much easier it would be for a patient with a rare
form of cancer to obtain a second oncologist’s opinion
before beginning a course of treatment. The patient’s
complete record, including the results of numerous
diagnostic tests conducted at multiple sites, such as
blood tests, biopsies, radiographs, and scans, would
be readily available to the second oncologist. Imagine
how much easier it would be for a patient with end-
stage renal disease, who is receiving outpatient
hemodialysis several times a week, to receive

appropriate treatment if he or she is suddenly
hospitalized or would like to take a vacation out of
state. Imagine how much easier it would be for nurses
to complete a medication reconciliation for a newly
admitted patient. The possibilities are endless, and the
savings realized from enhancing quality, avoiding
duplication of services, and streamlining delivery of
patient care are obvious.

Reducing healthcare errors has been another ongoing
challenge in the United States. Healthcare providers
strive to meet the standard of care and avoid harm to
patients. Patients have a right to receive appropriate
care, but that does not always happen. Ten years ago,
the Institute of Medicine’s Committee on the Quality of
Health Care in America undertook a comprehensive
literature review and summarized the results of more
than 40 studies about healthcare errors in its seminal
report, To Err Is Human: Building a Safer Health
System (Institute of Medicine, 2000). That report
concluded that approximately 44,000–98,000 people in
the United States die each year as a result of
healthcare errors. Many thousands more who do not
die are seriously injured from such errors. In addition to
the human pain and suffering associated with
healthcare errors, the monetary costs of these errors
are substantial. Although some progress in reducing
healthcare errors has been made since the release of
To Err Is Human, substantial work remains to be done.
It is anticipated that a nationwide HIT infrastructure will

contribute to a reduction in healthcare errors by
providing mechanisms to assist with the prevention of
errors and to provide timely warnings of the possibility
of a repetitive error that may affect many patients.

Containing and reducing healthcare costs in the United
States, where more than $2 trillion is spent on health
care each year (Keehan, Sisko, & Truffler, 2008), is
another daunting challenge. Using EHR technology
and a nationwide HIT infrastructure to improve quality
and reduce errors within the healthcare delivery system
is one way to address this challenge. Imagine the
billions of dollars that could be saved just by reducing
the estimated 1.7 million cases of healthcare-
associated infections contracted by patients in U.S.
hospitals each year (AHRQ, 2009, p. 108).

Promoting prevention, early detection, and
management of chronic diseases is another purpose of
the HITECH Act. The delivery of health care in the
United States traditionally has been based on a
disease model rather than a wellness model. Having
an EHR for each individual could help with the
necessary transition as providers and their patients
become more aware of the variables that positively or
negatively impact health. The ability to identify
appropriate choices to promote wellness and either
prevent illness and injury or detect and manage chronic
diseases sooner will be enhanced.

Chronic diseases are of major concern to this country,
not only because of the impact they have on
individuals, but also because of the tremendous cost
associated with providing treatment for patients with
these conditions. Adult-onset diabetes, for example,
has reached epidemic proportions. A national HIT
infrastructure will help providers better identify those
patients who are at risk for developing this disease and
provide treatment strategies to avoid it. For those
patients who develop type 2 diabetes, their providers
will be able to diagnose the condition much sooner and
manage it more effectively because of the vast
resources that a national HIT infrastructure can
provide.

Improving public health is another purpose of the
HITECH Act. The recent Zika virus challenge is
illustrative of how a national HIT infrastructure can
protect public health by fostering early detection and
rapid response to infectious diseases, bioterrorism, and
other situations that could have a widespread impact
on the health status of many individuals and groups.

The impact that a national HIT infrastructure will have
on clinical research is self-evident. Once the
infrastructure becomes operational, the amount of data
that will become readily available for clinical research
will increase exponentially compared to what is
available today. The ability of researchers to conduct
studies and provide clinicians with the most current

evidence-based practice will be of tremendous benefit
to patients everywhere.

Reducing health disparities is another purpose of the
HITECH Act. According to the AHRQ (2013), “Health
care disparities are differences or gaps in the care
experienced by one population compared with another
population” (p. 1). Detailed information about
healthcare disparities can be found at the website for
the Office of Minority Health and Health Disparities at
www.cdc.gov/omhd. The AHRQ routinely examines
the issue of disparities in health care and reports its
findings to the public. The National Healthcare
Disparities Report of 2012 confirms that some
Americans continue to receive inferior care because of
such factors as race, ethnicity, and socioeconomic
status (AHRQ, 2013). This report found disparities in
the following areas:

Across all dimensions of healthcare quality:
Effectiveness, patient safety, timeliness, and patient
centeredness
Across all dimensions of access to care: Facilitators
and barriers to care and health care utilization
Across many levels and types of care: Preventive
care, treatment of acute conditions, and
management of chronic diseases
Across many clinical conditions: Cancer, diabetes,
end-stage renal disease, heart disease, HIV

disease, mental health and substance abuse, and
respiratory diseases
Across many care settings: Primary care, home
health care, hospice care, emergency department,
hospitals, and nursing homes
Within many subpopulations: Women, children,
older adults, residents of rural areas, and
individuals with disabilities and other special
healthcare needs (AHRQ, 2013, pp. H1–H4)

All patients, regardless of race, ethnicity, or
socioeconomic status, should receive care that is
effective, safe, and timely. When the national HIT
infrastructure contemplated by the HITECH Act is fully
implemented, such disparities are bound to decrease.
The ability to monitor for disparities and promote the
delivery of appropriate care to all patients will be
enhanced. Clinicians will be prompted to base their
treatments on appropriate factors and avoid biased
care.

Perhaps the most important task facing the national
coordinator during the development and
implementation of a nationwide HIT infrastructure is
ensuring the security of the patient health information
within that system. The ability to secure and protect
confidential patient information has always been of
paramount importance to clinicians, who view this
consideration as an ethical and legal obligation of
practice. Patients value their privacy and they have a

right to expect that their confidential health information
will be properly safeguarded. Nurses have been
complying with the regulatory requirements of HIPAA
for years, and the HITECH Act has enhanced the
security and privacy protections each patient has a
right to expect under HIPAA. The specific changes are
discussed in greater detail later in this chapter.

How a National HIT
Infrastructure Is Being
Developed
Developing a national HIT infrastructure is an
enormous and extremely complex undertaking that
requires extensive financial, technologic, and human
resources. The HITECH Act established the ONC, as
noted earlier, and the USDHHS appointed a national
coordinator, who is responsible for the development of
the infrastructure. The HITECH Act also established
two committees within the ONC: the HIT Policy
Committee and the HIT Standards Committee.

The Policy Committee is responsible for making
recommendations to the coordinator about how to
implement the requirements of the HITECH Act, such
as the technologies to use in the infrastructure. The
Policy Committee has a total of 20 members, one of
whom must be a member from a labor organization
and two of whom must be healthcare providers. At

least one of the healthcare providers must be a
physician. There is no specific requirement that a nurse
be on the Policy Committee. A complete list of the
Policy Committee members is available at
www.healthit.hhs.gov.

The Standards Committee is responsible for
recommending standards by which health information
is to be electronically exchanged. The HITECH Act
does not designate the number of members to be on
the committee; however, its members include
healthcare providers, ancillary healthcare workers,
consumers of health care, and others. Again, there is
no specific requirement that a nurse be on the
Standards Committee, and a complete list of the
Standards Committee members is available at
www.healthit.gov.

The HITECH Act also made provisions to include
meaningful public input in the development of a
national HIT infrastructure. Both the Policy Committee
and the Standards Committee hold public meetings,
and anyone interested in this process can participate. A
schedule of meetings, committee agendas, and the
transcripts of past meeting are posted at
www.healthit.gov.

The national coordinator has several duties. He or she
decides whether to endorse the recommendations of
the Policy and Standards Committees and acts as a

liaison among the committees and various federal
agencies involved in the process of developing a
national HIT infrastructure. He or she consults with
these other agencies, including the National Institute
of Standards and Technology, and along with those
agencies updates the Federal HIT Strategic Plan (U.S.
Department of Commerce, 2011). The initial Federal
HIT Strategic Plan was published in June 2008, before
the enactment of the HITECH Act, and the plan has
been updated frequently to reflect evolving IT
strategies. The most current plan can be accessed at
www.healthit.gov/policy-researchers-
implementers/health-it-strategic-planning.

The HITECH Act also provides significant monetary
incentives for providers who engaged in meaningful
use of HIT. “Meaningful use” was defined as “using
electronic health records (EHRs) in a meaningful
manner, which includes, but is not limited to
electronically capturing health information in a coded
format, using that information to track key clinical
conditions, communicating that information to help
coordinate care, and initiating the reporting of clinical
quality measures and public health information” (CMS,
2010, para. 3).

Monetary incentives are available to clinicians and
facilities that implement EHR systems that meet the
specific standards. Providers that fail to adopt such

systems within a specified time frame may be subject
to significant governmental penalties.

How the HITECH Act Changed
HIPAA

HIPAA Privacy and Security Rules
Nurses have been complying with HIPAA for years.
HIPAA was enacted by the federal government for
several purposes, including better portability of health
insurance as a worker moved from one job to another;
deterrence of fraud, abuse, and waste within the
healthcare delivery system; and simplification of the
administrative functions associated with the delivery of
health care, such as reimbursement claims sent to
Medicare and Medicaid. Simplification of administrative
functions entailed the adoption of electronic
transactions that included sensitive healthcare
information. To protect the privacy and security of
health information, two sets of federal regulations were
implemented. The Privacy Rule became effective in
2003, and the Security Rule became effective in 2005.
Many practitioners that refer to HIPAA are not referring
to the comprehensive federal statute enacted in 1996,
but rather to the Privacy Rule and the Security Rule—
that is, the federal regulations that were adopted years
after HIPAA became law.

Under the Privacy Rule, patients have a right to expect
privacy protections that limit the use and disclosure of
their health information. Under the Security Rule,
providers are obligated to safeguard their patients’
health information from improper use or disclosure,
maintain the integrity of the information, and ensure its
availability. Both rules apply to protected health
information (PHI), defined as any physical or mental
health information created, received, or stored by a
“covered entity” that can be used to identify an
individual patient, regardless of the form of the health
information (i.e., it can be electronic, handwritten, or
verbal) (Legal Information Institute [LII], 2013).
Covered entities include hospitals and other healthcare
providers that transmit any health information
electronically, as well as health insurance companies
and healthcare clearinghouses (LII, 2013).

Clinicians have become very knowledgeable about the
requirements of the Privacy and Security Rules. They
are familiar with their obligations to protect patient
information and the rights afforded to their patients
under these regulations. Patients are entitled to a
notice of privacy practices from their healthcare
provider. Inpatients are entitled to opt out of the
facility’s directory, thereby protecting disclosure of
information that they are even a patient in the facility.
Under certain circumstances, patients must authorize
disclosure of their PHI before it can be released by the
provider. Patients can request and obtain access to

their own healthcare records and may request that
corrections and additions be made to their records.
Providers must consider a patient’s request to amend a
healthcare record, but they are not required to make
such an amendment if the request is unwarranted.
Unauthorized access or use or any loss of healthcare
information must be disclosed to any patient affected
by the breach. Patients may request an accounting of
anyone who accessed their healthcare information, and
the provider is required to provide that information in a
timely manner. Finally, patients have a right to
complain if they perceive that the privacy or security of
their healthcare information has been compromised in
some way. Such complaints can be made directly to
the provider or to the Office of Civil Rights (OCR).

The OCR, which is part of the USDHHS, is responsible
for enforcing HIPAA. It provides significant information
and guidance to clinicians who must comply with the
Privacy and Security Rules. It has been tracking
complaints and investigating violations since 2003.
Guidance and information about the complaint process
and the violations that the OCR has handled are
available on its website at
www.healthit.gov/providers-professionals/model-
notices-privacy-practices. As an example, one such
violation involved a nurse practitioner who had
privileges within a healthcare system. She accessed
her ex-husband’s medical records without his
authorization by using the system-wide EHRs. A

complaint was filed and the OCR investigated the
matter. The OCR resolved the complaint with the
healthcare system. As part of this resolution, the
healthcare system curtailed the nurse practitioner’s
access to its EHRs and it required her to undergo
remedial training. In addition, it reported the nurse
practitioner to her professional board (USDHHS, Office
of Civil Rights, n.d.)

Many businesses are moving to enact a “bring your
own device” (BYOD) policy for employees. This policy,
which helps to streamline the lives of employees by
maintaining personal and business information on one
device, can also result in cost savings for the
organization overall. BYOD is an issue, however, when
dealing with PHI. Healthcare organizations typically do
not encourage use of personal devices for professional
matters, and in many instances they actually have
policies in place forbidding employees from using
personal devices in the workplace. According to HIT
Consultant (2013), approximately 50% of healthcare
organizations report that personal mobile devices can
be used to access the Internet within their facilities but
these devices are not given access to the
organization’s network. Typically, only devices that are
issued by the organization, secured, and routinely
audited are able to access to the network. Nurses must
exercise caution when bringing their personal devices
into the healthcare organization to ensure that they are
not violating any specifics of the BYOD policy.

Compliance with the Privacy and Security Rules is
mandatory for all covered entities, and the HITECH Act
extends compliance with these requirements directly to
other entities that are business associates of a covered
entity. Requirements include designation of privacy and
information security officials to protect health
information and appropriate handling of any
complaints. Sanctions must be imposed if a violation of
HIPAA occurs. The Privacy and Security Rules also
mandate that certain physical and technical safeguards
be implemented for PHI, and they require entities to
conduct periodic training of all staff to ensure
compliance with these safeguards. Most entities
adhere to industry standards and provide their
personnel with yearly training. In addition, entities are
to conduct regular audits to ensure compliance, and
any breaches in the privacy or security of PHI must be
remedied immediately. It is important to avoid a
security incident as such incidents trigger certain
notification requirements and may be associated with
monetary penalties.

The HITECH Act Enhanced HIPAA
Protections
The HITECH Act has had a significant impact on
HIPAA’s Privacy and Security Rules in the following
ways:

USDHHS is to provide annual guidance about how
to secure health information.
Notification requirements in the event of a breach in
the security of health information have been
enhanced.
HIPAA requirements now apply directly to any
business associates of a covered entity.
The rules that pertain to providing an accounting to
patients who want to know who accessed their
health information have changed.
Enforcement of HIPAA has been strengthened.

These measures are being implemented to provide
further assurance that health information will be
protected as the country transitions to a nationwide HIT
infrastructure. Several other organizations are also
involved in the privacy and security aspects of the HIT
infrastructure development (Box 8-1).

BOX 8-1 OTHER ORGANIZATIONS

ASSISTING HIPAA

Dee McGonigle, Kathleen Mastrian, and Nedra
Farcus

Several other organizations have been involved
in HIPAA implementation. The American
National Standards Institute (ANSI) X12N and
Health Level Seven (HL7) standards
organizations worked together to develop an

electronic standard for claims attachments to
recommend to USDHHS (Spencer &
Bushman, 2006, para. 2). ANSI (n.d.) was
founded in 1918 and has served as the
coordinator of the U.S. voluntary standards and
conformity assessment system (para. 1). ANSI
provides a forum where the private and public
sectors can cooperatively work together toward
the development of voluntary national
consensus standards and the related
compliance programs (para. 2). HL7 (n.d.) is
one of several ANSI-accredited standards-
developing organizations (SDOs) operating in
the healthcare arena (para. 1). It states that its
mission is to provide standards for
interoperability that improve care delivery,
optimize workflow, reduce ambiguity, and
enhance knowledge transfer among all
stakeholders, including healthcare providers,
government agencies, the vendor community,
fellow SDOs, and patients (para. 5).

HL7 was initially associated with HIPAA in 1996
through the creation of a claims attachments
special interest group charged with
standardizing the supplemental information
needed to support healthcare insurance and
other e-commerce transactions. The initial
deliverable of this group was six claim
attachments. This special interest group is

currently known as the Attachment Special
Interest Group. As the attachment projects
continue, they are slated to include skilled
nursing facilities, home health care,
preauthorization, and referrals.

The “Level Seven” in HL7’s name refers to the
highest level of the International Standards
Organization’s (ISO’s) communications model
for Open Systems Interconnection (OSI)
application level. The application level
addresses definition of the data to be
exchanged, the timing of the interchange, and
the communication of certain errors to the
application. The seventh level supports such
functions as security checks, participant
identification, availability checks, exchange
mechanism negotiations and, most importantly,
data exchange structuring (HL7, n.d., para. 5).

The OSI was an attempt to standardize
networking by the ISO. HL7 addresses the
distinct requirements of the systems in use in
hospitals and other facilities, is more concerned
with application than the other levels, and
considers user authentication and privacy
(Webopedia, 2008). The lower levels of OSI
address hardware, software, and data
reformatting.

HL7’s mission is supported through two
separate groups, the Extensible Markup
Language (XML) special interest group and the
structured documents technical committee. The
XML special interest group makes
recommendations on use of XML standards for
all of HL7’s platform- and vendor-independent
healthcare specifications (HL7, n.d., para. 21).
XML began as a simplified subset of the
standard generalized markup language; its
major purpose is to facilitate the exchange of
structured data across different information
systems, especially via the Internet. It is
considered an extensible language because it
permits users to define their own elements,
thereby supporting customization to enable
purpose-specific development. The structured
documents technical committee supports the
HL7 mission through development of structured
document standards for health care (para. 21).
HL7 also organizes, maintains, and sustains a
repository for the vocabulary terms used in its
messages to provide a shared, well-defined, and
unambiguous knowledge base of the meaning of
the data transferred.

ISO (2008a) is a network of the national
standards institutes of 157 countries. It includes
one member per country, and a central
secretariat in Geneva, Switzerland, coordinates

the system (para. 1). ISO is a nongovernmental
organization; its members are not delegations of
national governments (unlike the case in the
United Nations system). Nevertheless, ISO
occupies a special position between the public
and private sectors. On the one hand, many of
its member institutes are part of the
governmental structure of their countries or are
mandated by their government. On the other
hand, other members have their roots uniquely
in the private sector, having been set up by
national partnerships of industry associations
(ISO, 2008a, para. 2).

This placement enables ISO to become a
bridging organization where members can reach
agreement on solutions that meet both the
requirements of business and the broader needs
of society, consumers, and users. These
international agreements become standards that
use the prefix ISO followed by the number of the
standard. An example is the health informatics,
health cards, numbering system, and
registration procedure for issuer identifiers, ISO
20302:2006; it is designed to confirm, via a
numbering system and registration procedure,
the identities of both the healthcare application
provider and the health card holder so that
information may be exchanged by using cards
issued for healthcare service (ISO, 2008b, para.

12). ISO provides standards for interoperability
that improve care delivery, optimize workflow,
reduce ambiguity, and enhance knowledge
transfer among all of its stakeholders, including
healthcare providers, government agencies, the
vendor community, fellow SDOs, and patients.
The standards are used on a voluntary basis
because ISO has no power to force their
enactment.

All of the organizations described here have
guidelines, standards, and rules to help
healthcare entities collect, store, manipulate,
dispose of, and exchange secure PHI. Many
SDOs work to help develop standards. HIPAA
guarantees the security and privacy of health
information and curtails healthcare fraud and
abuse while enforcing standards for health
information.

UNITED STATES AND
BEYOND
Health care was not the only focus of U.S.
legislative acts. One often sees “GLBA” and
“SOX” when searching for information on
HIPAA. The Gramm-Leach-Bliley Act (GLBA)
is federal legislation in the United States to
control how financial institutions handle the
private information they collect from individuals.

The Sarbanes-Oxley Act (SOX) is legislation
put in place to protect shareholders and the
public from deceptive accounting practices in
organizations.

Privacy and data regulations are also being
established around the world. See a map of the
world depicting the laws of various countries at
this website:
www.dlapiperdataprotection.com/#handbook/world-
map-section. It is quite evident that privacy and
security have become global concerns.

Avoiding security incidents has become a paramount
concern for healthcare organizations and providers.
Providers must protect their information and prevent
unauthorized persons from accessing, using,
disclosing, changing, or destroying a patient’s health
information, or otherwise interfering with the operations
of a health information system, such as an EHR. To
facilitate a provider’s ability to do this, the HITECH Act
requires USDHHS to provide annual guidance to
secure health information. PHI can be secured or
unsecured. PHI is considered unsecured if the provider
does not follow the guidance provided by USDHHS for
implementing technologies and methodologies that
make PHI “unusable, unreadable, or indecipherable to
unauthorized individuals” (USDHHS, 2009). PHI can be
secured through encryption, shredding and other forms
of complete destruction, or electronic media sanitation.

Figure 8-3 depicts some common causes of PHI
vulnerabilities.

Figure 8-3 Vulnerability of Private Health Information

The distinction between secured and unsecured PHI is
important because providers that experience a breach
in the privacy or security of their PHI must adhere to
certain notification requirements depending on the type
of PHI affected by the breach. The HITECH Act
enhanced the breach notification requirements of
HIPAA. If the PHI is unsecured, the provider must take
certain steps to notify those individuals who have been
affected. Providers can avoid these onerous breach
notification requirements if the PHI is secured in
accordance with the specifications of USDHHS.

A breach is considered discovered as soon as an
employee other than the individual who committed the
breach knows or should have known of the breach,
such as unauthorized access or even an unsuccessful
attempt to access information. For example, if a nurse
knows that a colleague has accessed or attempted to
access the record of a patient for whom the colleague
is not providing care (e.g., the nurse practitioner who
accessed her ex-husband’s EHR, as discussed
previously), the nurse’s employer is deemed to have
discovered the breach as soon as the nurse learned of
it. The discovery of a breach triggers the beginning of
the time frame during which the provider must fulfill the
notification requirements. A provider must fulfill these
requirements within a reasonable period of time; under
no circumstances may a provider take more than 60
days from discovery of the breach. It is easy to
understand why providers require their employees to
report knowledge of such breaches immediately to the
privacy or information security officer. A provider’s
failure to adhere to the breach notification requirements
could result in OCR sanctions, including monetary
penalties.

Whenever a breach involves unsecured PHI, covered
entities are responsible for alerting each affected
individual by mail, or by e-mail if preferred by the
individual. If there is insufficient contact information for
10 or more patients, the provider is required to place
conspicuous postings on the home page of its website

or in major print or broadcast media (without identifying
patients). A toll-free telephone number must be
provided so that affected individuals can call for
information about the breach. For breaches involving
unsecured PHI of more than 500 individuals, a
prominent media outlet must also be notified. Notice
must be given to USDHHS as well, and USDHHS will
post the information on its public website (USDHHS,
2009). It is easy to see why providers would want to
avoid these requirements by making sure their PHI is
secured. Having to post such notices undermines the
trust that exists between healthcare providers and the
patients and communities they serve.

The HITECH Act has improved the privacy and security
of patient health information by applying the
requirements of HIPAA directly to the business
associates of covered entities. In the past, it was up to
the covered entity to enter into contracts with its
business associates to ensure compliance with HIPAA.
Now business associates are responsible for their own
compliance. An example of such a business associate
is a HIT company hired by a hospital to implement or
upgrade an EHR system. The technology company has
access to the hospital’s EHR system and must comply
with the HIPAA Privacy and Security Rules, just as
covered entities must comply with these rules. This
includes being subject to enforcement by the OCR for
any violations.

Existing accounting rules are enhanced under the
HITECH Act, giving patients the right to access their
EHR and receive an accounting of all disclosures.
Before the HITECH Act, HIPAA regulations provided an
exception to the accounting requirements. Providers
and other covered entities were not required to include
in the accounting any disclosures that were made to
facilitate treatment/payment/operations—treatment
of patients, the payment for services, or the operations
of the entity—a provision commonly known as the
“TPO exception.” This exception ended in January
2011 for providers that recently implemented new EHR
systems. For those providers with EHR systems that
were implemented before the HITECH Act, the TPO
exception ended in January 2014. It is easy to
understand why this exception has ended. As all
providers implement comprehensive EHR systems, it
will be very easy to generate an electronic record with
an accounting of anyone who accessed a patient’s
record.

Finally, the HITECH Act strengthens the enforcement
of HIPAA. USDHHS can conduct audits, which will be
even easier to accomplish once a nationwide HIT
infrastructure is in place. In addition, stiffer civil
monetary penalties (CMP) for violations of HIPAA
became effective as soon as the HITECH Act became
law in February 2009. CMPs are divided into three
tiers. A Tier 1 CMP, in which the covered entity had no
reason to know of a violation, is $100 per incident, up

to a cap of $25,000 per year. A Tier 2 CMP, in which
the covered entity had reasonable cause to know of a
violation, is $1,000 per incident, up to a cap of
$100,000 per year. A Tier 3 CMP, in which the covered
entity engaged in willful neglect that resulted in a
breach, is $10,000 per incident, up to a cap of
$250,000 per year. In addition, the HITECH Act gives
authority to impose an additional CMP of $50,000 to
$1.5 million if the covered entity does not properly
correct a violation. Criminal penalties also can be
imposed when warranted. It is imperative that providers
avoid these penalties.

Before enactment of the HITECH Act, the federal
government alone enforced HIPAA. Now, state
attorneys general can play a significant role in the
enforcement and prosecution of HIPAA violations.
Once the HITECH Act became law, state attorneys
general were authorized to pursue civil claims for
HIPAA violations and collect up to $25,000 plus
attorneys’ fees. As of 2012, individuals who are
damaged by such violations became eligible to share in
any monetary awards obtained by these state officials.

Implications for Nursing
Practice

Being Involved and Staying Informed

The development and implementation of a nationwide
EHR system holds great promise for nursing practice
and nursing informatics. The profession of nursing will
benefit from the many enhancements such an
infrastructure has to offer, including the ability to
improve the delivery of nursing care and the quality of
that care, the ability to make more efficient and timely
nursing care decisions for patients, the ability to avoid
errors that may harm patients, and the ability to
promote health and wellness for the patients whom
nurses serve. On a broader scale, nurse researchers
will have the ability to more readily access data that
can be used to continue to foster evidence-based
practice. The possibilities seem endless. For those who
devote their professional careers to nursing informatics
or plan to do so, the opportunities abound. Much work
remains to be done as this country transitions to a
nationwide HIT infrastructure, and moves beyond
meaningful use requirements.

All nurses need to be engaged in this process, whether
they treat patients, are managers within healthcare
organizations, teach, develop computer programs, or
help create institutional or governmental policies.
Nurses, as the end users of developing technologies,
cannot afford to be left behind in these exciting times.
Their voices must be heard, whether it is within the
facility where they work as changes to the EHR system
are contemplated, or whether it is in the public policy
arena. How often are nurses the last to know that a

new EHR system has been adopted by their hospital?
How many times have nurses been trained to use a
system that would have benefited from their input
before it was implemented or even purchased? Nurses
often are not invited to the table when entities make
decisions about informatics, so they should not be
afraid to ask to be included, whether it is to be heard
within the workplace or within the governmental
agencies that are overseeing the changes that are
taking place.

Even nurses who do not get involved in this process
need to stay current with the rapid changes that are
taking place. Information about federal initiatives is
available from the ONC and the OCR. Both offices are
housed within USDHHS and are excellent resources
for additional information about the HITECH Act and
HIPAA. Regulations to implement the HITECH Act and
enhance the HIPAA protections required by it are being
proposed and adopted at a rapid pace. See
www.healthit.gov to access the most current
information.

Protecting Yourself
Nurses who strive to protect the privacy and security of
patient information are protecting themselves from
ethical lapses and violations of law. The American
Nurses Association’s (ANA’s) Code of Ethics for
Nurses with Interpretive Statements mandates that

nurses protect a patient’s rights to privacy and
confidentiality.

Associated with the right to privacy, the nurse has a
duty to maintain confidentiality of all patient
information. Nurses who engage with social media
need to be especially cognizant of the potential for
breaching the confidentiality of patient information. Box
8-2 provides more information related to nurses’ use of
social media. Refer also to the ethical use of social
media discussed in Chapter 5. The patient’s well-being
could be jeopardized and the fundamental trust
between patient and nurse destroyed by unnecessary
access to data or by the inappropriate disclosure of
identifiable patient information. The rights, well-being,
and safety of the individual patient should be the
primary factors in arriving at any professional judgment
concerning the disposition of confidential information
received from or about the patient, whether oral,
written, or electronic. The standard of nursing practice
and the nurse’s responsibility to provide quality care
require that relevant data be shared with only those
members of the healthcare team who have a need to
know that information. Only information pertinent to a
patient’s treatment and welfare should be disclosed,
and only to those directly involved with the patient’s
care. When using electronic communications, special
effort should be made to maintain data security (ANA,
2010, p. 6).

BOX 8-2 USE OF SOCIAL NETWORKS

BY NURSES

Glenn Johnson and Jeff Swain

New opportunities to share information via social
networks have grabbed the headlines. Since
their inception in 2004, the growth in popularity
of social networking tools, such as Facebook
(www.facebook.com) and Twitter
(www.twitter.com), has been phenomenal. What
makes these sites so attractive? Web-based
applications, such as Facebook, allow users to
connect and share information in ways that were
not previously possible. Users develop online
profiles that contain information they select to
share with others. Using simple online utilities,
users can easily connect and share their
profiles, communicating with friends over the
Internet. Virtual groups of users with similar
profiles may be created, connecting users with
others who have similar interests. Twitter, a
micro-blogging platform, allows users to create
interpersonal networks for socializing, support,
and information sharing. The power of such
tools as Twitter lies in their being lightweight,
their limiting of updates to 140 or fewer
characters, and their convenience—users can
update their status from any device that has an

Internet connection or text messaging
capabilities.

The popularity of social and mobile networking
applications is one indication of how new Web-
based technologies are changing
communication preferences. The Web is no
longer a destination place, but instead has
become a vehicle of communication where
individuals use application software (“apps”),
which are installed or downloaded, to connect
with others. Individuals act as their own portal
and can connect from anywhere with their
various communities. This makes it difficult to
separate out various communities and social
networks. Where once it was relatively easy to
separate work relationships from friends and
family, networked communities tend to overlap,
blurring the boundaries between them. The
phenomenon of overlapping networks means
that the unintended audience is almost always
greater than the intended one. A status update
that may be construed as harmless and funny to
one’s friends could be taken an entirely different
way by family or colleagues. This is not to say
networked communities are harmful or bad.
Indeed, the benefits of such communities far
exceed their negatives. However, the immediacy
and the permanence of the updates shared
mean that the user must think about the impact

beyond the intended audience in ways never
before required (Johnson & Swain, 2011).

Nurses and other healthcare workers who use
social media must be aware that the overlapping
of networks may unintentionally create privacy
and confidentiality breaches. Even when
patients are not identified by name, general
sharing of information or venting about a difficult
day may constitute a privacy breach. The
National Council of State Boards of Nursing
(NCSBN, 2011) has collaborated with the ANA
to develop specific guidelines for the use of
social media by nurses. See
www.ncsbn.org/Social_Media.pdf to read a
white paper discussing common misconceptions
about social media, consequences for breaching
confidentiality using social media, guidelines for
appropriate use of social media, and case
scenarios with discussion.

REFERENCES

Johnson, G., & Swain, J. (2011).
Professional development and
collaboration tools. In D.
McGonigle & K. Mastrian (Eds.),
Nursing informatics and the
foundation of knowledge (2nd
ed., pp. 185–195). Burlington,
MA: Jones & Bartlett Learning.

National Council of State Boards of
Nursing. (2011). White paper: A
nurse’s guide to the use of social
media. Retrieved from
https://www.ncsbn.org/Social_Media.pdf

The similarities between these ethical obligations and
the legal requirements of HIPAA and other federal and
state privacy and confidentiality laws are readily
apparent to nurses. By complying with their ethical
code, nurses were complying with the Privacy and
Security Rules before they were required to do so.
Since the adoption of the HIPAA Privacy and Security
Rules, and now with the passage of the HITECH Act, it
is more important than ever for nurses to understand
their obligations in this area and avoid the pitfalls of
violations.

In addition to the sanctions imposed by the OCR,
violations can lead to disciplinary actions by employers
and professional licensing boards, as well as litigation.
Such actions can have a serious negative impact on
the nurse’s reputation and financial well-being. If a
nurse is terminated for invading a patient’s privacy or
breaching the confidentiality of a patient’s information,
some state laws require reporting the information to

prospective employers of the nurse; other laws require
reporting to the State Board of Nursing. State Boards
of Nursing have the authority to publicly discipline a
nurse who has engaged in professional misconduct by
invading a patient’s privacy, which includes
inappropriately accessing a patient’s EHR, and
breaching confidentiality of patient information, such as
allowing or tolerating unauthorized access to a
patient’s EHR. These types of situations can also
cause patients to file complaints with the OCR and
lawsuits against the offenders. Nurses must be ever
mindful of their obligations to report a breach in the
privacy or security of PHI to their employers, even if it
entails reporting a colleague.

Finally, some view the EHR as a convenient method for
employers to monitor the performance of its nurses.
Clearly, an EHR system provides a wealth of
information that can be, and often is required to be,
monitored. Audits are required to make sure that no
breaches in the system’s security occur. Audits are not
necessarily required to determine, for example, which
nurses are failing to complete the hospital’s
documentation requirements in a timely fashion, which
nurses are improperly altering (attempting to correct)
the record, or which nurses are dispensing more pain
medication than the average. Nurses have been
challenged by employers who allege failure to
document, improper or false documentation, and
suspected diversion of narcotics. These types of

situations are unsettling and may be on the rise as
more providers adopt or augment EHR systems. Thus
it behooves every nurse who works with such a system
to obtain proper training and to know the policies and
procedures that pertain to its use.

Social media can and should be used in an appropriate
manner by professionals to educate and promote
health behaviors in the clients they serve,
communicate with clients if they choose this method of
communication, and network with other professionals
by sharing information (deidentified) and knowledge.
As Gagnon and Sabus (2015) suggest, “the reach of
social media for health and wellness presents exciting
opportunities for the health care professional with a
well-executed social media presence. Social media
give health care providers a far-reaching platform on
which to contribute high-quality online content and
amplify positive and accurate health care information
and messages. It also provides a forum for correcting
misinformation and addressing misconceptions” (p.
410). They advocated for healthcare professionals to
practice digital professionalism, and for social media
use to be one of the professional competencies for
health professional education. Bazan (2015) suggested
that social media can be used to consult with other
healthcare providers, such as in a professional
Facebook group using direct private messaging
between the two providers, but cautioned that posting
to the main social site cannot contain any hint of PHI.

He also shared information about a progressive
practice that communicates with patients via private
messaging on Facebook. Remember that everything
you do electronically leaves a digital footprint! Proceed
with caution and be certain that your digital interactions
comply completely with professional ethics, laws, and
organizational policies.

Future Regulations
CMS recently released new legislation, the Medicare
Access and CHIP Reauthorization Act of 2015
(MACRA; USDHHS, 2016). Although this legislation
primarily affects provider payments, all members of the
healthcare team will have a hand in ensuring quality
care. The final implementation guidelines have yet to
be released, but this new legislation is expected to
replace the former CMS meaningful use guidelines. For
more information on this program, refer to the chapter
on Workflow and Meaningful Use.

The U.S. Food and Drug Administration (FDA), a
division of USDHHS, is responsible for regulating
medical devices to ensure public safety. In 2015, the
FDA released a guidance document for manufacturers,
developers, and FDA staff related to mobile medical
applications. At the current time, the most common
types of these applications, or apps, are not regulated
by the FDA because they are not defined as medical
devices. An app is defined as a medical device and

may be subject to regulation by the FDA if “the
intended use of a mobile app is for the diagnosis of a
disease or other conditions, or the cure, mitigation,
treatment, or prevention of disease, or if it is intended
to affect the structure or function of the body of man”
(FDA, 2015, p. 8). The guidance document also
provides a list of examples of apps that are not
currently viewed as medical devices, such as apps that
help users organize personal medical data, track
fitness, or self-manage a disease. If, however, the
mobile app is an accessory to a regulated medical
device, then it is also considered a medical device and
is subject to FDA oversight. We need to be aware that
as these mobile apps become more sophisticated in
the future, they may indeed be subject to more
stringent oversight by the FDA to ensure consumer
safety.

Summary
The HITECH Act and the HIPAA Privacy and Security
Rules are intended to enhance the rights of individuals.
These laws provide patients with greater access and
control over their PHI. They can control its uses,
dissemination, and disclosures. Covered entities must
establish not only a required level of security for PHI,
but also sanctions for employees who violate the
organization’s privacy policies and administrative
processes for responding to patient requests regarding
their information. Therefore, they must be able to track

the PHI, note access from the perspective of which
information was accessed and by whom, and identify
any disclosures. Finally, readers should recognize that
there is global awareness of the need for privacy
protections for personal information or PHI. Over the
next few years, international efforts will accelerate,
enhancing international data exchange.

THOUGHT-PROVOKING QUESTIONS

1. One of the largest problems with
healthcare information security has
always been inappropriate use by
authorized users. How do HIPAA and the
HITECH Act help to curb this problem?

2. How do you envision Health Level Seven,
HIPAA, and the HITECH Act evolving in
the next decade?

3. If you were the privacy officer in your
organization, how would you address the
following?
a. Tracking each point of access of the

patient’s database, including who
entered the data.

b. Encouraging employees to report
privacy and security breaches.

c. The healthcare professionals are using
smartphones, iPads, and other mobile
devices. How do you address privacy

when data can literally walk out of your
setting?

d. You observe one of the healthcare
professionals using his smartphone to
take pictures of a patient. He sees you
and says, in front of the patient, “I am
not capturing her face!” How do you
respond to this situation?

References
Agency for Healthcare Research and

Quality (AHRQ). (2009). National
healthcare quality report (NHQR)
2009: Crossing the quality chasm: A
new healthcare system for the 21st
century. Washington, DC: National
Academies Press.

Agency for Healthcare Research and
Quality (AHRQ). (2013). 2012 national
healthcare disparities report. Retrieved
from
https://archive.ahrq.gov/research/findings/nhqrdr/nhdr12

American National Standards Institute
(ANSI). (n.d.). ANSI: A historical

overview. Retrieved from
http://ansi.org/about_ansi/introduction/history.aspx?
menuid=1

American Nurses Association (ANA).
(2010). Code of ethics for nurses with
interpretive statements. Retrieved from
http://www.nursingworld.org/codeofethics

Ashish, J. (2009). Use of electronic health
records in U.S. hospitals. New England
Journal of Medicine, 360(16), 1628–
1638.

Bazan, J. (2015). HIPAA in the age of
social media. Optometry Times, 7(2),
16–18.

Centers for Medicare and Medicaid
Services (CMS). (2010). Meaningful
use. Retrieved from
https://www.cms.gov/EHRIncentivePrograms/30_Meaningful_Use.asp

Centers for Medicare and Medicaid
Services (CMS). (2014). Introduction to
administrative simplification. Retrieved

from
https://www.cms.gov/eHealth/downloads/eHealthU_IntroAdminSimp.pdf

Egger, E. (2000). HIPAA offers hospitals
the good, the bad, and the ugly. Health
Care Strategic Management, 18(4), 1,
21–23.

Food and Drug Administration (FDA).
(2015). Mobile medical applications.
Guidance for industry and food and
drug administration staff. Retrieved
from
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM263366.pdf

Gagnon, K., & Sabus, C. (2015).
Professionalism in a Digital Age:
Opportunities and considerations for
using social media in health care.
Physical Therapy, 95(3), 406–414.
doi:10.2522/ptj.20130227

Guidance on compliance with HIPAA
transactions and code sets. (2003).
Retrieved from
https://www.ihs.gov/hipaa/documents/guidance-
final.pdf

Health Level Seven (HL7). (n.d.). What is
HL7? Retrieved from
http://www.hl7.org

Hellerstein, D. (1999). HIPAA’s impact on
healthcare. Health Management
Technology, 20(3), 10.

Hellerstein, D. (2000). HIPAA and health
information privacy rules: Almost there.
Health Management Technology,
21(4), 26.

HIT Consultant. (2013). 3 Do’s and don’ts
of effective HIPAA compliance for
BYOD & mHealth. Retrieved from
http://hitconsultant.net/2013/06/11/3-
dos-and-donts-of-effective-hipaa-
compliance-for-byod-mhealth

Institute of Medicine. (2000). To err is
human: Building a safer health system.
Washington, DC: National Academies
Press.

International Standards Organization
(ISO). (2008a). About ISO. Retrieved
from
http://www.iso.org/iso/about.htm

International Standards Organization
(ISO). (2008b). Health informatics.
Retrieved from
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?
csnumber=35376

Keehan, S., Sisko, A.Q., & Truffler, C.
(2008). Health spending projections
through 2017: The baby-boom
generation is coming to Medicare.
Health Affairs, 27(2), 145–155.

Legal Information Institute (LII). (2013). 45
CFR 160.103—Definitions. Retrieved
from
https://www.law.cornell.edu/cfr/text/45/160.103

Leyva, C., & Leyva, D. (2011). HITECH
Act. Retrieved from
http://www.hipaasurvivalguide.com/hitech-
act-text.php

Office of the National Coordinator for
Health Information Technology. (2015,
June). Non-federal acute care hospital
electronic health record adoption,
Health IT Quick-Stat #47. Retrieved
from
http://dashboard.healthit.gov/quickstats/pages/FIG-
Hospital-EHR-Adoption.php

Privacy Commissioner. (2007). Health
information privacy code. Retrieved
from
http://www.privacy.org.nz/health-
information-privacy-code

Readthestimulus.org. (2009). Committee
print, January 16, 2009. Retrieved from
http://govinfo.sla.org/2009/02/08/readthestimulusorg

Savage, M. (2006). Security news: Perfect
HIPAA security impossible, experts
say. TechTarget. Retrieved from
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1268986,00.html

Spencer, J., & Bushman, M. (2006).
HIPAAdvisory: The next HIPAA frontier:

Claims attachments. Retrieved from
http://www.worldprivacyforum.org/wp-
content/uploads/2006/02/WPF_HHS_NPRM_HIPAAclaims_fs.pdf

U.S. Department of Commerce. (2011).
National Institute of Standards and
Technology (NIST). Retrieved from
http://www.nist.gov/index.html

U.S. Department of Health and Human
Services (HHS). (2002). Federal
Register, Part V, Department of Health
and Human Services: Standards for
privacy of individually identifiable
health information; Final rule.
Retrieved from
https://aspe.hhs.gov/report/standards-
privacy-individually-identifiable-
health-information-final-privacy-
rule-preamble

U.S. Department of Health and Human
Services (HHS). (2009). Federal
Register: 45 CFR Parts 160 and 164:
Breach Notification for Unsecured
Protected Health Information; Interim.

U.S. Department of Health and Human
Services (HHS). (2015). The privacy
act. Retrieved from
http://www.hhs.gov/foia/privacy

U.S. Department of Health and Human
Services (HHS). (2016). Administration
takes first step to implement legislation
modernizing how Medicare pays
physicians for quality. Retrieved from
http://www.hhs.gov/about/news/2016/04/27/administration-
takes-first-step-implement-
legislation-modernizing-how-
medicare-pays-physicians.html

U.S. Department of Health and Human
Services (HHS), Office of Civil Rights
(OCR). (n.d.). Health information
privacy: All case examples. Retrieved
from
http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/allcases.html#case1

Webopedia. (2008). The 7 layers of the
OSI model. Retrieved from
http://www.webopedia.com/quick_ref/OSI_Layers.asp

SECTION III: Nursing
Informatics Administrative
Applications: Precare and
Care Support

Chapter 9 Systems Development Life Cycle:
Nursing Informatics and Organizational
Decision Making

Chapter 10 Administrative Information Systems

Chapter 11 The Human–Technology Interface

Chapter 12 Electronic Security

Chapter 13 Workflow and Beyond Meaningful
Use

Nursing informatics (NI) and information technology
(IT) have invaded nursing, and some nurses are happy
with the capabilities afforded by this specialty. Others,
however, remain convinced that the changes wrought
by IT are nothing more than a nuisance. In the past,
nursing administrators have found the implementation
of technology tools to be an expensive venture with
minimal rewards. This disappointment is likely related
to their lack of knowledge about NI, which caused
nursing administrators to listen to vendors or other

colleagues; in essence, it was decision making based
on limited and biased information. There were at least
two reasons for the experience of limited rewards.
First, nurses were rarely included in the testing and
implementation of products designed for nurses and
nursing tasks. Second, the new products they
purchased had to interface with old, legacy systems
that were not at all compatible or seemed compatible
until the glitches arose. These glitches caused
frustration for clinicians and administrators alike. They
purchased tools that should have made the nurses
happy, but instead all they did was grumble.

The good news is that approaches have changed as a
result of the difficult lessons learned from the early
forays into technology tools. Nursing personnel are
involved both at the agency level and at the vendor
level, in the decision-making process and development
of new systems and products charged with enhancing
the practice of nursing. Older legacy systems are being
replaced with newer systems that have more capacity
to interface with other systems. Nurses and
administrators have become more astute in the realm
of NI, but there is still a long way to go. The Systems
Development Life Cycle: Nursing Informatics and
Organizational Decision Making chapter introduces the
system development life cycle, which is used to make
important and appropriate organizational decisions for
technology adoption.

Administrators need information systems that facilitate
their administrative role, and they particularly need
systems that provide financial, risk management,
quality assurance, human resources, payroll, patient
registration, acuity, communication, and scheduling
functions. The administrator must be open to learning
about all of the tools available. One of the most
important tasks that an administrator can oversee and
engage in is data mining, or the extraction of data and
information from big data, sizeable datasets that have
been collected and warehoused. Data mining helps to
identify patterns in aggregate data, gain insights, and
ultimately discover and generate knowledge applicable
to nursing science. To take advantage of these
benefits, nursing administrators must become astute
informaticists—knowledge workers who harness the
information and knowledge at their fingertips to
facilitate the practice of their clinicians, improve patient
care, and advance the science of nursing.

Clinical information systems (CIS) have traditionally
been designed for use by one unit or department within
an institution. However, because clinicians working in
other areas of the organization need access to this
information, these data and information are generally
used by more than one area. The new initiatives arising
with the integration of the electronic health record place
institutions in the position of striving to manage their
CIS through the electronic health record. Currently,
there are many CISs, including nursing, laboratory,

pharmacy, monitoring, and order entry, plus additional
ancillary systems to meet the individual institutions’
needs. The Administrative Information Systems
chapter provides an overview of administrative
information systems and helps the reader to
understand the powerful data aggregation and data
mining tools afforded by these systems.

The Human–Technology Interface chapter discusses
the need to improve quality and safety outcomes
significantly in the United States. Through the use of IT,
the designs for human–technology interfaces can be
radically improved so that the technology better fits
both human and task requirements. A number of useful
tools are currently available for the analysis, design,
and evaluation phases of development life cycles and
should be used routinely by informatics professionals
to ensure that technology better fits both task and user
requirements. In this chapter, the authors stress that
the focus on interface improvement using these tools
has dramatically improved patient safety in a specific
area of health care: anesthesiology. With increased
attention from informatics professionals and engineers,
the same kinds of improvements are being made in
other areas. This human–technology interface is a
crucial area if the theories, architectures, and tools
provided by the building block sciences are to be
implemented.

Each organization must determine who can access and

use its information systems and provide robust tools for
securing information in a networked environment. The
Electronic Security chapter addresses the important
safeguards for protecting information. As new
technologies designed to improve inter-professional
collaboration and enhance patient care are adopted,
barriers to implementation and resistance by
practitioners to change are frequently encountered.
The Workflow and Beyond Meaningful Use chapter
provides insights into clinical workflow analysis and
provides advice on improving efficiency and
effectiveness while reviewing what we have learned as
we tried to achieve meaningful use of caring
technologies.

Pause to reflect on the Foundation of Knowledge
model (Figure III-1) and its relationship to both
personal and organizational knowledge management.
Consider that organizational decision making must be
driven by appropriate information and knowledge
developed in the organization and applied with wisdom.
Equally important to adopting technology within an
organization is the consideration of the knowledge
base and knowledge capabilities of the individuals
within that organization. Administrators must use the
system development life cycle wisely and carefully
consider organizational workflow as they adopt NI
technology for meaningful use.

Figure III-1 Foundation of Knowledge Model

Designed by Alicia Mastrian

The reader of this section is challenged to ask the
following questions: (1) How can I apply the knowledge
gained from my practice setting to benefit my patients
and enhance my practice?; (2) How can I help my
colleagues and patients understand and use the
current technology that is available?; and (3) How can I
use my wisdom to create the theories, tools, and
knowledge of the future?

CHAPTER 9: Systems
Development Life Cycle:
Nursing Informatics and
Organizational Decision
Making

Dee McGonigle and Kathleen Mastrian

Objectives
1. Describe the systems development life

cycle (SDLC).
2. Explore selected approaches to SDLC.
3. Assess interoperability and its importance

in addressing and meeting the challenges
of implementing the HITECH Act in
health care.

4. Reflect on the past to move forward into
the future to determine how new systems
will be developed, integrated, and made
interoperable in health care.

Key Terms
» Chief information officer

» Computer-aided software engineering

» Dynamic system development method

» End users

» Health management information
system

» Hospital information system

» Information technology

» Integration

» Interoperability

» Iteration

» Milestones

» MoSCoW

» Object-oriented systems development

» Open source software

» Prototype

» Rapid application development

» Rapid prototyping

» Repository

» Systems development life cycle

» TELOS strategy

» Waterfall model

Introduction
The following case scenario demonstrates the need to
have all of the stakeholders involved from the
beginning to the end of the systems development life
cycle (SDLC). Creating the right team to manage the
development is key. Various methodologies have been
developed to guide this process. This chapter reviews
the following approaches to SDLC: waterfall, rapid
prototyping or rapid application development (RAD),
object-oriented system development (OOSD), and
dynamic system development method (DSDM). When
reading about each approach, think about the case
scenario and how important it is to understand the
specific situational needs and the various
methodologies for bringing a system to life. As in this
case, it is generally necessary or beneficial to use a
hybrid approach that blends two or more models for a
robust development process.

As the case demonstrates, the process of developing
systems or SDLC is an ongoing development with a life

cycle. The first step in developing a system is to
understand the problems or business needs. It is
followed by understanding the solution or how to
address those needs; developing a plan; implementing
the plan; evaluating the implementation; and, finally,
maintenance, review, and destruction. If the system
needs major upgrading outside of the scope of the
maintenance phase, if it needs to be replaced because
of technological advances, or if the business needs
change, a new project is launched, the old system is
destroyed, and the life cycle begins anew.

SDLC is a way to deliver efficient and effective
information systems (ISs) that fit with the strategic
business plan of an organization. The business plan
stems from the mission of the organization. In the world
of health care, its development includes a needs
assessment for the entire organization, which should
include outreach linkages (as seen in the case
scenario) and partnerships and merged or shared
functions. The organization’s participating physicians
and other ancillary professionals and their offices are
included in thorough needs assessments. When
developing a strategic plan, the design must take into
account the existence of the organization within the
larger healthcare delivery system and assess the
various factors outside of the organization itself,
including technological, legislative, and environmental
issues that impact the organization. The plan must
identify the needs of the organization as a whole and

propose solutions to meet those needs or a way to
address the issues.

CASE SCENARIO

Envision two large healthcare facilities that
merge resources to better serve their
community. This merger is called the Wellness
Alliance, and its mission is to establish and
manage community health programming that
addresses the health needs of the rural,
underserved populations in the area. The
Wellness Alliance would like to establish pilot
clinical sites in five rural areas to promote
access and provide health care to these
underserved consumers. Each clinical site will
have a full-time program manager and three
part-time employees (a secretary, a nurse, and a
doctor). Each program manager will report to the
wellness program coordinator, a newly created
position within the Wellness Alliance.

Because you are a community health nurse with
extensive experience, you have been appointed
as the wellness program coordinator. Your
directive is to establish these clinical sites within
3 months and report back in 6 months as to the
following: (1) community health programs
offered, (2) level of community involvement in
outreach health programs and clinical site–

based programming, (3) consumer visits made
to the clinical site, and (4) personnel
performance.

You are excited and challenged, but soon reality
sets in: You know that you have five different
sites with five different program managers. You
need some way to gather the vital information
from each of them in a similar manner so that
the data are meaningful and useful to you as
you develop your reports and evaluate the
strengths and weaknesses of the pilot project.
You know that you need a system that will
handle all of the pilot project’s information
needs.

Your first stop is the chief information officer
of the health system, a nurse informaticist. You
know her from the health management
information system mini-seminar that she led.
After explaining your needs, you share with her
the constraint that this system must be in place
in 3 months when the sites are up and running
before you make your report. When she begins
to ask questions, you realize that you do not
know the answers. All you know is that you must
be able to report on which community health
programs were offered, track the level of
community involvement in outreach health
programs and clinical site–based programming,
monitor consumer visits made to the clinical site,

and monitor the performance of site personnel.
You know that you want accessible, real-time
tracking, but as far as programming and clinical
site–related activities are concerned, you do not
have a precise description of either the process
or procedures that will be involved in
implementing the pilot, or the means by which
they will gather and enter data.

The chief information officer requires that you
and each program manager remain involved in
the development process. She assigns an
information technology (IT) analyst to work
with you and your team in the development of a
system that will meet your current needs. After
the first meeting, your head is spinning: The IT
analyst has challenged your team not only to
work out the process for your immediate needs,
but also to envision what your needs will be in
the future. At the next meeting, you tell the
analyst that your team does not feel comfortable
trying to map everything out at this point. He
states that there are several ways to go about
building the system and software by using the
SDLC. Noticing the blank look on everyone’s
faces, he explains that the SDLC is a series of
actions used to develop an IS. The SDLC is
similar to the nursing process, in which the
nurse must assess, diagnose, plan, implement,
evaluate, and revise. If the plan developed in

this way does not meet the patient’s need or if a
new problem arises, the nurse either revises
and updates the plan or starts anew. Likewise,
you will plan, analyze, design, implement,
operate, support, and secure the proposed
community health system.

The SDLC is an iterative process—a conceptual
model that is used in project management
describing the phases involved in building or
developing an IS. It moves from assessing
feasibility or project initiation, to design analysis,
to system specification, to programming, to
testing, to implementation, to maintenance, and
to destruction—literally from beginning to end.
As the IT analyst describes this process, once
again he sees puzzled looks. He quickly states
that even the destruction of the system is
planned—that is, how it will be retired, broken
down, and replaced with a new system. Even
during upgrades, destruction tactics can be
invoked to secure the data and even decide if
servers are to be disposed of or repurposed.
The security people will tell you that this is their
phase, where they make sure that any sensitive
information is properly handled and decide
whether the data are to be securely and safely
archived or destroyed.

After reviewing all of the possible methods and
helping you to conduct your feasibility and

business study, the analyst chooses the DSDM.
This SDLC model was chosen because it works
well when the time span is short and the
requirements are fluctuating and mainly
unknown at the outset. The IT analyst explains
that this model works well on tight schedules
and is a highly iterative and incremental
approach that stresses continuous user input
and involvement. As part of this highly iterative
process, the team will revisit and loop through
the same development activities numerous
times; this repetitive examination provides ever-
increasing levels of detail, thereby improving
accuracy. The analyst explains that you will use
a mockup of the hospital information system
(HIS) and design for what is known; you will
then create your own mini-system that will
interface with the HIS. Because time is short,
the analysis, design, and development phases
will occur simultaneously while you are
formulating and revising your specific
requirements through the iterative process so
that they can be integrated into the system.

The functional model iteration phase will be
completed in 2 weeks based on the information
that you have given to the analyst. At that time,
the prototype will be reviewed by the team. The
IT analyst tells you to expect at least two or
more iterations of the prototype based on your

input. You should end with software that
provides some key capabilities. Design and
testing will occur in the design and build iteration
phase and continue until the system is ready for
implementation, the final phase. This DSDM
should work well because any previous phase
can be revisited and reworked through its
iterative process.

One month into the SDLC process, the IT
analyst tells the team that he will be leaving his
position at Wellness Alliance. He introduces his
replacement. She is new to Wellness Alliance
and is eager to work with the team. The initial IT
analyst will be there 1 more week to help the
new analyst with the transition. When he
explains that you are working through DSDM,
she looks a bit panicky and states that she has
never used this approach. She has used the
waterfall, prototyping, iterative enhancement,
spiral, and object-oriented methodologies—but
never the DSDM. From what she heard, DSDM
is new and often runs amok because of the lack
of understanding as to how to implement it
appropriately. After 1 week on the project, the
new IT analyst believes that this approach was
not the best choice. As the leader of this SDLC,
she is growing concerned about having a
product ready at the point when the clinical sites
open. She might combine another method to

create a hybrid approach with which she would
be more comfortable; she is thinking out loud
and has everyone very nervous.

The IT analyst reviews the equipment that has
arrived for the sites and is excited to learn that
the computers were ordered from Apple. They
will be powerful and versatile enough for your
needs.

Two months after the opening of the clinical
sites, you, as the wellness program coordinator
are still tweaking the system with the help of the
IT analyst. It is hard to believe how quickly the
team was able to get a robust system in place.
As you think back on the process, it seems so
long ago that you reviewed the HIS for
deficiencies and screen shots. You reexamined
your requirements and watched them come to
life through five prototype iterations and
constant security updates. You trained your
personnel on its use, tested its performance,
and made final adjustments before
implementation. Your own stand-alone system
that met your needs was installed and fully
operational on the Friday before you opened the
clinic doors on Monday, 1 day ahead of
schedule. You are continuing to evaluate and
modify the system, but that is how the SDLC
works: It is never finished, but rather constantly
evolving.

SDLC can occur within an organization, be outsourced,
or be a blend of the two approaches. With outsourcing,
the team hires an outside organization to carry out all
or some of the development. Developing systems that
truly meet business needs is not an easy task and is
quite complex. Therefore, it is common to run over
budget and miss milestones. When reading this
chapter, reflect on the case scenario and in general the
challenges teams face when developing systems.

Waterfall Model
The waterfall model is one of the oldest methods and
literally depicts a waterfall effect—that is, the output
from each previous phase flows into or becomes the
initial input for the next phase. This model is a
sequential development process in that there is one
pass through each component activity from conception
or feasibility through implementation in a linear order.
The deliverables for each phase result from the inputs
and any additional information that is gathered. There
is minimal or no iterative development where one takes
advantage of what was learned during the
development of earlier deliverables. Many projects are
broken down into six phases (Figure 9-1), especially
small- to medium-size projects.

Figure 9-1 Waterfall Phases

Feasibility
As the term implies, the feasibility study is used to
determine whether the project should be initiated and
supported. This study should generate a project plan
and estimated budget for the SDLC phases. Often, the
TELOS strategy—technological and systems,
economic, legal, operational, and schedule feasibility—
is followed. Technological and systems feasibility
addresses the issues of technological capabilities,
including the expertise and infrastructure to complete
the project. Economic feasibility is the cost–benefit
analysis, weighing the benefits versus the costs to
determine whether the project is fiscally possible and
worth undertaking. Formal assessments should include
return on investment. Legal feasibility assesses the
legal ramifications of the project, including current
contractual obligations, legislation, regulatory bodies,

and liabilities that could affect the project. Operational
feasibility determines how effective the project will be in
meeting the needs and expectations of the
organization and actually achieving the goals of the
project or addressing and solving the business
problem. Schedule feasibility assesses the viability of
the time frame, making sure it is a reasonable
estimation of the time and resources necessary for the
project to be developed in time to attain the benefits
and meet constraints. TELOS helps to provide a clear
picture of the feasibility of the project.

Analysis
During the analysis phase, the requirements for the
system are teased out from a detailed study of the
business needs of the organization. As part of this
analysis, work flows and business practices are
examined. It may be necessary to consider options for
changing the business process.

Design
The design phase focuses on high- and low-level
design and interface and data design. At the high-level
phase, the team establishes which programs are
needed and ascertains how they will interact. At the
low-level phase, team members explore how the
individual programs will actually work. The interface
design determines what the look and feel will be or

what the interfaces will look like. During data design,
the team critically thinks about and verifies which data
are required or essential.

The analysis and design phases are vital in the
development cycle, and great care is taken during
these phases to ensure that the software’s overall
configuration is defined properly. Mockups or
prototypes of screenshots, reports, and processes may
be generated to clarify the requirements and get the
team or stakeholders on the same page, limiting the
occurrence of glitches that might result in costly
software development revisions later in the project.

Implement
During this phase, the designs are brought to life
through programming code. The right programming
language, such as C++, Pascal, Java, and so forth, is
chosen based on the application requirements.

Test
The testing is generally broken down into five layers:
(1) the individual programming modules, (2)
integration, (3) volume, (4) the system as a whole,
and (5) beta testing. Typically, the programs are
developed in a modular fashion, and these individual
modules are then subjected to detailed testing. The
separate modules are subsequently synthesized, and

the interfaces between the modules are tested. The
system is evaluated with respect to its platform and the
expected amount or volume of data. It is then tested as
a complete system by the team. Finally, to determine if
the system performs appropriately for the user, it is
beta tested. During beta testing, users put the new
system through its paces to make sure that it does
what they need it to do to perform their jobs.

Maintain
Once the system has been finalized from the testing
phase, it must be maintained. This could include user
support through actual software changes necessitated
through use or time.

According to Isaias and Issa (2015), “one common trait
covers all the variations of this model: It is a sequential
model. Each of its stages must be entirely concluded
before the next can begin” (p. 23). The main lack of
iterative development is seen as a major weakness,
according to Purcell (2007). No projects are static, and
typically changes occur during the SDLC. As
requirements change, there is no way to address them
formally using the waterfall method after project
requirements are developed. The waterfall model
should be used for simple projects when the
requirements are well known and stable from the
outset.

Rapid Prototyping or Rapid
Application Development
As technology advances and faster development is
expected, rapid prototyping, also known as rapid
application development (RAD), provides a fast way
to add functionality through prototyping and user
testing. It is easier for users to examine an actual
prototype rather than documentation. A rapid
requirements-gathering phase relies on workshops and
focus groups to build a prototype application using real
data. This prototype is then beta tested with users, and
their feedback is used to perfect or add functionality
and capabilities to the system (Figure 9-2).

Figure 9-2 Rapid Application Development (RAD) or
Rapid Prototyping

According to Alexandrou (2016), “RAD (rapid
application development) proposes that products can
be developed faster and of higher quality” (para. 1).
The RAD approach uses informal communication,

repurposes components, and typically follows a fast-
paced schedule. Object-oriented programming using
such languages as C++ and Java promotes software
repurposing and reuse.

The major advantage is the speed with which the
system can be deployed; a working, usable system can
be built within 3 months. The use of prototyping allows
the developers to skip steps in the SDLC process in
favor of getting a mockup in front of the user. At times,
the system may be deemed acceptable if it meets a
predefined minimum set of requirements rather than all
of the identified requirements. This rapid deployment
also limits the project’s exposure to change elements.
Unfortunately, the fast pace can be its biggest
disadvantage in some cases. Once one is locked into a
tight development schedule, the process may be too
fast for adequate testing to be put in place and
completed. The most dangerous lack of testing is in the
realm of security.

The RAD approach is chosen because it builds
systems quickly through user-driven prototyping and
adherence to quick, strict delivery milestones. This
approach continues to be refined and honed, and other
contemporary manifestations of RAD continue to
emerge in the agile software development realm.

Object-Oriented Systems

Development
The object-oriented systems development model
blends SDLC logic with object-oriented modeling and
programming power (Stair & Reynolds, 2016). Object-
oriented modeling makes an effort to represent real-
world objects by modeling the real-world entities or
things (e.g., clinic, patient, account, nursing or
healthcare professional) into abstract computer
software objects. Once the system is object oriented,
all of the interactions or exchanges take place between
or among the objects. The objects are derived from
classes, and each object is comprised of data and the
actions that can be enacted on that data. Class
hierarchy allows objects to inherit characteristics or
attributes from parent classes, which fosters object
reuse, resulting in less coding. The object-oriented
programming languages, such as C++ and Java,
promote software repurposing and reuse. Therefore,
the class hierarchy must be clearly and appropriately
designed to reap the benefits of this SDLC approach,
which uses object-oriented programming to support the
interactions of objects.

For example, in the case scenario, a system could be
developed for the Wellness Alliance to manage the
community health programming for the clinic system
being set up for outreach. There could be a class of
programs, and well-baby care could be an object in the
class of programs; programs is a relationship between

Wellness Alliance and well-baby care. The program
class has attributes, such as clinic site, location
address, or attendees or patients. The relationship
itself may be considered an object having attributes,
such as pediatric programs. The class hierarchy from
which all of the system objects are created with
resultant object interactions must be clearly defined.

The OOSD model is a highly iterative approach. The
process begins by investigating where object-oriented
solutions can address business problems or needs,
determining user requirements, designing the system,
programming or modifying object modeling (class
hierarchy and objects), implementing, user testing,
modifying, and reimplementing the system, and ends
with the new system being reviewed regularly at
established intervals and modifications being made as
needed throughout its life.

Dynamic System Development
Method
The dynamic system development method is a
highly iterative and incremental approach with a high
level of user input and involvement. The iterative
process requires repetitive examination that enhances
detail and improves accuracy. The DSDM has three
phases: (1) preproject, (2) project life cycle (feasibility
and business tudies, functional model iteration, design

and build iteration, and implementation), and (3)
postproject.

In the preproject phase, buy-in or commitment is
established and funding is secured. This helps to
identify the stakeholders (administration and end
users) and gain support for the project. In the second
phase, the project’s life cycle begins. This phase
includes five steps: (1) feasibility, (2) business studies,
(3) functional model iteration, (4) design and build
iteration, and (5) implementation (Figure 9-3).

Figure 9-3 Dynamic System Development Method
(DSDM)

Copyright 2014 Agile Business Consortium Limited. Reproduced by kind

permission.

In steps 1 and 2, the feasibility and business studies
are completed. The team ascertains if this project
meets the required business needs while identifying
the potential risks during the feasibility study. In step 1,
the deliverables are a feasibility report, project plan,
and a risk log. Once the project is deemed feasible,
step 2, the business study, is begun. The business
study extends the feasibility report by examining the
processes, stakeholders, and their needs. It is
important to align the stakeholders with the project and
secure their buy-in because it is necessary to have
user input and involvement throughout the entire
DSDM process. Therefore, bringing them in at the
beginning of the project is imperative.

Using the MoSCoW approach, the team works with the
stakeholders to develop a prioritized requirements list
and a development plan. MoSCoW stands for “Must
have, Should have, Could have, and Would have.” The
“must have” requirements are needed to meet the
business needs and are critical to the success of the
project. “Should have” requirements are those that
would be great to have if possible, but the success of
the project does not depend on them being addressed.
The “could have” requirements are those that would be
nice to have met, and the “would have” requirements
can be put off until later; these may be undertaken
during future developmental iterations. Timeboxing is
generally used to develop the project plan. In
timeboxing, the project is divided into sections, each

having its own fixed budget and dates or milestones for
deliverables. The MoSCoW approach is then used to
prioritize the requirements within each section; the
requirements are the only variables because the
schedule and budget are set. If a project is running out
of time or money, the team can easily omit the
requirements that have been identified as the lowest
priority to meet their schedule and budget obligations.
This does not mean that the final deliverable, the actual
system, would be flawed or incomplete. Instead,
because the team has already determined the “must
have” or “should have” items, it still meets the business
needs. According to Haughey (2010), the 80/20 rule, or
Pareto principle, can be applied to nearly everything.
The Pareto principle states that 80% of the project
comes from 20% of the system requirements;
therefore, the 20% of requirements must be the crucial
requirements or those with the highest priority. One
also must consider the pancake principle: The first
pancake is not as good as the rest, and one should
know that the first development will not be perfect. This
is why it is extremely important to clearly identify the
“must have” and “should have” requirements.

In the third step of the project life cycle phase, known
as functional model iteration, the deliverables are a
functional model and prototype ready for user testing.
Once the requirements are identified, the next step is
to translate them into a functional model with a
functioning prototype that can be evaluated by users.

This could take several iterations to develop the
desired functionality and incorporate the users’ input.
At this stage, the team should examine the quality of
the product and revise the list requirements and risk
log. The requirements are adjusted, the ones that have
been realized are deleted, and the remaining
requirements are prioritized. The risk log is revised
based on the risk analysis completed during and after
prototype development.

The design and build iteration step focuses on
integrating functional components and identifying the
nonfunctional requirements that need to be in the
tested system. Testing is crucial; the team will develop
a system that the end users can safely use on a daily
basis. The team will garner user feedback and
generate user documentation. These efforts provide
this step’s deliverable, a tested system with
documentation for the next and final phase of the
development process.

In the final step of the project life cycle phase, known
as implementation, deliverables are the system (ready
to use), documentation, and trained users. The
requirements list should be satisfied, along with the
users’ needs. Training users and implementing the
approved system is the first part of this phase, and the
final part consists of a full review. It is important to
review the impact of the system on the business
processes and to determine if it addressed the goals or

requirements established at the beginning of the
project. This final review determines if the project is
completed or if further development is necessary. If
further development is needed, preceding phases are
revisited. If the project is complete and satisfies the
users, then it moves into maintenance and ongoing
development.

The final phase is labeled “postproject.” In this phase,
the team verifies that the system is functioning
properly. Once verified, the maintenance schedule is
begun. Because the DSDM is iterative, this postproject
phase is seen as ongoing development and any of the
deliverables can be refined. This is what makes the
DSDM such an iterative development process.

DSDM is one of an increasing number of agile
methodologies being introduced, such as Scrum and
Extreme Programming. These new approaches
address the organizational, managerial, and
interpersonal communication issues that often bog
down SDLC projects. Empowerment of teams and user
involvement enhance the iterative and programming
strengths provided in these SDLC models.

Computer-Aided Software
Engineering Tools

When reviewing SDLC, the computer-aided software
engineering (CASE) tools that will be used must be
described.

CASE tools promote adherence to the SDLC process
since they automate several required tasks; this
provides standardization and thoroughness to the total
systems development method (Stair & Reynolds,
2016). These tools help to reduce cost and
development time while enriching the quality of the
product. CASE tools contain a repository with
information about the system: models, data definitions,
and references linking models together. They are
valuable in their ability to make sure the models follow
diagramming rules and are consistent and complete.

The various types of tools can be referred to as upper-
CASE tools or lower-CASE tools. The upper-CASE
tools support the analysis and design phases, whereas
the lower-CASE tools support implementation. The
tools can also be general or specific in nature, with the
specific tools being designed for a particular
methodology.

Two examples of CASE tools are Visible Analyst and
Rational Rose. According to Andoh-Baidoo, Kunene,
and Walker (2009), Visible Analyst “supports structured
and object-oriented design (UML),” whereas Rational
Rose “supports solely object-oriented design (UML)”
(p. 372). Both tools can “build and reverse database

schemas for SQL and Oracle” and “support code
generation for pre-.NET versions of Visual Basic” (p.
372). Visible Analyst can also support shell code
generation for pre-.NET versions of C and COBOL,
whereas Rational Rose can support complete code for
C++ and Java. In addition, Andoh-Baidoo et al. found
that Rational Rose “[p]rovides good integration with
Java, and incorporates common packages into class
diagrams and decompositions through classes” (p.
372).

CASE tools have many advantages, including
decreasing development time and producing more
flexible systems. On the down side, they can be difficult
to tailor or customize and use with existing systems.

Open Source Software and
Free/Open Source Software
Another area that must be discussed with SDLC is
open source software (OSS). An examination of job
descriptions or advertisements for candidates shows
that many ISs and IT professionals need a thorough
understanding of SDLC and OSS development tools
(e.g., PHP, MySQL, and HTML). With OSS, any
programmer can implement, modify, apply, reconstruct,
and restructure the rich libraries of source codes
available from proven, well-tested products.

As Karopka, Schmuhl, and Demski (2014) noted,

Free/Libre Open Source Software
(FLOSS) has been successfully adopted
across a wide range of different areas
and has opened new ways of value
creation. Today there are hundreds of
examples of successful FLOSS projects
and products. . . . Especially in times of
financial crisis and austerity the adoption
of FLOSS principles opens interesting
alternatives and options to tremendously
lower total cost of ownership (TCO) and
open the way for a continuous user-
driven improvement process. (para. 6)

To transform health care, it is necessary for clinicians
to use information systems that can share patient data
(Goulde & Brown, 2006; NORC, 2014). This all
sounds terrific and many people wonder why it has not
happened yet, but the challenges are many. How does
one establish the networks necessary to share data
between and among all healthcare facilities easily and
securely? “Healthcare IT is beginning to adopt open
source software to address these challenges” (Goulde
& Brown, p. 4). Early attempts at OSS ventures in the
healthcare realm failed because of a lack of support or
buy-in for sustained effort, technologic lags, authority
and credibility, and other such issues. “Spurred by a

greater sense of urgency to adopt IT, health industry
leaders are showing renewed interest in open source
solutions” (Goulde & Brown, p. 5).

Karopka et al., (2014) concluded that

North America has the longest tradition in
applying FLOSS-HC delivery. It is home
of many mature, stable and widely
disseminated FLOSS applications. Some
of them are even used on a global scale.
The deployment of FLOSS systems in
healthcare delivery is comparatively low
in Europe. (para. 48)

Health care is realizing the benefits of FLOSS.
According to Goulde and Brown (2006), “other benefits
of open source software—low cost, flexibility,
opportunities to innovate—are important but
independence from vendors is the most relevant for
health care” (p. 10).

Interoperability
Interoperability, the ability to share information across
organizations, will remain paramount under the
HITECH Act. The ability to share patient data is
extremely important, both within an organization and
across organizational boundaries (Figure 9-4).

Figure 9-4 Interoperability

According to the Health Information and Management
Systems Society (HIMSS; Murphy, 2015), “an
acceptable 2015 [interoperability standards] Advisory
and more complete 2016 Advisory will not be
achievable without the inclusion of health IT security
standards” (para. 4). Few healthcare systems take
advantage of the full potential of the current state of the
art in computer science and health informatics (HIMSS,
2010). The consequences of this situation include a
drain on financial resources from the economy, the
inability to truly mitigate the occurrence of medical

errors, and a lack of national preparedness to respond
to natural and manmade epidemics and disasters.
HIMSS has created the Integration and Interoperability
Steering Committee to guide the industry on allocating
resources to develop and implement standards and
technology needed to achieve interoperability (para. 2).

As we enter into SDLCs, we must be aware of how this
type of development will affect both our own healthcare
organization and the healthcare delivery system as a
whole. In an ideal world, we would all work together to
create systems that are integrated within our own
organization while having the interoperability to cross
organizational boundaries and unite the healthcare
delivery system to realize the common goal of
improving the quality of care provided to consumers.

Summary
At times during the SDLC, new information affects the
outputs from earlier phases; the development effort
may be reexamined or halted until these modifications
can be reconciled with the current design and scope of
the project. At other times, teams are overwhelmed
with new ideas from the iterative SDLC process that
result in new capabilities or features that exceed the
initial scope of the project. Astute team leaders will
preserve these ideas or initiatives so they can be
considered at a later time. The team should develop a
list of recommendations to improve the current

software when the project is complete. This iterative
and dynamic exchange makes the SDLC robust.

As technology and research continue to advance, new
SDLC models are being pioneered and revised to
enhance development techniques. The interpretation
and implementation of any model selected reflect the
knowledge and skill of the team applying the model.
The success of the project is often directly related to
the quality of the organizational decision making
throughout the project—that is, how well the plan was
followed and documented. United efforts to create
systems that are integrated and interoperable will
define the future of health care.

THOUGHT-PROVOKING QUESTIONS

1. Reflect on the SDLC in relation to the
quality of the organizational decision
making throughout the project. What are
some of the major stumbling blocks faced
by healthcare organizations?

2. Why is it important for all nurses and
healthcare professionals to understand
the basics of how information systems are
selected and implemented?

References

Alexandrou, M. (2016). Rapid application
development (RAD) methodology.
Infolific. Retrieved from
http://www.infolific.com/technology/methodologies/rapid-
application-development

Andoh-Baidoo, F., Kunene, K., & Walker,
R. (2009). An evaluation of CASE tools
as pedagogical aids in software
development courses. 2009 SWDSI
Proceedings. Retrieved from
http://www.swdsi.org/swdsi2009/Papers/9K10.pdf

Goulde, M., & Brown, E. (2006). Open
source software: A primer for health
care leaders. Protocode. Retrieved
from http://www.protecode.com/an-
open-source-world-a-primer-on-
licenses-obligations-and-your-
company

Haughey, D. (2010). Pareto analysis step
by step. Project Smart. Retrieved from
http://www.projectsmart.co.uk/pareto-
analysis-step-by-step.html

Health Information and Management
Systems Society (HIMSS). (2010).
Interoperability & standards. Retrieved
from
http://www.himss.org/library/interoperability-
standards?navItemNumber=13323

Isaias, P. & Issa, T. (2015). High level
models and methodologies for
information systems. New York, NY:
Springer.

Karopka, T., Schmuhl, H., & Demski, H.
(2014). Free/Libre open source
software in health care: A review.
Healthcare Informatics Research,
20(1), 11–22. PMCID: PMC3950260

Murphy, K. (2007). HIMSS has ideas for
2015 interoperability standards
advisory. HealthIT Interoperability.
Retrieved from
http://healthitinteroperability.com/news/himss-
has-ideas-for-2015-interoperability-
standards-advisory

NORC. (2014). Data sharing to enable
clinical transformation at the
community level: IT takes a village.
Retrieved from
http://www.healthit.gov/sites/default/files/beacondatasharingbrief062014.pdf

Purcell, J. (2007). Comparison of software
development lifecycle methodologies.
SANS Institute. Retrieved from
https://software-
security.sans.org/resources/paper/cissp/comparison-
software-development-lifecycle-
methodologies

Stair, R., & Reynolds, G. (2016).
Principles of information systems (12th
ed.). Boston, MA: Cengage Learning.

CHAPTER 10:
Administrative
Information Systems

Marianela Zytkowski, Susan Paschke, Kathleen
Mastrian, and Dee McGonigle

Objectives
1. Explore agency-based health information

systems.
2. Evaluate how administrators use core

business systems in their practice.
3. Assess the function and information

output from selected information systems
used in healthcare organizations.

Key Terms
» Acuity systems

» Admission, discharge, and transfer
systems

» American National Standards Institute
(ANSI)

» Attribute

» Care plan

» Case management information systems

» Clinical documentation systems

» Clinical information systems

» Collaboration

» Columns

» Communication systems

» Computerized physician (provider)
order entry systems

» Core business systems

» Data dictionary

» Data file

» Data mart

» Data mining

» Data warehouse

» Database

» Database management system

» Decision support

» Drill-down

» Electronic health record

» Entity

» Entity–relationship diagram

» Fields

» Financial systems

» Information systems

» Information technology

» International Organization for
Standardization (ISO)

» Interoperability

» Key field

» Knowledge exchange

» Laboratory information systems

» Managed care information systems

» Order entry systems

» Patient care information system

» Patient care support system

» Patient centered

» Pharmacy information systems

» Picture and archiving communication
system

» Primary key

» Query

» Radiology information system

» Records

» Relational database management
system (RDMS)

» Repository

» Rows

» Scheduling systems

» Stakeholders

» Standardized plan of care

» Structured Query Language (SQL)

» Table

» Tiering

» Triage

» Tuples

Introduction
To compete in the ever-changing healthcare arena,
organizations require quick and immediate access to a
variety of types of information, data, and bodies of
knowledge for daily clinical, operational, financial, and
human resource activities. Information is continuously
shared between units and departments within
healthcare organizations and is also required or
requested from other healthcare organizations,
regulatory and government agencies, educational and
philanthropic institutions, and consumers.
Organizations need interoperable systems that are
accessible for data storage and retrieval.

The healthcare context is distinct from other
organizations that use information systems.

Fichman, Kohli, and Krishnan (2011) identify six
important elements of health care that influence the
development and implementation of information
systems:

The stakes are life and death.
Healthcare information is highly personal.
Health care is highly influenced by regulation and
competition.
Health care is professionally driven and
hierarchical.
Health care is multidisciplinary.

Healthcare information system implementation is
complex, with important implications for learning
and adaptation (pp. 420–423).

Healthcare organizations integrate a variety of clinical
and administrative types of information systems
(ISs). These systems collect, process, and distribute
patient-centered data to aid in managing and providing
care. Together, they create a comprehensive record of
the patient’s medical history and support organizational
processes. Each of these systems is unique in the way
it functions and provides information to clinicians and
administrators. An understanding of how each of these
types of systems works within healthcare organizations
is fundamental in the study of informatics. This chapter
will focus on the administrative organizational systems.

Types of Healthcare
Organization Information
Systems

Case Management Information
Systems
Case management information systems identify
resources, patterns, and variances in care to prevent
costly complications related to chronic conditions and
to enhance the overall outcomes for patients with

chronic illness. These systems span past episodes of
treatment and search for trends among the records.
Once a trend is identified, case management systems
provide decision support promoting preventive care.
Care plans are a common tool found in case
management systems. A care plan is a set of care
guidelines that outline the course of treatment and the
recommended interventions that should be
implemented to achieve optimal results. By using a
standardized plan of care, these systems present
clinicians with treatment protocols to maximize patient
outcomes and support best practices. Information
technology in health care is positioned to support the
development of interdisciplinary care plans. In the
health informatics pathway, Standard 5 deals with
documentation: “Health informatics professionals will
understand the content and diverse uses of health
information. They will accurately document and
communicate appropriate information using legal and
regulatory processes” (National Consortium for
Health Science Education, 2012, para. 11).

Case management information systems are especially
beneficial for patient populations with a high cost of
care and complex health needs, such as the elderly or
patients with chronic disease conditions. Avoiding
complications requires identifying the right resources
for care and implementing preventive treatments
across all medical visits. Ultimately, this preventive
care decreases the costs of care for patients with

chronic illnesses and supports a better quality of life.
Such systems increase the value of individual care
while controlling the costs and risks associated with
long-term health care.

Case management systems are increasingly being
integrated with electronic health records (EHRs).
Information collected by these systems is processed in
a way that helps to reduce risks, ensure quality, and
decrease costs. A presentation of results of the 2012
Health Information Technology Survey, conducted by
the Case Management Society of America (CMSA,
2014), revealed several key trends in information
technology, including the increased use of social media
and wireless communications, the use of IT to support
care transitions and prevent readmissions, expanded
use of patient engagement technologies (text
messaging, email, portals, smartphone apps), and
work toward the integration of case management
software into the EHR.

Communication Systems
Communication systems promote interaction among
healthcare providers and between providers and
patients. Such systems have historically been kept
separate from other types of health information
systems and from one another. Healthcare
professionals overwhelmingly recognize the value of
these systems, however, so they are now more

commonly integrated into the design of other types of
systems as a newly developing standard within the
industry. Examples of communication systems include
call light systems, wireless telephones, pagers, email,
and instant messaging, which have traditionally been
forms of communication targeted at clinicians. Other
communication systems target patients and their
families. Some patients are now able to access their
electronic chart from home via an Internet connection.
They can update their own medical record to inform
their physician of changes to their health or personal
practices that impact their physical condition. Inpatients
in hospital settings also receive communication directly
to their room. Patients and their families may, for
example, review individualized messages with
scheduled tests and procedures for the day and
confirm menu choices for their meals. These types of
systems may also communicate educational
messages, such as smoking cessation advice.

As health care begins to introduce more of this
technology into practice, the value of having
communication tools integrated with other types of
systems is being widely recognized. Integrating
communication systems with clinical applications
provides a real-time approach that facilitates
interactions among the entire healthcare team,
patients, and their families to enhance care. These
systems enhance the flow of communication within an
organization and promote an exchange of information

to care better for patients. The next generation of
communication systems will be integrated with other
types of healthcare systems and guaranteed to work
together smoothly. The Research Brief discusses the
economic impact of communication inefficiencies in
U.S. hospitals. As hospitals and physician practices
strive to become more patient centered,
communication technologies will be an integral part of
this goal. Many of us have experienced the anxiety of
waiting for news about a loved one during a surgical
procedure. Newer communication techniques, such as
surgical tracking boards that communicate about the
process, help to ease these anxieties. Gordon and
colleagues (2015) report high patient and family
satisfaction with a HIPAA-compliant surgical instant
messaging system to communicate real-time surgical
progress with patient-designated recipients. They
stated that

[w] hile this study focused on the
discipline of surgery, we can easily
imagine the benefits of this type of
communications application outside of
the surgical model that we have studied.
The results of any laboratory, pathology,
or radiography studies can be
instantaneously shared with concerned
family members all over the globe. In the
critical care setting, doctors can
communicate with a patient’s extended

support group more efficiently and in a
less stress-inducing environment than the
typical crowded consultation room
outside of the intensive care unit. News of
the arrival of a newborn baby boy or girl
can be sent to eager aunts, uncles, and
grandparents back home. The
opportunities for enhancing
communication pertaining to medical
issues are seemingly limitless. (p. 6)

What are some other ways that new communication
technologies could be used to increase patient and
family satisfaction with health care in your practice?

Core Business Systems
Core business systems enhance administrative tasks
within healthcare organizations. Unlike clinical
information systems (CISs), whose aim is to provide
direct patient care, these systems support the
management of health care within an organization.
Core business systems provide the framework for
reimbursement, support of best practices, quality
control, and resource allocation. There are four
common core business systems: (1) admission,
discharge, and transfer (ADT) systems; (2) financial
systems; (3) acuity systems; and (4) scheduling
systems.

Admission, discharge, and transfer systems
provide the backbone structure for the other types of
clinical and business systems (Hassett & Thede,
2003). These systems were among the first to be
automated in health care. Admitting, billing, and bed
management departments most commonly use ADT
systems. These systems hold key information on which
all other systems rely. For example, ADT systems
maintain the patient’s name; medical record number;
visit or account number; and demographic information,
such as age, gender, home address, and contact
information. Such systems are considered the central
source for collecting this type of patient information and
communicating it to other types of healthcare
information systems.

RESEARCH BRIEF

Researchers attempted to quantify the costs of
poor communication, termed “communication
inefficiencies,” in hospitals. This qualitative study
was conducted in seven acute care hospitals of
varying sizes via structured interviews with key
informants at each facility. The interview
questions focused on four broad categories: (1)
communication bottlenecks, (2) negative
outcomes as a result of those bottlenecks, (3)
subjective perceptions of the potential
effectiveness of communication improvements
on the negative outcomes, and (4) ideas for

specific communication improvements. The
researchers independently coded the interview
data and then compared results to extract
themes.

All of the interviewees indicated that
communication was an issue. Inefficiencies
revolved around time spent tracking people
down to communicate with them, with various
estimates provided: 3 hours per nursing shift
wasted tracking people down, 20% of productive
time wasted on communication bottlenecks, and
a reported average of five to six telephone calls
to locate a physician. Several respondents
pointed to costly medical errors that were the
direct result of communication issues.
Communication lapses also resulted in
inefficient use of clinician resources and
increased length of stay for patients.

The researchers developed a conceptual model
of communication quality with four primary
dimensions: (1) efficiency of resource use, (2)
effectiveness of resource use, (3) quality of work
life, and (4) service quality. They concluded that
the total cost of communication inefficiencies in
U.S. hospitals is more than $12 billion annually
and estimated that a 500-bed hospital could lose
as much as $4 million annually because of such
problems. They urge the adoption of information

technologies to redesign workflow processes
and promote better communication.

The full article appears in Agarwal, R., Sands, D., Schneider, J.,

& Smaltz, D. (2010). Quantifying the economic impact of

communication inefficiencies in U.S. hospitals. Journal of

Healthcare Management, 55(4), 265–281.

Financial systems manage the expenses and
revenue for providing health care. The finance,
auditing, and accounting departments within an
organization most commonly use financial systems.
These systems determine the direction for
maintenance and growth for a given facility. They often
interface to share information with materials
management, staffing, and billing systems to balance
the financial impact of these resources within an
organization. Financial systems report fiscal outcomes,
which can then be tracked and related to the
organizational goals of an institution. These systems
are key components in the decision-making process as
healthcare institutions prepare their fiscal budgets.
They often play a pivotal role in determining the
strategic direction for an organization.

Acuity systems monitor the range of patient types
within a healthcare organization using specific
indicators. They track these indicators based on the
current patient population within a facility. By
monitoring the patient acuity, these systems provide

feedback about how intensive the care requirement is
for an individual patient or group of patients. Identifying
and classifying a patient’s acuity can promote better
organizational management of the expenses and
resources necessary to provide care. Acuity systems
help predict the ability and capacity of an organization
to care for its current population. They also forecast
future trends to allow an organization to successfully
strategize on how to meet upcoming market demands.

Scheduling systems coordinate staff, services,
equipment, and allocation of patient beds. They are
frequently integrated with the other types of core
business systems. By closely monitoring staff and
physical resources, these systems provide data to the
financial systems. For example, resource-scheduling
systems may provide information about operating room
use or availability of intensive care unit beds and
regular nursing unit beds. These systems also provide
great assistance to financial systems when they are
used to track medical equipment within a facility.
Procedures and care are planned when the tools and
resources are available. Scheduling systems help to
track resources within a facility while managing the
frequency and distribution of those resources.

Order Entry Systems
Order entry systems are one of the most important
systems in use today. They automate the way that

orders have traditionally been initiated for patients—
that is, clinicians place orders using these systems
instead of creating traditional handwritten transcriptions
onto paper. Order entry systems provide major
safeguards by ensuring that physician orders are
legible and complete, thereby providing a level of
patient safety that was historically missing with paper-
based orders. Computerized physician (provider)
order entry systems provide decision support and
automated alert functionality that was unavailable with
paper-based orders.

The seminal report by the Institute of Medicine
estimated that medical errors cost the United States
approximately $37.6 billion each year; nearly $17
billion of those costs are associated with preventable
errors (Kohn, Corrigan, Donaldson, & Institute of
Medicine, 2000). Consequently, the federal Agency for
Healthcare Research and Quality Patient Safety
Network (2015) continued to recommend eliminating
reliance on handwriting for ordering medications.
Because of the global concern for patient safety as a
result of incorrect and misinterpreted orders,
healthcare organizations are incorporating order entry
systems into their operations as a standard tool for
practice. Such systems allow for clear and legible
orders, thereby both promoting patient safety and
streamlining care. Although much of the health
information technology literature suggests that
physicians are resistant to adopting health information

technology, a recent study by Elder, Wiltshire, Rooks,
BeLue, and Gary (2010) found that physicians who use
information technology were more satisfied overall
with their careers. The Informatics Tools to Promote
Patient Safety and Quality Outcomes chapter provides
more information about the use of computerized
physician order entry systems in clinical care.

Patient Care Support Systems
Most specialty disciplines within health care have an
associated patient care information system. These
patient-centered systems focus on collecting data and
disseminating information related to direct care.
Several of these systems have become mainstream
types of systems used in health care. The four systems
most commonly encountered in health care include (1)
clinical documentation systems, (2) pharmacy
information systems, (3) laboratory information
systems, and (4) radiology information systems.

Clinical documentation systems, also known as
“clinical information systems,” are the most commonly
used type of patient care support system within
healthcare organizations. CISs are designed to collect
patient data in real time. They enhance care by putting
data at the clinician’s fingertips and enabling decision
making where it needs to occur—that is, at the
bedside. For that reason, these systems often are
easily accessible at the point of care for caregivers

interacting with the patient. CISs are patient centered,
meaning they contain the observations, interventions,
and outcomes noted by the care team. Team members
enter information, such as the plan of care,
hemodynamic data, laboratory results, clinical notes,
allergies, and medications. All members of the
treatment team use clinical documentation systems; for
example, pharmacists, allied health workers, nurses,
physicians, support staff, and many others access the
clinical record for the patient using these systems.
Frequently these types of systems are also referred to
as the electronic patient record or electronic health
record. The Electronic Health Record and Clinical
Informatics chapter provides a comprehensive
overview of CISs and the electronic health record.

Pharmacy information systems also have become
mainstream patient care support systems. They
typically allow pharmacists to order, manage, and
dispense medications for a facility. They also
commonly incorporate information regarding allergies
and height and weight to ensure effective medication
management. Pharmacy information systems
streamline the order entry, dispensing, verification, and
authorization process for medication administration.
They often interface with clinical documentation and
order entry systems so that clinicians can order and
document the administration of medications and
prescriptions to patients while having the benefits of
decision support alerting and interaction checking.

Laboratory information systems were perhaps some
of the first clinical information systems ever used in
health care. Because of their long history of use within
medicine, laboratory systems have been models for the
design and implementation of other types of patient
care support systems. Laboratory information systems
report on blood, body fluid, and tissue samples, along
with biological specimens collected at the bedside and
received in a central laboratory. They provide clinicians
with reference ranges for tests indicating high, low, or
normal values to make care decisions. Often, the
laboratory system provides result information in the
EHR and directs clinicians toward the next course of
action within a treatment regimen.

The final type of patient care support system commonly
found within health care is the radiology information
system (RIS) found in radiology departments. These
systems schedule, result, and store information related
to diagnostic radiology procedures. One feature found
in most radiology systems is a picture archiving and
communication system (PACS). The PACS may be a
stand-alone system, kept separate from the main
radiology system, or it can be integrated with the RIS
and CIS. These systems collect, store, and distribute
medical images, such as computed tomography scans,
magnetic resonance images, and X-rays. PACS
replace traditional hard-copy films with digital media
that are easy to store, retrieve, and present to

clinicians. The benefit of RIS and PACS is their ability
to assist in diagnosing and storing vital patient care
support data. Imaging studies can be available in
minutes as opposed to 2–6 hours for images in a film-
based system. The digital workstations provide
enhanced imaging capabilities and on-screen
measurement tools to improve diagnostic accuracy.
Finally, the archive system stores images in a database
that is readily accessible, so that images can be easily
retrieved and compared to subsequent testing or
shared instantly with consultants.

The mobility of patients both geographically and within
a single healthcare delivery system challenges
information systems because data must be captured
wherever and whenever the patient receives care. In
the past, managed care information systems were
implemented to address these issues. Consequently,
data can be obtained at any and all of the areas where
a patient interacts with the healthcare system. Patient-
tracking mechanisms continue to be honed, but the
financial impact of health care also has changed these
systems to some extent. The information systems
currently in use enable nurses and physicians to make
clinical decisions while being mindful of their financial
ramifications. In the future, vast improvements in
information systems and systems that support health
information exchange are likely to continue to emerge.

One such trend is the incentive to develop accountable

care organizations encouraged by the Patient
Protection and Affordable Care Act of 2010. According
to the Centers for Medicare and Medicaid Services
(2015), “Accountable Care Organizations (ACOs) are
groups of doctors, hospitals, and other health care
providers, who come together voluntarily to give
coordinated high quality care to their Medicare
patients. The goal of coordinated care is to ensure that
patients, especially the chronically ill, get the right care
at the right time, while avoiding unnecessary
duplication of services and preventing medical errors”
(para. 1–2). Members of an ACO share data and
information to better coordinate care and they also
share in any health care cost savings generated when
the coordination of care reduces unnecessary and
duplicated costs.

Interoperability
A key component to coordinated care is the
interoperability of healthcare information systems. In
2015, the Office of the National Coordinator for Health
IT (ONC) released an interoperability roadmap to
promote ease of access and use of electronic
healthcare data. Interoperability is defined as “the
ability of a system to exchange electronic health
information with and use electronic health information
from other systems without special effort on the part of
the user” (Healthcare Information and Management
Systems Society [HIMSS], 2015, para. 2). The final

goal of the national roadmap emphasis on
interoperability is driven by the need to “achieve
nationwide interoperability to enable a learning health
system, with the person at the center of a system that
can continuously improve care, public health, and
science through real-time data access” (ONC, 2015, p.
vii). As we develop more sophisticated electronic
systems, we are realizing the huge potential benefits of
exchanging secure and precise healthcare data.
However, in the current landscape, several things need
to happen to realize this goal. Chief among them is a
worldwide commitment to interoperability. HIMSS
(2013) identified three types of health information
technology interoperability—foundational, structural,
and semantic—each with increasing complexity.
Foundational interoperability is basic data reception
from one system to another without interpretation.
Structural interoperability is more complex and
depends on consistency of clinical terminology and
meaning of the data. Semantic interoperability depends
on data that is consistent and codified allowing for
information system interpretation and analysis of the
data. Semantic interoperability is considered the
highest and most complex form of interoperability.
Semantic interoperability is necessary for seamless
health information exchange.

Suppose you have a joint replacement patient who is
being discharged from the acute care facility to a
rehabilitation center. You create a discharge summary

for the patient in a PDF format and send it via a secure
electronic exchange to the new facility. The staff at the
rehabilitation center is able to read and understand the
report and a staff assistant can scan a copy of the
discharge summary into the electronic record for the
rehabilitation facility. This is an example of functional
interoperability. If each facility uses Health Level Seven
standards for data exchange and collects certain
minimum data, then it might be possible for certain
data fields from one facility to populate automatically
into an appropriate data field in the new facility. This is
an example of structural interoperability. To achieve
true semantic interoperability, systems must use the
same standardized terminologies or disparate
terminologies must be mapped, and the two systems
must be able to “talk” to each other to exchange data
seamlessly and to populate the data into to the
appropriate fields in the new system. True semantic
interoperability enables machine-to-machine data
exchange.

Consistently representing electronic
health information across different
stakeholders and systems is the bedrock
of successful interoperability. In a
learning health system, while user
interfaces can and should be different
depending on the user, the format in
which electronic health information is
shared between health IT systems must

be consistent and machine readable, so
that the meaning and integrity of
information is retained as a variety of
users interact with it. (ONC, 2015, p. 28)

For more detailed information on interoperability,
download and read the ONC’s Interoperability
Roadmap:
https://www.healthit.gov/sites/default/files/hie-
interoperability/nationwide-interoperability-
roadmap-final-version-1.0.pdf

Aggregating Patient and
Organizational Data
Many healthcare organizations now aggregate data in
a data warehouse (DW) for the purpose of mining the
data to discover new relationships and to build
organizational knowledge. Rojas (2015) stated that

Hospitals and medical centers have more
to gain from big data analytics than
perhaps any other industry. But as data
sets continue to grow, healthcare facilities
are discovering that success in data
analytics has more to do with storage
methods than with analysis software or
techniques. Traditional data silos are
hindering the progress of big data in the

healthcare industry, and as terabytes turn
into petabytes, the most successful
hospitals are the ones that are coming up
with new solutions for storage and access
challenges. (para. 1)

When disparate information systems within an
organization are unable to interface with any other
information systems (either within or outside of the
organization), the result is poor communication, billing
errors, and issues with continuity of care. By
developing a single comprehensive database,
healthcare systems are able to facilitate
interprofessional communications, yet maintain
compliance with privacy regulations. Figure 10-1
depicts moving from siloed to integrated data.

Figure 10-1 Moving from Data Silos to Integrated Data

Data from Smart Data Collective. (2015). 2 critical obstacles facing

retailers for data driven marketing. Retrieved from

http://www.smartdatacollective.com/lbedgood/349875/two-critical-

obstacles-facing-retailers-data-driven-marketing

Based on the size of the organization, data triage and
tiering might be necessary. These decision-making
processes related to data storage are based on
predictions related to how quickly data might need to
be accessed.

Consider the case of Intermountain, a chain of 22
hospitals in Salt Lake City. With 4.7 petabytes of data
under its management, cloud storage becomes cost
prohibitive. The network estimates the size of the
hospital chain’s data will grow by 25–30% each year
until it reaches 15 petabytes in 5 years. With such
massive data needs, Intermountain found ways to cut
costs and streamline efficiency. One way was through
data tiering, which is the creation of data storage tiers
that can be accessed at the appropriate speeds.
Tiering is currently done manually through triaging, but
several different organizations are exploring
autotiering, which automatically stores data according
to availability needs (Rojas, 2015, para. 9–10).

The most basic element of a database system is the
data. Data refers to raw facts that can consist of
unorganized text, graphics, sound, or video.
Information is data that have been processed—it has
meaning; information is organized in a way that people
find meaningful and useful. Even useful information
can be lost if one is mired in unorganized information.
Computers can come to the rescue by helping to
create order out of chaos. Computer science and

information science are designed to help cut down the
amount of information to a more manageable size and
organize it so that users can cope with it more
efficiently through the use of databases and database
programs technology. Learning about basic databases
and database management programs is paramount so
that users can apply data and information management
principles in health care.

A database is a structured or organized collection of
data that is typically the main component of an
information system. Databases and database
management software allow the user to input, sort,
arrange, structure, organize, and store data and turn
those data into useful information. An individual can set
up a personal database to organize recipes, music,
names and addresses, notes, bills, and other data. In
health care, databases and information systems make
key information available to healthcare providers and
ancillary personnel to promote the provision of quality
patient care. Box 10-1 provides a detailed description
of a database.

BOX 10-1 OVERVIEW OF DATABASE

CONSTRUCTION

Databases consist of fields (columns) and
records (rows). Within each record, one of the
fields is identified as the primary key or key

field. This primary key contains a code, name,
number, or other information that acts as a
unique identifier for that record. In the
healthcare system, for example, a patient is
assigned a patient number or ID that is unique
for that patient. As you compile related records,
you create data files or tables. A data file is a
collection of related records. Therefore,
databases consist of one or more related data
files or tables.

An entity represents a table, and each field
within the table becomes an attribute of that
entity. The database developer must critically
think about the attributes for each specific entity.
For example, the entity “disease” might have the
attributes of “chronic disease,” “acute disease,”
or “communicable disease.” The name of the
entity, “disease,” implies that the entity is about
diseases. The fields or attributes are “chronic,”
“acute,” or “communicable.”

The entity–relationship diagram specifies the
relationship among the entities in the database.
Sometimes the implied relationships are readily
apparent based on the entities’ definitions;
however, all relationships should be specified as
to how they relate to one another. Typically,
three relationships are possible: (1) one to one,
(2) one to many, and (3) many to many. A one-
to-one relationship exists between the entities of

the table about a patient and the table about the
patient’s birth. A one-to-many relationship could
exist when one entity is repeatedly used by
another entity. Such a one-to-many relationship
could then be a table query for age that could be
used numerous times for one patient entity. The
many-to-many relationship reflects entities that
are all used repeatedly by other entities. This is
easily explained by the entities of patient and
nurse. The patient could have several nurses
caring for him or her, and the nurse could have
many patients assigned to him or her (see
Figure 10-2).

Figure 10-2 Example of an Entity Relationship
Diagram (ERD)

The relational model is a database model that
describes data in which all data elements are
placed in relation in two-dimensional tables; the
relations or tables are analogous to files. A
relational database management system
(RDMS) is a system that manages data using
this kind of relational model. A relational
database could link a patient’s table to a
treatment table (e.g., by a common field, such
as the patient ID number). To keep track of the
tables that constitute a database, the database
management system uses software called a
data dictionary. The data dictionary contains a
listing of the tables and their details, including
field names, validation settings, and data types.
The data type refers to the type of information,
such as a name, a date, or a time.

The database management system is an
important program because before it was
available, many health systems and businesses
had dozens of database files with incompatible
formats. Because patient data come from a
variety of sources, these separated, isolated
data files required duplicate entry of the same
information, thereby increasing the risk of data
entry error. The design of the relational
databases eliminates data duplication. Some
examples of popular database management
system software include Microsoft’s Access or

Visual FoxPro, Corel’s Paradox, Oracle’s Oracle
Database 10g, and IBM’s DB2.

On a large scale, a data warehouse is an extremely
large database or repository that stores all of an
organization’s or institution’s data and makes these
data available for data mining. The DW can combine
an institution’s many different databases to provide
management personnel with flexible access to the
data. On the smaller scale, a data mart represents a
large database where the data used by one of the units
or a division of a healthcare system are stored and
maintained. For example, a university hospital system
might store clinical information from its many affiliate
hospitals in a DW, and each separate hospital might
have a data mart housing its data.

There are many ways to access and retrieve
information in databases. Searching information in
databases can be done through the use of a query, as
is used in Microsoft’s Access database. A query asks
questions of the database to retrieve specific data and
information. Box 10-2 provides a detailed description
of the Structured Query Language (SQL).

BOX 10-2 SQL

SQL was originally called SEQUEL, or
Structured English Query Language. SQL, still

pronounced “sequel,” now stands for Structured
Query Language; it is a database querying
language, rather than a programming language.
It is a standard language for accessing and
manipulating databases. SQL is “used with
relational databases; it allows users to define
the structure and organization of stored data,
verify and maintain data integrity, control access
to the data, and define relationships among the
stored data items” (University of California at
San Diego, 2010, para. 8). In this way, it
simplifies the process of retrieving information
from a database in a functional or usable form
while facilitating the reorganization of data within
the databases.

The relational database management system is
the foundation or basis for SQL. An RDMS
stores data in “database objects called tables”
(W3Schools.com, 2010, para. 6). A table is a
collection of related data that consists of
columns and rows; as noted earlier, columns are
also referred to as fields, and rows are also
referred to as records or tuples. Databases can
have many tables, and each table is identified
by a name (see the Database Example: School
of Nursing Faculty).

SQL statements handle most of the actions
users need to perform on a database. SQL is an
International Organization for

Standardization (ISO) standard and American
National Standards Institute (ANSI) standard,
but many different versions of the SQL language
exist (Indiana University, 2010). To remain
compliant with the ISO and ANSI standards,
SQL must handle or support the major
commands of SELECT, UPDATE, DELETE,
INSERT, and WHERE in a similar manner
(W3Schools.com, 2010). The SELECT
command allows you to extract data from a
database. UPDATE updates the data, DELETE
deletes the data, and INSERT inserts new data.
WHERE is used to specify selection criteria,
thereby restricting the results of the SQL query.
Thus SQL allows you to create databases and
manipulate them by storing, retrieving, updating,
and deleting data.

Database Example: School of Nursing Faculty

Table Named “Faculty”

Last First Department Office
Phone

Office

P_ID Name Name Affiliation Number Location User
ID

1 Eggleers Renee Informatics 444-

111-

1104

104A Eggleersr100

2 Feistyz Judi Gerontology 444-

111-

2202

202b Feistyzj562

3 Martinez Bethann Neurology 444-

111-

3336

336C Martinezb789

4 Smythe Ralph Informatica 444-

111-

1110

110A Smyther355

The database example provided here reflects
the faculty listing for a school of nursing. The
table that contains the data is identified by the
name “Faculty.” The faculty members are each
categorized by the following fields (columns):
Last Name, First Name, Department Affiliation,
Office Phone Number, Office Location, and
UserID. Each individual faculty member’s
information is a record (tuple or row).

Using the SQL command SELECT, all of the
records in the “Faculty” table can be selected:

SELECT*FROM Faculty

This command would SELECT all (*) of the
records FROM the table known as FACULTY.
The asterisk (*) is used to select all of the
columns.

Data mining software sorts thorough data to discover
patterns and ascertain or establish relationships. This
software discovers or uncovers previously unidentified
relationships among the data in a database by
conducting an exploratory analysis looking for hidden
patterns in data. Using such software, the user
searches for previously undiscovered or undiagnosed
patterns by analyzing the data stored in a DW. Drill-
down is a term that means the user can view DW
information by drilling down to lower levels of the
database to focus on information that is pertinent to his
or her needs at the moment.

As users move through databases within the
healthcare system, they can access anything from
enterprise-wide DWs to data marts. For example, an
infection-control nurse might notice a pattern of
methicillin-resistant Staphylococcus aureus infections
in the local data mart (a single hospital within a larger
system). The nurse might want to find out if the
outbreak is local (data mart) or more widespread in the
system (DW). The nurse might also query the database
to determine if certain patient attributes (e.g., age or
medical diagnosis) are associated with the incidence of
infection.

These kinds of data mining capabilities are also quite
useful for healthcare practitioners who wish to conduct
clinical research studies. For example, one might query
a database to tease out attributes (patient

characteristics) associated with asthma-related
hospitalizations. For a more detailed description and
review of data mining, refer to the Data Mining as a
Research Tool chapter.

According to Mishra, Sharma, and Pandey (2013),
there is a new set of challenges and opportunities for
managing data, data mining, and establishing
algorithms in the cloud. Data mining in the cloud is
emerging and evolving. This frontier is becoming a
potent way to take advantage of the power of cloud
computing and combine it with SQL. The world as we
know it is changing: “Clouds” are leading us to develop
revolutionary data mining technologies. There are five
typical clinical applications for databases: (1) hospitals,
(2) clinical research, (3) clinical trials, (4) ambulatory
care, and (5) public health. Some healthcare systems
are connecting their hospitals together by choosing a
single CIS to capture data on a system-wide basis. In
such healthcare organizations, multiple application
programs share a pool of related data. Think about
how potent such databases might potentially be in
managing organizations and providing insights into
new relationships that may ultimately transform the
way work is done.

Department Collaboration and
Exchange of Knowledge and
Information

The implementation of systems within health care is
the responsibility of many people and departments. All
systems require a partnership of collaboration and
knowledge sharing to implement and maintain
successful standards of care. Collaboration is the
sharing of ideas and experiences for the purposes of
mutual understanding and learning. Knowledge
exchange is the product of collaboration when sharing
an understanding of information promotes learning
from past experiences to make better future decisions.

Depending on the type of project, collaboration may
occur at many different levels within an organization. At
an administrative level, collaboration among key
stakeholders is critical to the success of any project.
Stakeholders have the most responsibility for
completing the project. They have the greatest
influence in the overall design of the system, and
ultimately they are the people who are most impacted
by a system implementation. Together with the
organizational executive team, stakeholders
collaborate on the overall budget and time frame for a
system implementation.

Collaboration may also occur among the various
departments impacted by the system. These groups
frequently include representatives from information
technology, clinical specialty areas, support services,
and software vendors. Once a team is assembled, it
defines the objectives and goals of the system. The

team members work strategically to align their goals
with the goals of the organization where the system is
to be used. The focus for these groups is on planning,
resource management, transitioning, and ongoing
support of the system. Their collaboration determines
the way in which the project is managed, the
deliverables for the project, the individuals held
accountable for the project, the time frame for the
project, opportunities for process improvement using
the system, and the means by which resources are
allocated to support the system.

From collaboration comes the exchange of information
and ideas through knowledge sharing. Specialists
exchange knowledge within their respective areas of
expertise to ensure that the system works for an entire
organization. From one another, they learn
requirements that make the system successful. This
exchange of ideas is what makes healthcare
information systems so valuable. A multidisciplinary
approach ensures that systems work in the complex
environment of healthcare organizations that have
diverse and complex patient populations.

Summary
The integration of technology within healthcare
organizations offers limitless possibilities. As new types
of systems emerge, clinicians will become smarter and
more adept at incorporating these tools into their daily

practice. Success will be achieved when health care
incorporates technology systems in a way that they are
not viewed as separate tools to support healthcare
practices, but rather as necessary instruments to
provide health care. Patients, too, will become savvier
at using healthcare information systems as a means of
communication and managing their personal and
preventive care. In the future, these two mindsets will
become expectations for health care and not simply a
high-tech benefit, as they are often viewed today.

Ultimately, it is not the type of systems adopted that is
important, but rather the method in which they are put
into practice. In an ideal world, robust and transparent
information technologies will support clinical and
administrative functions and promote safe, quality, and
cost-effective care.

THOUGHT-PROVOKING QUESTIONS

1. Which type of technology exists today
that could be converted into new types of
information systems to be used in health
care?

2. How could collaboration and knowledge
sharing at a single organization be used
to help individuals preparing for
information technology at a different
facility?

3. Explore the administrative information
systems and their applications in your
healthcare organization.
a. What are the main systems used?
b. How is data shared among systems?
c. What examples of functional,

structural, and semantic
interoperability can you identify?

References
Agency for Healthcare Research and

Quality (AHRQ) Patient Safety
Network. (2015). Patient safety
primers: Medication errors. Retrieved
from
http://psnet.ahrq.gov/primer.aspx?
primerID=23

Case Management Society of America
(CMSA). (2014, September 12). Health
IT survey. Retrieved from
http://www.cmsa.org/Individual/NewsEvents/2010HealthITSurvey/tabid/539/Default.aspx

Centers for Medicare and Medicaid
Services (CMS). (2015). Accountable
care organizations. Retrieved from

https://www.cms.gov/Medicare/Medicare-
Fee-for-Service-
Payment/ACO/index.html

Elder, K., Wiltshire, J., Rooks, R., BeLue,
R., & Gary, L. (2010, Summer). Health
information technology and physician
career satisfaction. Perspectives in
Health Information Management, 1–18.
Retrieved from ProQuest Nursing &
Allied Health Source (Document ID:
2118694921).

Fichman, R. G., Kohli, R., & Krishnan, R.
(2011). Editorial overview: The role of
information systems in healthcare;
current research and future trends.
Information Systems Research, 22(3),
419–428. doi:10.1287/isre.1110.0382

Gordon, C. R., Rezzadeh, K. S., Li, A.,
Vardanian, A., Zelken, J., Shores, J. T.,
. . . Jarrahy, R. (2015). Digital mobile
technology facilitates HIPAA-sensitive
perioperative messaging, improves
physician-patient communication, and
streamlines patient care. Patient

Safety In Surgery, 9(1), 1–7.
doi:10.1186/s13037-015-0070-9

Hassett, M., & Thede, L. (2003).
Information in practice: Clinical
information systems. In B.
Cunningham (Ed.), Informatics and
nursing opportunities and challenges
(2nd ed., rev., pp. 222–239).
Philadelphia, PA: Lippincott Williams &
Wilkins.

Healthcare Information and Management
Systems Society (HIMSS). (2013).
Definition of interoperability. Retrieved
from
http://www.himss.org/library/interoperability-
standards/what-is-interoperability

Healthcare Information and Management
Systems Society (HIMSS). (2015).
ONC releases final interoperability
roadmap. Retrieved from
http://www.himss.org/news/onc-
releases-final-interoperability-
roadmap?ItemNumber=44779

Indiana University. (2010). University
information technology services
knowledge base: What is SQL?
Retrieved from
http://kb.iu.edu/data/ahux.html

Kohn, L. T., Corrigan, J., Donaldson, M.
S., & Institute of Medicine (U.S.).
Committee on Quality of Health Care
in America. (2000). To err is human:
Building a safer health system.
Washington, DC: National Academy
Press.

Mishra, N., Sharma, S. & Pandey, A.
(2013). High performance cloud data
mining algorithm and data mining in
clouds. IOSR Journal of Computer
Engineering, 8(4), 54–61. Retrieved
from
http://www.iosrjournals.org/iosr-
jce/papers/Vol8-Issue4/I0845461.pdf

National Consortium for Health Science
Education. (2012). Health informatics
pathway standards and accountability
criteria. Retrieved from

http://www.healthscienceconsortium.org/wp-
content/uploads/2015/07/Health-
Informatics-Standards.pdf

Office of the National Coordinator for
Health Information Technology (ONC).
(2015). Connecting health and care for
the nation: A shared nationwide
interoperability roadmap. Final version
1.0. Retrieved from
https://www.healthit.gov/sites/default/files/hie-
interoperability/nationwide-
interoperability-roadmap-final-
version-1.0.pdf

Rojas, N. (2015). Healthcare industry
finds new solutions to big data storage
challenges. Data Science Central.
Retrieved from
http://www.datasciencecentral.com/profiles/blogs/healthcare-
industry-finds-new-solutions-to-big-
data-storage

University of California at San Diego.
(2010). Data warehouse terms.
Retrieved from

http://blink.ucsd.edu/technology/help-
desk/queries/warehouse/terms.html#s

W3Schools.com. (2010). Introduction to
SQL. Retrieved from
http://www.w3schools.com/SQL/sql_intro.asp

CHAPTER 11: The
Human–Technology
Interface

Dee McGonigle, Kathleen Mastrian, and Judith A.
Effken

Objectives
1. Describe the human–technology

interface.
2. Explore human–technology interface

problems.
3. Reflect on the future of the human–

technology interface.

Key Terms
» Cognitive task analysis

» Cognitive walkthrough

» Cognitive work analysis

» Earcons

» Ergonomics

» Field study

» Gulf of evaluation

» Gulf of execution

» Heuristic evaluation

» Human–computer interaction

» Human factors

» Human–technology interaction

» Human–technology interface

» Mapping

» Situational awareness

» Task analysis

» Usability

» Workarounds

Introduction
One of this chapter’s authors stayed in a new hotel on
the outskirts of London. When she entered her room,

she encountered three wall-mounted light switches in a
row, but with no indication of which lights they
operated. In fact, the mapping of switches to lights was
so peculiar that she was more often than not surprised
by the light that came on when she pressed a particular
switch. One might conclude that the author had a
serious problem, but she prefers to attribute her
difficulty to poor design.

When these kinds of technology design issues surface
in health care, they are more than just an annoyance.
Poorly designed technology can lead to errors, lower
productivity, or even the removal of the system
(Alexander & Staggers, 2009). Unfortunately, as more
and more kinds of increasingly complex health
information technology applications are integrated, the
problem becomes even worse (Johnson, 2006).
However, nurses are very creative and, if at all
possible, will design workarounds that allow them to
circumvent troublesome technology. However,
workarounds are only a Band-Aid; they are not a long-
term solution.

In his classic book The Psychology of Everyday
Things, Norman (1988) argued that life would be a lot
simpler if people who built the things that others
encounter (such as light switches) paid more attention
to how they would be used. At least one everyday thing
meets Norman’s criteria for good design: the scythe.
Even people who have never encountered one will pick

up a scythe in the manner needed to use it because
the design makes only one way feasible. The scythe’s
design fits perfectly with its intended use and a human
user. Would it not be great if all technology were so
well fit to human use? In fact, this is not such a far-
fetched idea. Scientists and engineers are making
excellent strides in understanding human–technology
interface problems and proposing solutions to them.

As you read through this chapter, reflect on the
everyday items you use. What makes them easy or
difficult to use? Is it evident that the developer thought
about how they would be used to facilitate their design
and function? Next, turn your attention to the
technologies you use. Is it evident that the developer
thought about how the technology would be used to
facilitate its design and function? Think about your
smartphone. How easy is it to hold your smartphone?
Is it intuitive and easy to access and use? What
improvements would you make? Does the electronic
health record (EHR) system you use support your
workflow and patient needs? Do you use workarounds
to avoid items that you feel should not be there or are
not needed at the time of entry? Do you think that the
developer understood you, as the user, or did not
realize how their technology tool would be used? By
the end of this chapter, you should be able to critically
examine the human–technology interfaces currently
available in health care and describe models,
strategies, and exemplars for improving interfaces

during the analysis, design, and evaluation phases of
the development life cycle.

The Human–Technology
Interface
What is the human–technology interface? Broadly
speaking, anytime a human uses technology, some
type of hardware or software enables and supports the
interaction. It is this hardware and software that defines
the interface. The array of light switches described
previously was actually an interface (although not a
great one) between the lighting technology in the room
and the human user.

In today’s healthcare settings, one encounters a wide
variety of human–technology interfaces. Those who
work in hospitals may use bar-coded identification
cards to log their arrival time into a human resources
management system. Using the same cards, they
might log into their patients’ EHR, access their patient’s
drugs from a drug administration system, and even
administer the drugs using bar-coding technology.
Other examples of human–technology interfaces one
might encounter include a defibrillator, a patient-
controlled analgesia (PCA) pump, any number of
physiologic monitoring systems, electronic
thermometers, and telephones and pagers. According
to Rice and Tahir (2014),

[R]ecent studies have found that rapid
implementation of new medical
technology—electronic health records,
patient monitoring devices, surgical
robots and other tools—can lead to
adverse patient events when it is not
thoughtfully integrated into workflow. The
right processes require understanding the
devices and the users. Testing in
controlled environments often does not
adequately consider the “human factor,”
or how people interact with technology in
high-pressure, real-life situations. (p. 12)

The human interfaces for each of these technologies
are different and can even differ among different
brands or versions of the same device. For example, to
enter data into an EHR, one might use a keyboard, a
light pen, a touch screen, or voice. Healthcare
technologies may present information via computer
screen, printer, or smartphone. Patient data might be
displayed in the form of text, images (e.g., the results
of a brain scan), or even sound (an echocardiogram);
in addition, the information may be arrayed or
presented differently, based on roles and preferences.
Some human–technology interfaces mimic face-to-face
human encounters. For example, faculty members are
increasingly using videoconferencing technology to
communicate with their students. Similarly, telehealth

allows nurses to use telecommunication and
videoconferencing software to communicate more
effectively and more frequently with patients at home
by using the technology to monitor patients’ vital signs,
supervise their wound care, or demonstrate a
procedure. According to Gephart and Effken (2013),
“The National eHealth Collaborative Technical Expert
Panel recommends fully integrating patient-generated
data (e.g., home monitoring of daily weights, blood
glucose, or blood pressure readings) into the clinical
workflow of healthcare providers” (para. 3). Telehealth
technology has fostered other virtual interfaces, such
as system-wide intensive care units in which
intensivists and specially trained nurses monitor
critically ill patients in intensive care units, some of
whom may be in rural locations. Sometimes telehealth
interfaces allow patients to interact with a virtual
clinician (actually a computer program) that asks
questions, provides social support, and tailors
education to identify patient needs based on the
answers to screening questions. These human–
technology interfaces have been remarkably
successful; sometimes patients even prefer them to
live clinicians.

Human–technology interfaces may present information
using text, numbers, images, icons, or sound. Auditory,
visual, or even tactile alarms may alert users to
important information. Users may interact with (or

control) the technology via keyboards, digital pens,
voice activation, or even touch.

A small, but growing, number of clinical and
educational interfaces rely heavily on tactile input. For
example, many students learn to access an
intravenous site using virtual technology. Other, more
sophisticated virtual reality applications help physicians
learn to do endoscopies or practice complex surgical
procedures in a safe environment. Still others allow
drug researchers to design new medications by
combining virtual molecules (here, the tactile response
is quite different for molecules that can be joined from
those that cannot). In each of these training
environments, accurately depicting tactile sensations is
critical. For example, feeling the kind and amount of
pressure required to penetrate the desired tissues, but
not others, is essential to a realistic and effective
learning experience.

© Thomas Andreas/Shutterstock

The growing use of large databases for research has
led to the design of novel human–technology interfaces
that help researchers visualize and understand
patterns in the data that generate new knowledge or
lead to new questions. Many of these interfaces now
incorporate multidimensional visualizations, in addition
to scatter plots, histograms, or cluster representations
(Vincent, Hastings-Tolsma, & Effken, 2010). Some
designers, such as Quinn (the founder of the Design
Rhythmics Sonification Research Laboratory at the
University of New Hampshire) and Meeker (2000), use
variations in sound to help researchers hear the
patterns in large datasets. In Quinn and Meeker’s
(2000) “climate symphony,” different musical
instruments, tones, pitches, and phrases are mapped

onto variables, such as the amounts and relative
concentrations of minerals, to help researchers detect
patterns in ice core data covering more than 110,000
years. Climate patterns take centuries to emerge and
can be difficult to detect. The music allows the entire
110,000 years to be condensed into just a few minutes,
making detection of patterns and changes much easier.

The human–technology interface is ubiquitous in health
care and takes many forms. A look at the quality of
these interfaces follows. Be warned: It is not always a
pretty picture.

© Innocenti/Cultura/Getty

© Carlos Amarillo/Shutterstock

The Human–Technology
Interface Problem
In The Human Factor, Vicente (2004) cited the many
safety problems in health care identified by the Institute
of Medicine’s (1999) report and noted how the
technology (defined broadly) used often does not fit
well with human characteristics. As a case in point,
Vicente described his own studies of nurses’ PCA
pump errors. Nurses made the errors, in large part,
because of the complexity of the user interface, which
required as many as 27 steps to program the device.
Vicente and his colleagues developed a PCA in which
programming required no more than 12 steps. Nurses
who used it in laboratory experiments made fewer

errors, programmed drug delivery faster, and reported
lower cognitive workloads compared to the commercial
device. Further evidence that human–technology
interfaces do not work as well as they might is evident
in the following events.

Doyle (2005) reported that when a bar-coding
medication system interfered with their workflow,
nurses devised workarounds, such as removing the
armband from the patient and attaching it to the bed,
because the bar-code reader failed to interpret bar
codes when the bracelet curved tightly around a small
arm. Koppel et al. (2005) reported that a widely used
computer-based provider order entry (CPOE) system
meant to decrease medication errors actually facilitated
22 types of errors because the information needed to
order medications was fragmented across as many as
20 screens, available medication dosages differed from
those the physicians expected, and allergy alerts were
triggered only after an order was written.

Han et al. (2005) reported increased mortality among
children admitted to Children’s Hospital in Pittsburgh
after CPOE implementation. Three reasons were cited
for this unexpected outcome. First, CPOE changed the
workflow in the emergency room. Before CPOE, orders
were written for critical time-sensitive treatment based
on radio communication with the incoming transport
team before the child arrived. After CPOE
implementation, orders could not be written until the

patient arrived and was registered in the system (a
policy that was later changed). Second, entering an
order required as many as 10 clicks and took as long
as 2 minutes; moreover, computer screens sometimes
froze or response time was slow. Third, when the team
changed its workflow to accommodate CPOE, face-to-
face contact among team members diminished.
Despite the problems with study methods identified by
some of the informatics community, there certainly
were serious human–technology interface problems.

In 2005, a Washington Post article reported that
Cedars-Sinai Medical Center in Los Angeles had shut
down a $34 million system after 3 months because of
the medical staff’s rebellion. Reasons for the rebellion
included the additional time it took to complete the
structured information forms, failure of the system to
recognize misspellings (as nurses had previously
done), and intrusive and interruptive automated alerts
(Connolly, 2005). Even though physicians actually
responded appropriately to the alerts, modifying or
canceling 35% of the orders that triggered them,
designers had not found the right balance of helpful-to-
interruptive alerts. The system simply did not fit the
clinicians’ workflow.

Such unintended consequences (Ash, Berg, & Coiera,
2004) or unpredictable outcomes (Aarts, Doorewaard,
& Berg, 2004) of healthcare information systems may
be attributed, in part, to a flawed implementation

process, but there were clearly also human–
technology interaction issues. That is, the technology
was not well matched to the users and the context of
care. In the pediatric case, a system developed for
medical–surgical units was implemented in a critical
care unit.

Human–technology interface problems are the major
cause of as many as 87% of all patient monitoring
incidents (Walsh & Beatty, 2002). It is not always that
the technology itself is faulty. In fact, the technology
may perform flawlessly, but the interface design may
lead the human user to make errors (Vicente, 2004).

Rice and Tahir (2014) reported on two errors that
remind us we still have a long way to go to ensure
patient safety: In 2011, a pop-up box on a digital blood
glucose reader was misread and the patient was given
too much insulin, sending her into a diabetic coma; in
2013, a patient did not receive his psychiatric medicine
for almost 3 weeks because the pharmacy’s computer
system was set to automatically discontinue orders for
certain drugs, and there was no alert built in to notify
the team providing care to this patient that the drug
was suspended. The real issue is that the healthcare
personnel–technology interfaces continue to cause
these adverse events and near-misses. It is important
to remember that it is not only a technology or human
interface issue. Many of these problems occur when
new technology is introduced or existing technology is

modified. In addition, we must examine how the
technology tools are tested, how the human users are
prepared for their use, and how the tools are integrated
into the care delivery process (Rice & Tahir, 2014).

Improving the Human–
Technology Interface
Much can be learned from the related fields of
cognitive engineering, human factors, and
ergonomics (Figures 11-1 and 11-2) about how to
make interfaces more compatible with their human
users and the context of care. Each of these areas of
study is multidisciplinary and integrates knowledge
from multiple disciplines (e.g., computer science,
engineering, cognitive engineering, psychology, and
sociology).

Figure 11-1 Human Factors and Ergonomics

Figure 11-2 Human Factors and Ergonomics,
Continued

These areas are also concerned with health issues
arising from computer and other technology use. Longo
and Reese (2014) reminded us that

Nearly 20 years ago, the American
Optometric Association termed computer
vision syndrome (CVS) as the complex of
eye and vision problems related to near
work experienced while using a
computer. CVS symptoms reflect the

current broad diagnosis of asthenopia
(ICD-9, 368.13) [2017 ICD-10-CM
H53.149] also referred to as eyestrain.
Symptoms include: fatigue, blurred distal
or proximal vision, headache, dry or
irritated eyes, neck and/or backaches,
blurred near vision and diplopia (double
vision). (p. 8)

Longo and Reese described how to prevent computer
vision syndrome. One of the best ways to help your
eyes is to remember to look 20 feet away from your
screen every 20 minutes for a minimum of 20 seconds.
With the increased smartphone use, we are seeing
neck issues caused by the tilt of the head (with the chin
on the chest) while looking down at the smartphone or
other handheld device. You should hold your phone up
so that you are keeping your neck and eyes aligned
properly with the device’s screen for more comfortable
viewing and interactions. We must all be aware of our
posture and how our work areas are set up when using
our computers, smartphones, tablets, and any other
devices that consume a great deal of our time during
our work or personal hours.

Effken (2016) proposed the ecological approach to
interface design to help us realize a more meaningful
EHR. This approach borrowed from a small field of
psychology, ecological psychology, which “emerged

after the 3-Mile Island nuclear fiasco to allow complex
processes (like nuclear power plants) to be more easily
and safely controlled by operators. Ecological displays
subsequently have enhanced the control of airplanes,
bottling plants—and even nuclear power plants. In the
1990s, the approach began to be extended to the
complexities of healthcare” (Effken, para. 2). Ecological
displays help the user identify deviations from normal
physical or physiological processes. According to
Effken,

Given the current pressure to achieve
meaningful use of the EHR and the
availability of new, more flexible
technology, this seems like an ideal time
for informaticists (and nurse
informaticists, in particular) to consider
seriously how the ecological approach
might be applied to make the meaning of
the EHR’s data more transparent to
clinician and patient users, as well as to
make clear the value proposition of
various treatments. (para. 8)

It is evident that users and clinicians need the
technology and interfaces necessary to quickly
comprehend the multiple discrete data that are
contained in distinct parts of the EHR. “Because these
are exactly the kind of complex problems that they

were developed to solve, the analysis and design
approaches derived from ecological psychology are
worth examining further as we attempt to derive a more
meaningful EHR” (Effken, 2016, para. 8).

Over the years, three axioms have evolved for
developing effective human–computer interactions
(Staggers, 2003): (1) Users must be an early and
continuous focus during interface design; (2) the
design process should be iterative, allowing for
evaluation and correction of identified problems; and
(3) formal evaluation should take place using rigorous
experimental or qualitative methods. These axioms still
apply today and, even after all of these years, are often
not followed.

Axiom 1: Users Must Be an Early and
Continuous Focus During Interface
Design
Rubin (1994) used the term user-centered design to
describe the process of designing products (e.g.,
human–technology interfaces) so that users can carry
out the tasks needed to achieve their goals with
“minimal effort and maximal efficiency” (p. 10). Thus, in
user-centered design, the end user is emphasized.
This is still a focus of human–technology interface
design today.

Vicente (2004) argued that technology should fit
human requirements at five levels of analysis (physical,
psychological, team, organizational, and political).
Physical characteristics of the technology (e.g., size,
shape, or location) should conform to the user’s size,
grasp, and available space. Information should be
presented in ways that are consistent with known
human psychological capabilities (e.g., the number of
items that can be remembered is seven plus or minus
two). In addition, systems should conform to the
communication, workflow, and authority structures of
work teams; to organizational factors, such as culture
and staffing levels; and even to political factors, such
as budget constraints, laws, or regulations.

A number of analysis tools and techniques have been
developed to help designers better understand the task
and user environment for which they are designing.
Discussed next are task analysis, cognitive task
analysis, and cognitive work analysis (CWA).

Task analysis examines how a task must be
accomplished. Generally, analysts describe the task in
terms of inputs needed for the task, outputs (what is
achieved by the task), and any constraints on actors’
choices on carrying out the task. Analysts then lay out
the sequence of temporally ordered actions that must
be carried out to complete the task in flowcharts
(Vicente, 1999). A worker’s tasks must be analyzed.
Task analysis is very useful in defining what users must

do and which functions might be distributed between
the user and technology (U.S. Department of Health
and Human Services, 2013). Cognitive task
analysis usually starts by identifying, through
interviews or questionnaires, the particular task and its
typicality and frequency. Analysts then may review the
written materials that describe the job or are used for
training and determine, through structured interviews or
by observing experts perform the task, which
knowledge is involved and how that knowledge might
be represented. Cognitive task analysis can be used to
develop training programs. Zupanc and colleagues
(2015) reported on the use of cognitive task analysis
techniques to develop a framework from which a
colonoscopy training program could be designed. “Task
analysis methods (observation, a think-aloud protocol
and cued-recall) and subsequent expert review were
employed to identify the competency components
exhibited by practicing endoscopists with the aim of
providing a basis for future instructional design”
(Zupanc et al., p. 10). The resulting colonoscopy
competency framework consisted of “twenty-seven
competency components grouped into six categories:
clinical knowledge; colonoscope handling; situation
awareness; heuristics and strategies; clinical
reasoning; and intra and inter-personal” (Zupanc et al.,
p. 10).

Cognitive work analysis was developed specifically
for the analysis of complex, high-technology work

domains, such as nuclear power plants, intensive care
units, and emergency departments, where workers
need considerable flexibility in responding to external
demands (Burns & Hajdukiewicz, 2004; Vicente,
1999). A complete CWA includes five types of analysis:
(1) work domain, (2) control tasks, (3) strategies, (4)
social–organizational, and (5) worker competencies.
The work domain analysis describes the functions of
the system and identifies the information that users
need to accomplish their task goals. The control task
analysis investigates the control structures through
which the user interacts with or controls the system. It
also identifies which variables and relations among
variables discovered in the work domain analysis are
relevant for particular situations so that context-
sensitive interfaces can present the right information
(e.g., prompts or alerts) at the right time. The strategies
analysis looks at how work is actually done by users to
facilitate the design of appropriate human–computer
dialogues. The social–organizational analysis identifies
the responsibilities of various users (e.g., doctors,
nurses, clerks, or therapists) so that the system can
support collaboration, communication, and a viable
organizational structure. Finally, the worker
competencies analysis identifies design constraints
related to the users themselves (Effken, 2002).

Specialized tools are available for the first three types
of CWA (Vicente, 1999). Analysts typically borrow tools
(e.g., ethnography) from the social sciences for the two

remaining types. Hajdukiewicz, Vicente, Doyle,
Milgram, and Burns (2001) used CWA to model an
operating room environment. Effken (2002) and Effken
et al. (2001) used CWA to analyze the information
needs for an oxygenation management display for an
ICU. Other examples of the application of CWA in
health care are described by Burns and Hajdukiewicz
(2004) in their chapter on medical systems (pp. 201–
238). Ashoon et al. (2014) used team CWA to reveal
the interactions of the healthcare team in the context of
work models in a birthing unit. They felt that team CWA
enhances CWA in complex environments, such as
health care, that require effective teamwork because it
reveals additional constraints relevant to the workings
of the team. The information gleaned about the
teamwork could be used for systems design
applications.

Axiom 2: The Design Process Should
Be Iterative, Allowing for Evaluation
and Correction of Identified Problems
Today, both principles and techniques for developing
human–technology interfaces that people can use with
minimal stress and maximal efficiency are available. An
excellent place to start is with Norman’s (1988, pp.
188–189) principles:

1. Use both knowledge in the world and knowledge
in the head. In other words, pay attention not
only to the environment or to the user, but to
both, and to how they relate. By using both, the
problem actually may be simplified.

2. Simplify the structure of tasks. For example,
reduce the number of steps or even computer
screens needed to accomplish the goal.

3. Make things visible: Bridge the gulf of
execution and the gulf of evaluation. Users
need to be able to see how to use the
technology to accomplish a goal (e.g., which
buttons does one press and in which order to
program this PCA?); if they do, then designers
have bridged the gulf of execution. They also
need to be able to see the effects of their actions
on the technology (e.g., if a nurse practitioner
prescribes a drug to treat a certain condition, the
actual patient response may not be perfectly
clear). This bridges the gulf of evaluation.

4. Get the mappings right. Here, the term mapping
is used to describe how environmental facts
(e.g., the order of light switches or variables in a
physiologic monitoring display) are accurately
depicted by the information presentation.

5. Exploit the power of constraints, both natural
and artificial. Because of where the eyes are
located in the head, humans have to turn their
heads to see what is happening behind them;
however, that is not true of all animals. As the

location of one’s eyes constrains what one can
see, so also do physical elements, social factors,
and even organizational policy constrain the way
tasks are accomplished. By taking these
constraints into account when designing
technology, it can be made easier for humans
use.

6. Design for error. Mistakes happen. Technology
should eliminate predictable errors and be
sufficiently flexible to allow humans to identify
and recover from unpredictable errors.

7. When all else fails, standardize. To get a feel for
this principle, think how difficult it is to change
from a Macintosh to a Windows environment or
from the iPhone operating system to Android.

Kirlik and Maruyama (2004) described a real-world
human–technology interface that follows Norman’s
principles. In their classic analogy, the authors
observed how a busy expert short-order cook
strategically managed to grill many hamburgers at the
same time, but each to the customer’s desired level of
doneness. The cook put those burgers that were to be
well-done on the back and far right portion of the grill,
those to be medium well-done in the center of the grill,
and those to be rare at the front of the grill, but farther
to the left. The cook moved all burgers to the left as
grilling proceeded and turned them over during their
travel across the grill. Everything the cook needed to
know was available in this simple interface. As a

human–technology interface, the grill layout was
elegant. The interface used knowledge housed both in
the environment and in the expert cook’s head; also,
things were clearly visible, both in the position of the
burgers and in the way they were moved. The process
was clearly and effectively standardized, with built-in
constraints. What might it take to create such an
intuitive human–technology interface in health care?

Several useful books have been written about effective
interface design (e.g., Burns & Hajdukiewicz, 2004;
Cooper, 1995; Mandel, 1997; McKay, 2013; Wigdor &
Wixon, 2011). In addition, a growing body of research
is exploring new ways to present clinical data that
might facilitate clinicians’ problem identification and
accurate treatment (Agency for Healthcare Research
and Quality, 2010). Just as in other industries, health
care is learning that big data can provide big insights if
it can be visualized, accessed, and meaningful (Intel IT
Center, 2013). Often, designers use graphical objects
to show how variables relate. The first to do so were
likely Cole and Stewart (1993), who used changes in
the lengths of the sides and area of a four-sided object
to show the relationship of respiratory rate to tidal
volume. Other researchers have demonstrated that
histograms and polygon displays are better than
numeric displays for detecting changes in patients’
physiologic variables (Gurushanthaiah, Weinger, &
Englund, 1995). When Horn, Popow, and Unterasinger
(2001) presented physiologic data via a single circular

object with 12 sectors (where each sector represented
a different variable), nurses reported that it was easy to
recognize abnormal conditions, but difficult to
comprehend the patient’s overall status. This kind of
graphical object approach has been most widely used
in anesthesiology, where a number of researchers
have shown improved clinician situational awareness
or problem detection time by mapping physiologic
variables onto display objects that have meaningful
shapes, such as using a bellows-like object to
represent ventilation (Agutter et al., 2003; Blike,
Surgenor, Whallen, & Jensen, 2000; Michels,
Gravenstein, & Westenskow, 1997; Zhang et al.,
2002).

Effken (2006) compared a prototype display that
represented physiologic data in a structured pictorial
format with two bar graph displays. The first bar graph
display and the prototype both presented data in the
order that experts were observed to use them. The
second bar graph display presented the data in the
way that nurses collected them. In an experiment in
which resident physicians and novice nurses used
simulated drugs to treat observed oxygenation
management problems using each display, residents’
performance was improved with the displays ordered
as experts used them, but nurses’ performance was
not improved. Instead, nurses performed better when
the variables were ordered as they were used to
collecting them, demonstrating the importance of

understanding user roles and the tasks they need to
accomplish.

Data also need to be represented in ways other than
visually. Gaver (1993) proposed that because ordinary
sounds map onto familiar events, they could be used
as icons to facilitate easier technology navigation and
use and to provide continuous background information
about how a system is functioning. In health care,
auditory displays have been used to provide clinicians
with information about patients’ vital signs (e.g., in
pulse oximetry), such as by altering volume or tone
when a significant change occurs (Sanderson, 2006).

Admittedly, auditory displays are probably more useful
for quieter areas of the hospital, such as the operating
room. Perhaps that is why researchers have most
frequently applied the approach in anesthesiology. For
example, Loeb and Fitch (2002) reported that
anesthesiologists detected critical events more quickly
when auditory information about heart rate, blood
pressure, and respiratory parameters was added to a
visual display. Auditory tones also have been combined
as earcons to represent relationships among data
elements, such as the relationship of systolic to
diastolic blood pressure (Watson & Gill, 2004).

Axiom 3: Formal Evaluation Should
Take Place Using Rigorous

Experimental or Qualitative Methods
Perhaps one of the highest accolades that any
interface can achieve is to say that it is transparent. An
interface becomes transparent when it is so easy to
use that users no longer think about it, but only about
the task at hand. For example, a transparent clinical
interface would enable clinicians to focus on patient
decisions rather than on how to access or combine
patient data from multiple sources. In Figure 11-3,
instead of the nurse interacting with the computer, the
nurse and the patient interact through the technology
interface. The more transparent the interface, the
easier the interaction should be.

Figure 11-3 Nurse–Patient Interaction Framework in
Which the Technology Supports the Interaction

Modified from Staggers, N., & Parks, P. L. (1993). Description and initial

applications of the Staggers & Parks nurse–computer interaction

framework. Computers in Nursing, 11, 282–290. Reprinted by permission

of AMIA.

Usability is a term that denotes the ease with which
people can use an interface to achieve a particular
goal. Usability of a new human–technology interface
needs to be evaluated early and often throughout its
development. Typical usability indicators include ease
of use, ease of learning, satisfaction with using,
efficiency of use, error tolerance, and fit of the system
to the task (Staggers, 2003). Some of the more
commonly used approaches to usability evaluation are
discussed next.

Surveys of Potential or Actual Users

Chernecky, Macklin, and Waller (2006) assessed
cancer patients’ preferences for website design.
Participants were asked their preferences for a number
of design characteristics, such as display color, menu
buttons, text, photo size, icon metaphor, and layout, by
selecting on a computer screen their preferences for
each item from two or three options.

Focus Groups

Typically used at the very start of the design process,
focus groups can help the designer better understand

users’ responses to potential interface designs and to
content that might be included in the interface.

Cognitive Walkthrough

In a cognitive walkthrough, evaluators assess a
paper mockup, working prototype, or completed
interface by observing the steps users are likely to take
to use the interface to accomplish typical tasks. This
analysis helps designers determine how
understandable and easy to learn the interface is likely
to be for these users and the typical tasks (Wharton,
Rieman, Lewis, & Polson, 1994).

Heuristic Evaluation

A heuristic evaluation has become the most popular
of what are called “discount usability evaluation”
methods. The objective of a heuristic evaluation is to
detect problems early in the design process, when they
can be most easily and economically corrected. The
methods are termed “discount” because they typically
are easy to do, involve fewer than 10 experts (often
experts in relevant fields such as human–computer
technology or cognitive engineering), and are much
less expensive than other methods. They are called
“heuristic” because evaluators assess the degree to
which the design complies with recognized usability
rules of thumb or principles (the heuristics), such as
those proposed by Nielsen (1994) and available on his

website
(www.useit.com/papers/heuristic/heuristic_list.html).

For example, McDaniel and colleagues (2002)
conducted a usability test of an interactive computer-
based program to encourage smoking cessation by
low-income women. As part of the initial evaluation,
healthcare professionals familiar with the intended
users reviewed the design and layout of the program.
The usability test revealed several problems with the
decision rules used to tailor content to users that were
corrected before implementation.

Formal Usability Test

Formal usability tests typically use either experimental
or observational studies of actual users using the
interface to accomplish real-world tasks. A number of
researchers use these methods. For example,
Staggers, Kobus, and Brown (2007) conducted a
usability study of a prototype electronic medication
administration record. Participants were asked to add,
modify, or discontinue medications using the system.
The time they needed to complete the task, their
accuracy in the task, and their satisfaction with the
prototype were assessed (the last criterion through a
questionnaire). Although satisfaction was high, the
evaluation also revealed design flaws that could be
corrected before implementation.

Field Study

In a field study, end users evaluate a prototype in the
actual work setting just before its general release. For
example, Thompson, Lozano, and Christakis (2007)
evaluated the use of touch-screen computer kiosks
containing child health–promoting information in
several low-income, urban community settings through
an online questionnaire that could be completed after
the kiosk was used. Most users found the kiosk easy to
use and the information it provided easy to understand.
Researchers also gained a better understanding of the
characteristics of the likely users (e.g., 26% had never
used the Internet and 48% had less than a high school
education) and the information most often accessed
(television and media use, and smoke exposure).

Dykes and her colleagues (2006) used a field test to
investigate the feasibility of using digital pen and paper
technology to record vital signs as a way to bridge an
organization from a paper to an electronic health
record. In general, satisfaction with the tool increased
with use, and the devices conformed well to nurses’
workflow. However, 8% of the vital sign entries were
recorded inaccurately because of inaccurate
handwriting recognition, entries outside the recording
box, or inaccurate data entry (the data entered were
not valid values). The number of modifications needed
in the tool and the time that would be required to make

those changes ruled out using the digital pen and
paper as a bridging technology.

Ideally, every healthcare setting would have a usability
laboratory of its own to test new software and
technology in its own setting before actual
implementation. However, this can be expensive,
especially for small organizations. Kushniruk and
Borycki (2006) developed a low-cost rapid usability
engineering method for creating a portable usability
laboratory consisting of video cameras and other
technology that one can take out of the laboratory into
hospitals and other locations to test the technology on
site using as close to a real world environment as
possible. This is a much more cost-effective and
efficient solution and makes it possible to test all
technologies before their implementation.

A Framework for Evaluation
Ammenwerth, Iller, and Mahler (2006) proposed a fit
between individuals, tasks, and technology (FITT)
model that suggests that each of these factors be
considered in designing and evaluating human–
technology interfaces. It is not enough to consider only
the user and technology characteristics; the tasks that
the technology supports must be considered as well.
The FITT model builds on DeLone and McLean’s
(1992) information success model, Davis’s (1993)
technology acceptance model, and Goodhue and

Thompson’s (1995) task technology fit model. A
notable strength of the FITT model is that it
encourages the evaluator to examine the fit between
the various pairs of components: user and technology,
task and technology, and user and task.

Johnson and Turley (2006) compared how doctors and
nurses describe patient information and found that
doctors emphasized diagnosis, treatment, and
management, whereas the nurses emphasized
functional issues. Although both physicians and nurses
share some patient information, how they thought
about patients differed. For that reason, an EHR needs
to present information (even the same information) to
the two groups in different ways.

Hyun, Johnson, Stetson, and Bakken (2009) used a
combination of two models (technology acceptance
model and task–technology fit model) to design and
evaluate an electronic documentation system for
nurses. To facilitate the design, they employed multiple
methods, including brainstorming of experts, to identify
design requirements. To evaluate how well the
prototype design fit both task and user, nurses were
asked to carry out specific tasks using the prototype in
a laboratory setting, and then complete a questionnaire
on ease of use, usefulness, and fit of the technology
with their documentation tasks. Because the
researchers engaged nurses at each step of the design

process, the result was a more useful and usable
system.

Future of the Human–
Technology Interface
Increased attention to improving the human–
technology interface through human factors
approaches has already led to significant
improvements in one area of health care:
anesthesiology. Anesthesia machines that once had
hoses that would fit into any delivery port now have
hoses that can only be plugged into the proper port.
Anesthesiologists have also been actively working with
engineers to improve the computer interface through
which they monitor their patients’ status and are among
the leaders in investigating the use of audio techniques
as an alternative way to help anesthesiologists
maintain their situational awareness. As a result of
these efforts, anesthesia-related deaths dropped from
2 in 20,000 to 1 in 200,000 in less than 10 years
(Vicente, 2004). It is hoped that continued emphasis
on human factors (Vicente, 2004) and user-centered
design (Rubin, 1994) by informatics professionals and
human–computer interactions experts will have equally
successful effects on other parts of the healthcare
system. The increased amount of informatics research
in this area is encouraging, but there is a long way to
go.

A systematic review of clinical technology design
evaluation studies (Alexander & Staggers, 2009)
found 50 nursing studies. Of those, nearly half (24)
evaluated effectiveness, fewer (16) evaluated
satisfaction, and still fewer (10) evaluated efficiency.
The evaluations were not systematic—that is, there
was no attempt to evaluate the same system in
different environments or with different users. Most
evaluations were done in a laboratory, rather than in
the setting where the system would be used. The
authors argued for a broader range of studies that use
an expanded set of outcome measures. For example,
instead of looking at user satisfaction, evaluators
should dig deeper into the design factors that led to the
satisfaction or dissatisfaction. In addition, performance
measures, such as diagnostic accuracy, errors, and
correct treatment, should be used.

Rackspace, Brauer, and Barth (2013) reported on a
social study of the human cloud formed in part by data
collected from wearable technologies; they focused on
assessing attitudes and “exploring how cloud
computing is enabling this new generation of smart
devices” (p. 2). Today, smartphones, glasses, clothing,
watches, cameras, and monitors for health or patient
tracking, to name but a few devices, are available to
this purpose.

The additional technologies that are entering our lives
on a daily basis can enhance or challenge our ability to

complete both our activities of daily living and our
professional tasks. As our home monitoring and patient
technologies increase, the user’s (patient’s or nurse’s)
ability to use the technology is paramount. No matter
who is using the technology, the human–technology
interface addresses the user’s ability and the
technology’s functionality to complete the task
demands (see Figure 11-4).

Figure 11-4 Human Technology Interface and Task
Completion

As our technologies continue to evolve, we are creating
more design issues. The proliferation of smart devices

and wearable technology brings new concerns related
to human–technology interfaces. According to Madden
(2013), wearable technologies are adding another
wrinkle into the design process—namely, human
behavior. How will someone use this technology? How
will individuals behave with it on their person? How will
they wear it? How and when will they enable and use
it? Will others be able to detect the technologies (that
is, will someone be able to wear Google Glass and
take pictures or videos of other people’s actions), and
will users be able to seamlessly move among all of the
capabilities of his or her wearable technologies? The
human–technology interface must address these
issues. There is a long way to go.

Summary
There are at least three messages the reader should
take away from the discussion in this chapter. First, if
there is to be significant improvement in quality and
safety outcomes in the United States through the use
of information technology, the designs for human–
technology interfaces must be radically improved so
that the technology better fits human and task
requirements. However, that improvement will be
possible only if clinicians identify and report problems,
rather than simply creating workarounds. That means
that each clinician has a responsibility to participate in
the design process and to report designs that do not
work.

Second, a number of useful tools are currently
available for the analysis, design, and evaluation
phases of development life cycles. They should be
used routinely by informatics professionals to ensure
that technology better fits both task and user
requirements.

Third, focusing on interface improvement using these
tools has had a huge impact on patient safety in the
area of anesthesiology and medication administration.
With increased attention from informatics professionals
and engineers, the same kind of improvement should
be possible in other areas regardless of the
technologies actually employed there. In the ideal
world, one can envision that every human–technology
interface will be designed to enhance users’ workflow,
will be as easy to use as banking ATMs, and will be
fully tested before its implementation in a setting that
mirrors the setting where it will be used.

THOUGHT-PROVOKING QUESTIONS

1. You are a member of a team that has
been asked to evaluate a prototype
smartphone-based application for
calculating drug dosages. Based on what
you know about usability testing, which
kind of test (or tests) might you do and
why?

2. Is there a human–technology interface
that you have encountered that you think
needs improvement? If you were to
design a replacement, which analysis
techniques would you choose? Why?

3. Which type of functionality and
interoperability would you want from your
smartphone, watch, clothing, glasses,
camera, and monitor? Provide a detailed
response.

References
Aarts, J., Doorewaard, H., & Berg, M.

(2004). Understanding implementation:
The case of a computerized physician
order entry system in a large Dutch
university medical center. Journal of
the American Medical Association, 11,
207–216.

Agency for Healthcare Research and
Quality (AHRQ). (2010). Improving
data collection across the health care
system. Retrieved from
http://www.ahrq.gov/research/findings/final-
reports/iomracereport/reldata5.html

Agutter, J., Drews, F., Syroid, N.,
Westneskow, D., Albert, R., Strayer,
D., . . . Weinger, M. (2003). Evaluation
of graphic cardiovascular display in a
high-fidelity simulator. Anesthesia and
Analgesia, 97, 1403–1413.

Alexander, G., & Staggers, N. (2009). A
systematic review of the designs of
clinical technology findings and
recommendations for future research.
Advances in Nursing Science, 32(3),
252–279.

Ammenwerth, E., Iller, C., & Mahler, C.
(2006). IT-adoption and the interaction
of task, technology and individuals: A
fit framework and a case study. BMC
Medical Informatics and Decision
Making, 6, 3.

Ash, J. S., Berg, M., & Coiera, E. (2004).
Some unintended consequences of
information technology in health care:
The nature of patient care information
system-related errors. Journal of the

American Medical Informatics
Association, 11, 104–112.

Ashoon, M., Burns, C., d’Entremont, B., &
Momtahan, K. (2014). Using team
cognitive work analysis to reveal
healthcare team interactions in a
birthing unit. Ergonomics, 57(7), 973–
986.

Blike, G. T., Surgenor, S. D., Whallen, K.,
& Jensen, J. (2000). Specific elements
of a new hemodynamics display
improves the performance of
anesthesiologists. Journal of Clinical
Monitoring & Computing, 16, 485–491.

Burns, C. M., & Hajdukiewicz, J. R.
(2004). Ecological interface design.
Boca Raton, FL: CRC Press.

Chernecky, C., Macklin, D., & Waller, J.
(2006). Internet design preferences of
patients with cancer. Oncology Nursing
Forum, 33, 787–792.

Cole, W. G., & Stewart, J. G. (1993).
Metaphor graphics to support
integrated decision making with
respiratory data. International Journal
of Clinical Monitoring and Computing,
10, 91–100.

Connolly, C. (2005, March 21). Cedars-
Sinai doctors cling to pen and paper.
Washington Post, p. A01.

Cooper, A. (1995). About face: Essentials
of window interface design. New York,
NY: Hungry Minds, Inc.

Davis, F. D. (1993). User acceptance of
information technology: System
characteristics, user perceptions and
behavioral impacts. International
Journal of Man–Machine Studies, 38,
475–487.

DeLone, W. H., & McLean, E. (1992).
Information systems success: The
question for the dependent variable.
Information Systems Research, 3(1),
60–95.

Doyle, M. (2005). Impact of the Bar Code
Medication Administration (BCMA)
system on medication administration
errors. Unpublished doctoral
dissertation, University of Arizona,
Tucson, AZ.

Dykes, P. C., Benoit, A., Chang, F.,
Gallagher, J., Li, Q., Spurr, C., . . .
Prater, M. (2006). The feasibility of
digital pen and paper technology for
vital sign data capture in acute care
settings. In AMIA 2006 Symposium
Proceedings (pp. 229–233).
Washington, DC: American Medical
Informatics Association.

Effken, J., Loeb, R., Johnson, K.,
Johnson, S., & Reyna, V. (2001). Using
cognitive work analysis to design
clinical displays. In V. L. Patel, R.
Rogers, & R. Haux (Eds.),
Proceedings of MedInfo-2001 (pp. 27–
31). London, UK: IOS Press.

Effken, J. (2016, February). Proposed: An
ecological interface design approach to
a more meaningful EHR. Online
Journal of Nursing Informatics (OJNI),
19(3). Retrieved from
http://www.himss.org/proposed-
ecological-interface-design-
approach-more-meaningful-ehr

Effken, J. A. (2002). Different lenses,
improved outcomes: A new approach
to the analysis and design of
healthcare information systems.
International Journal of Medical
Informatics, 65, 59–74.

Effken, J. A. (2006). Improving clinical
decision making through ecological
interfaces. Ecological Psychology,
18(4), 283–318.

Gaver, W. W. (1993). What in the world do
we hear? An ecological approach to
auditory event perception. Ecological
Psychology, 5, 1–30.

Gephart, S., & Effken, J. (2013). Using
health information technology to
engage patients in their care. Online
Journal of Nursing Informatics (OJNI),
17(3). Retrieved from
http://ojni.org/issues/?p=2848

Goodhue, D. L., & Thompson, R. L.
(1995). Task–technology fit and
individual performance. MIS Quarterly,
19(2), 213–236.

Gurushanthaiah, K. I., Weinger, M. B., &
Englund, C. E. (1995). Visual display
format affects the ability of
anesthesiologists to detect acute
physiologic changes: A laboratory
study employing a clinical display
simulator. Anesthesiology, 83, 1184–
1193.

Hajdukiewicz, J. R., Vicente, K. J., Doyle,
D. J., Milgram, P., & Burns, C. M.
(2001). Modeling a medical
environment: An ontology for
integrated medical informatics design.

International Journal of Medical
Informatics, 62, 79–99.

Han, Y. Y., Carcillo, J. A., Venkataraman,
S. T., Clark, R. S. B., Watson, R. S.,
Nguyen, T., . . . Orr, R. (2005).
Unexpected increased mortality after
implementation of a commercially sold
computerized physician order entry
system. Pediatrics, 116, 1506–1512.

Horn, W., Popow, C., & Unterasinger, L.
(2001). Support for fast
comprehension of ICU data:
Visualization using metaphor graphics.
Methods in Informatics Medicine, 40,
421–424.

Hyun, S., Johnson, S. B., Stetson, P. D., &
Bakken, S. (2009). Development and
evaluation of nursing user interface
screens using multiple methods.
Journal of Biomedical Informatics,
42(6), 1004–1012.

Institute of Medicine. (1999). To err is
human: Building a safer health system.

Washington, DC: Author.

Intel IT Center. (2013). Big data
visualization: Turning big data into big
insights. Retrieved from
http://www.intel.com/content/dam/www/public/us/en/documents/white-
papers/big-data-visualization-
turning-big-data-into-big-
insights.pdf

Johnson, C. M., & Turley, J. P. (2006). The
significance of cognitive modeling in
building healthcare interfaces.
International Journal of Medical
Informatics, 75(2), 163–172.

Johnson, C. W. (2006). Why did that
happen? Exploring the proliferation of
barely usable software in healthcare
systems. Quality & Safety in
Healthcare, 15(suppl 1), 176–181.

Kirlik, A., & Maruyama, S. (2004).
Human–technology interaction and
music perception and performance:
Toward the robust design of

sociotechnical systems. Proceedings
of the IEEE, 92(4), 616–631.

Koppel, R., Metlay, J. P., Cohen, A.,
Abaluck, B., Localio, A. R., Kimmel, S.
E., & Stron, B. (2005). Role of
computerized physician order entry
systems in facilitating medication
errors. Journal of the American
Medical Association, 293(10), 1197–
1203.

Kushniruk, A. W., & Borycki, E. M. (2006).
Low-cost rapid usability engineering:
Designing and customizing usable
healthcare information systems.
Healthcare Quarterly (Toronto, Ont.),
9(40), 98–100, 102.

Loeb, R. G., & Fitch, W. T. (2002). A
laboratory evaluation of an auditory
display designed to enhance
intraoperative monitoring. Anesthesia
and Analgesia, 94, 362–368.

Longo, B., & Reese, C. (2014). Human–
technology interface: Computers &

vision health. Nevada RNformation,
23(1), 8–19.

Madden, S. (2013). With wearable tech
like Google Glass, human behavior is
now a design problem. Gigaom.
Retrieved from
http://gigaom.com/2013/06/15/with-
wearable-tech-like-google-glass-
human-behavior-is-now-a-design-
problem

Mandel, T. (1997). The elements of user
interface design. New York, NY: John
Wiley & Sons.

McDaniel, A., Hutchinson, S., Casper, G.
R., Ford, R. T., Stratton, R., &
Rembush, M. (2002). Usability testing
and outcomes of an interactive
computer program to promote smoking
cessation in low income women. In
Proceedings AMIA 2002 (pp. 509–
513). Washington, DC: American
Medical Informatics Association.

McKay, E. (2013). UI is communication:
How to design intuitive, user-centered
interfaces by focusing on effective
communication. New York, NY:
Elsevier.

Michels, P., Gravenstein, D., &
Westenskow, D. R. (1997). An
integrated graphic data display
improves detection and identification of
critical events during anesthesia.
Journal of Clinical Monitoring &
Computing, 13, 249–259.

Nielsen, J. (1994). Heuristic evaluation. In
J. Nielsen & R. L. Mack (Eds.),
Usability inspection methods (pp. 25–
62). New York, NY: John Wiley & Sons.

Norman, D. A. (1988). The psychology of
everyday things. New York, NY: Basic
Books.

Quinn, M., & Meeker, L. (2000). Research
set to music: The climate symphony
and other sonifications of ice core,
radar, DNA, seismic and solar wind

data. Retrieved from
http://www.drsrl.com/climate_paper.html

Rackspace, Brauer, C. & Barth, J. (2013).
The human cloud: Wearable
technology from novelty to productivity.
A social study into the impact of
wearable technology. Retrieved from
http://www.rackspace.co.uk/sites/default/files/whitepapers/The_Human_Cloud_-
_June_2013.pdf

Rice, S. & Tahir, D. (2014). The human
factor. Modern Healthcare, 44(33), 12–
15.

Rubin, J. (1994). Handbook of usability
testing: How to plan, design, and
conduct effective tests. New York, NY:
Wiley & Sons.

Sanderson, P. (2006). The multimodal
world of medical monitoring displays.
Applied Ergonomics, 37, 501–512.

Staggers, N. (2003). Human factors:
Imperative concepts for information

systems in critical care. AACN Clinical
Issues, 14(3), 310–319.

Staggers, N., Kobus, D., & Brown, C.
(2007). Nurses’ evaluations of a novel
design for an electronic medication
administration record. CIN: Computers,
Informatics, Nursing, 25(2), 67–75.

Thompson, D. A., Lozano, P., &
Christakis, D. A. (2007). Parent use of
touchscreen computer kiosks for child
health promotion in community
settings. Pediatrics, 119(3), 427–434.

U.S. Department of Health and Human
Services. (2013). Usability.gov: Task
analysis. Retrieved from
http://www.usability.gov/how-to-
and-tools/methods/task-
analysis.html

Vicente, K. (2004). The human factor.
New York, NY: Routledge.

Vicente, K. J. (1999). Cognitive work
analysis: Toward safe, productive, and
healthy computer-based work.
Mahwah, NJ: Lawrence Erlbaum
Associates.

Vincent, D., Hastings-Tolsma, M., &
Effken, J. (2010). Data visualization
and large nursing datasets. Online
Journal of Nursing Informatics, 14(2).
Retrieved from
http://ojni.org/14_2/Vincent.pdf

Walsh, T., & Beatty, P. C. W. (2002).
Human factor error and patient
monitoring. Physiological
Measurement, 23, R111–R132.

Watson, G., & Gill, T. (2004). Earcon for
intermittent information in monitoring
environments. In Proceedings of the
2004 Conference of the Computer–
Human Interaction Special Interest
Group of the Human Factors and
Ergonomics Society of Australia
(OzCHI2004), Wollonggong, New
South Wales, November 22–24, 1994.

Wharton, C., Rieman, J., Lewis, C., &
Polson, P. (1994). The cognitive
walkthrough: A practitioner’s guide. In
J. Nielsen & R. L. Mack (Eds.),
Usability inspection methods (pp. 105–
139). New York, NY: John Wiley &
Sons.

Wigdor, D., & Wixon, D. (2011). Brave NUI
world: Designing natural user
interfaces for touch and gesture. New
York, NY: Elsevier.

Zhang, Y., Drews, F. A., Westenskow, D.
R., Foresti, S., Agutter, J., Burmedez,
J. C., . . . Loeb, R. (2002). Effects of
integrated graphical displays on
situation awareness in
anaesthesiology. Cognition,
Technology & Work, 4, 82–90.

Zupanc, C., Burgess-Limerick, R., Hill, A.,
Riek, S., Wallis, G., Plooy, A., . . .
Hewett, D. (2015). A competency
framework for colonoscopy training
derived from cognitive task analysis

techniques and expert review. BMC
Medical Education, 15, 1–11.

CHAPTER 12: Electronic
Security

Lisa Reeves Bertin, Kathleen Mastrian, and Dee
McGonigle

Objectives
1. Assess processes for securing electronic

information in a computer network.
2. Identify various methods of user

authentication and relate authentication
to security of a network.

3. Explain methods to anticipate and
prevent typical threats to network
security.

Key Terms
» Antivirus software

» Authentication

» Baiting

» Biometrics

» Brute force attack

» Confidentiality

» Electronic protected health information
(EPHI)

» Firewall

» Flash drives

» Hackers

» Integrity

» Intrusion detection devices

» Intrusion detection system

» Jump drives

» Malicious code

» Malicious insiders

» Malware

» Mask

» Negligent insider

» Network

» Network accessibility

» Network availability

» Network security

» Password

» Phishing

» Proxy server

» Radio frequency identification (RFID)

» Ransomware

» Scareware

» Secure information

» Security breaches

» Shoulder surfing

» Social engineering

» Spear phishing

» Spyware

» Thumb drives

» Trojan horses

» Viruses

» Worms

» Zero day attack

Introduction
In addition to complying with federal HIPAA and
HITECH guidelines regarding the privacy of patient
information, healthcare systems need to be vigilant in
the way that they secure information and manage
network security. Mowry and Oakes (n.d.) discuss the
vulnerability of electronic health records to data
breaches. They suggest that as many as 77 persons
could view a patient’s record during a hospital stay. It is
critical for information technology (IT) policies and
procedures to ensure appropriate access by clinicians
and to protect private information from inappropriate
access. However, authentication procedures can be
cumbersome and time consuming, thus reducing
clinician performance efficiency.

Physicians spend on average 7 minutes per patient
encounter, with nearly 2 minutes of that time being
devoted to managing logins and application navigation.
Likewise, an average major healthcare provider must
deal with more than 150 applications—most requiring
different user names and passwords—making it difficult
for caregivers to navigate and receive contextual
information. Healthcare organizations must strike the
right balance, in terms of simplifying access to core
clinical datasets while maximizing the time providers

can interact with patients without jeopardizing data
integrity and security (Mowry & Oakes, n.d., para. 7).

This chapter explores use of information and
processes for securing information in a health system
computer network.

Securing Network Information
Typically, a healthcare organization has computers
linked together to facilitate communication and
operations within and outside the facility. This is
commonly referred to as a network. The linking of
computers together and to the outside world creates
the possibility of a breach of network security and
exposes the information to unauthorized use. With the
advent of smart devices, managing all of these risks
has become a nightmare for some institutions’ security
processes. In the past, stationary devices or computers
resided within healthcare facilities. Today, smart
devices travel in and out of healthcare organizations
with patients, family members, and other visitors, as
well as employees—both staff and healthcare
providers alike. According to Sullivan (2012), “Even as
they promise better health and easier care delivery,
wireless medical devices (MDs) carry significant
security risks. And the situation is only getting trickier
as more and more MDs come with commercial
operating systems that are both Internet-connected
and susceptible to attack” (para. 1).

The three main areas of secure network information
are (1) confidentiality, (2) availability, and (3)
integrity. An organization must follow a well-defined
policy to ensure that private health information remains
appropriately confidential. The confidentiality policy
should clearly define which data are confidential and
how those data should be handled. Employees also
need to understand the procedures for releasing
confidential information outside the organization or to
others within the organization and know which
procedures to follow if confidential information is
accidentally or intentionally released without
authorization. In addition, the organization’s
confidentiality policy should contain consideration for
elements as basic as the placement of monitors so that
information cannot be read by passersby. Shoulder
surfing, or watching over someone’s back as that
person is working, is still a major way that
confidentiality is compromised.

Availability refers to network information being
accessible when needed. This area of the policy tends
to be much more technical in nature. An accessibility
policy covers issues associated with protecting the key
hardware elements of the computer network and the
procedures to follow in case of a major electric outage
or Internet outage. Food and drinks spilled onto
keyboards of computer units, dropping or jarring
hardware, and electrical surges or static charges are all
examples of ways that the hardware elements of a

computer network may be damaged. In the case of an
electrical outage or a weather-related disaster, the
network administrator must have clear plans for data
backup, storage, and retrieval. There must also be
clear procedures and alternative methods of ensuring
that care delivery remains largely uninterrupted.

Another way organizations protect the availability of
their networks is to institute an acceptable use policy.
Elements covered in such policy could include which
types of activities are acceptable on the corporate
network. For example, are employees permitted to
download music at work? Restricting downloads is a
very common way for organizations to prevent viruses
and other malicious code from entering their networks.
The policy should also clearly define which activities
are not acceptable and identify the consequences for
violations.

The last area of information security is integrity.
Employees need to have confidence that the
information they are reading is true. To accomplish this,
organizations need clear policies to clarify how data
are actually inputted, determine who has the
authorization to change such data, and track how and
when data are changed. All three of these areas use
authorization and authentication to enforce the
corporate policies. Access to networks can easily be
grouped into areas of authorization (e.g., users can be
grouped by job title). For example, anyone with the job

title of “floor supervisor” might be authorized to change
the hours worked by an employee, whereas an
employee with the title of “patient care assistant”
cannot make such changes.

Authentication of Users
Authentication of employees is also used by
organizations in their security policies. The most
common ways to authenticate rely on something the
user knows, something the user has, or something the
user is (Figure 12-1).

A © Photos.com

B

C © Gary James Calder/Shutterstock

Figure 12-1 Ways to Authenticate Users

A. An ID badge, B. Examples of weak and strong passwords, C. A finger

on a biometric scanner.

Something a user knows is a password. Most
organizations today enforce a strong password policy,
because free software available on the Internet can
break a password from the dictionary very quickly.
Strong password policies include using combinations of
letters, numbers, and special characters, such as plus
signs and ampersands. Some organizations are
suggesting the use of passphrases to increase the
strength of a password. See Box 12-1 for an overview
of best practices to create strong passwords. Policies
typically include the enforcement of changing
passwords every 30 or 60 days. Passwords should
never be written down in an obvious place, such as a
sticky note attached to the monitor or under the
keyboard.

BOX 12-1 BEST PRACTICES FOR

CREATING AND MANAGING

PASSWORDS

DO
Review the specific system guidelines for
users—most will have information on
password parameters and allowable
characters.
Use a combination of letters, numbers,
special characters (!, $, %, &, *) and upper-

and lowercase.
Longer passwords are harder to crack.
Consider at least 8 characters if the system
allows.
Choose a password that is based on a
phrase: Use portions or abbreviations of the
words in the phrase, or use substitutions
(e.g., $ for S, 4 for “for”) to create the
password. Example phrase: “Lucy in the Sky
with Diamonds” was released in 1967;
example password: LUit$wdia67.
Think carefully about the password and
create something that is easy for you to
remember.
Change your password frequently, and do so
immediately if you believe your system or
email has been hacked.
Consider using a password manager
program to help you create strong
passwords and store them securely.

Do NOT:
Share your password with anyone.
Post your passwords in plain sight.
Use dictionary words or any personal
characteristics (your name, phone number,
or birthday).
Use a string of numbers.
Use the same password for multiple sites.

Data from Pennsylvania State Information
Technology Services. (2015). Password best
practices. Retrieved from
http://its.psu.edu/legacy/be-safe/password-
best-practices.html

The second area of authentication is something the
user has, such as an identification (ID) card. ID cards
can be magnetic, similar to a credit card, or have a
radio frequency identification (RFID) chip embedded
into the card.

The last area of authentication is biometrics. Devices
that recognize thumb prints, retina patterns, or facial
patterns are available. Depending on the level of
security needed, organizations commonly use a
combination of these types of authentication.

Threats to Security
The largest benefit of a computer network is the ability
to share information. However, organizations need to
protect that information and ensure that only authorized
individuals have access to the network and the data
appropriate to their role. Threats to data security in
healthcare organizations are becoming increasingly
prevalent. A nationwide survey by the Computing
Technology Industry Association (CompTIA) found that
human error was responsible for more than half of
security breaches. Human error was categorized as

failure to follow policies and procedures, general
carelessness, lack of experience with websites and
applications, and being unaware of new threats
(Greenberg, 2015). According to Degaspari (2010),
“Given the volume of electronic patient data involved,
it’s perhaps not surprising that breaches are occurring.
According to the Department of Health and Human
Services’ Office of Civil Rights (OCR), 146 data
breaches affecting 500 or more individuals occurred
between December 22, 2009, and July 28, 2010. The
types of breaches encompass theft, loss, hacking, and
improper disposal; and include both electronic data and
paper records” (para. 4). The Fifth Annual Benchmark
Study on Privacy & Security of Healthcare Data
(Ponemon Institute, 2015) reported that “[m]ore than
90 percent of healthcare organizations represented in
this study had a data breach, and 40 percent had more
than five data breaches over the past two years” (para.
3). Interestingly, the most common type of data breach
was related to a criminal attack on the healthcare
organization (up 125% in the last 5 years). Key terms
related to criminal attacks are brute force attack
(software used to guess network passwords) and zero
day attack (searching for and exploiting software
vulnerabilities). Of the intentional data breaches (as
opposed to unintentional), “45 percent of healthcare
organizations say the root cause of the data breach
was a criminal attack and 12 percent say it was due to
a malicious insider” (Ponemon Institute, para. 4). That
leaves nearly 43% of data breaches in the

unintentional category. The Healthcare Information and
Management Systems Society (HIMSS) 2015 survey
reported the negligent insider as the most common
source of a security breach. Examples of
unintentional/negligent breaches include lost or stolen
devices, or walking away from a workstation without
logging off. If you use a device in your work and it is
lost or stolen, or you violate policy by walking away
from a workstation without logging off, this may be
considered negligence and you may be subject to
discipline or even lose your job. An interesting example
of an unintentional data breach was reported on the
OCR website: A company leased photocopier
equipment and returned it without erasing the
healthcare data stored on the copier hard drive,
resulting in a settlement of over $1.2 million (U.S.
Department of Health and Human Services, n.d.).
Healthcare organizations need to be proactive in
anticipating the potential for and preventing security
breaches.

The first line of defense is strictly physical. A locked
office door, an operating system that locks down after 5
minutes of inactivity, and regular security training
programs are extremely effective in this regard. Proper
workspace security discipline is a critical aspect of
maintaining security. Employees need to be properly
trained to be aware of computer monitor visibility,
shoulder surfing, and policy regarding the removal of
computer hardware. A major issue facing organizations

is removable storage devices (Figure 12-2). CD/DVD
burners, jump drives, flash drives, and thumb drives
(which use USB port access) are all potential security
risks. These devices can be slipped into a pocket and,
therefore, are easily removed from the organization.
One way to address this physical security risk is to limit
the authorization to write files to a device.
Organizations are also turning off the CD/DVD burners
and USB ports on company desktops.

Figure 12-2 A Removable Storage Device

© Alex Kotlov/Shutterstock

The most common security threats a corporate network
faces are hackers, malicious code (spyware,
adware, ransomware, viruses, worms, Trojan
horses), and malicious insiders. Acceptable use
policies help to address these problems. For example,

employees may be restricted from downloading files
from the Internet. Downloaded files, including email
attachments, are the most common way viruses and
other malicious codes enter a computer network.
Network security policies typically prohibit employees
from using personal CDs/DVDs and USB drives,
thereby preventing the transfer of malicious code from
a personal computer to the network.

Let’s look more closely at some of these common
network security threats. We typically think of hackers
as outsiders who attempt to break into a network by
exploiting software and network vulnerabilities, and
indeed these black hat (malicious) hackers (crackers)
do exist. However, more organizations are looking to
employ ethical hackers (white hat hackers), those who
are skilled at looking for and closing network security
vulnerabilities (Caldwell, 2011).

Spyware and adware are normally controlled in a
corporate network by limiting the functions of the
browsers used to surf the Internet. For example, the
browser privacy options can control how cookies are
used. A cookie is a very small file written to the hard
drive of a computer whose user is surfing the Internet.
This file contains information about the user. For
example, many shopping sites write cookies to the
user’s hard drive containing the user’s name and
preferences. When that user returns to the site, the site
will greet her by name and list products in which she is

possibly interested. Weather websites send cookies to
users’ hard drives with their ZIP code so that when
each user returns to that site, the local weather
forecast is immediately displayed. On the negative
side, cookies can follow the user’s travels on the
Internet. Marketing companies use spying cookies to
track popular websites that could provide a return on
advertising expenditures. Spying cookies related to
marketing typically do not track keystrokes in an
attempt to steal user IDs and passwords; instead, they
simply track which websites are popular, and these
data are used to develop advertising and marketing
strategies. Nurse informaticists exploring new
healthcare technologies on the Internet may find that
ads for these technologies begin to pop up the next few
times they are on the Internet. Spyware that does steal
user IDs and passwords contains malicious code that
is normally hidden in a seemingly innocent file
download. This threat to security explains why
healthcare organizations typically do not allow
employees to download files. The rule of thumb to
protect the network and one’s own computer system is
to only download files from a reputable site that
provides complete contact information. Be aware that
malicious code is sometimes hidden in an email link or
in a file sent by a trusted contact whose email has
been hacked. If you are not expecting a file from an
email contact, or if you receive an email with only a link
in it—resist the urge to download or click!

A relatively new threat to healthcare organizations is
ransomware—malicious code that blocks the
organization from using their computer systems until a
ransom is paid to the hacker. Consider this recent case
of ransomware intrusion:

In February 2016 a hospital in Los
Angeles made headlines for giving in to
the ransom demand of hackers who used
encryption to cripple its internal computer
network, including electronic patient
records, for three weeks, causing it to
lose patients and money. After the
hackers initially demanded $3.4 million,
the hospital paid them $17,000. In
explaining his decision, Allen Stefanek,
president of Hollywood Presbyterian
Medical Center, said, “The quickest and
most efficient way to restore our systems
and administrative functions was to pay
the ransom.” The money was transferred
through Bitcoin, a cryptocurrency that
permits anonymity. (Goldsborough,
2016, para. 2–3)

In addition to strict policies related to network security,
organizations may also use such devices as firewalls
(covered in the next section) and intrusion detection
devices to protect from hackers. Protect yourself at

home by ensuring that you have an updated version of
antivirus software, be wary of unusual emails, and
develop strong passwords and change them frequently.
If your email is hacked, report it to the proper
authorities as soon as possible, warn your contacts
that you have been hacked, change your password,
and check to see that your antivirus software is up to
date.

Another huge threat to corporate security is social
engineering, or the manipulation of a relationship
based on one’s position (or pretend position) in an
organization. For example, someone attempting to
access a network might pretend to be an employee
from the corporate IT office, who simply asks for an
employee’s user ID and password. The outsider can
then gain access to the corporate network. Once this
access has been obtained, all corporate information is
at risk. A second example of social engineering is a
hacker impersonating a federal government agent.
After talking an employee into revealing network
information, the hacker has an open door to enter the
corporate network. A related type of social engineering
is phishing. Phishing is an attempt to steal information
by manipulating the recipient of an email or phone call
to provide passwords or other private information. Box
12-2 contains an example of a phishing email and tips
for identifying phishing scams.

BOX 12-2 IDENTIFYING PHISHING

SCAMS

Example of a Phishing Scam Email

Check suspicious emails for grammar and
spelling errors, generic greetings (User, Dear,
Dearest, etc.), requests for immediate action, or
requests for personal information (passwords,
bank account numbers). Some phishing emails
may appear to come from your bank or other
trusted organization. Think carefully about why a
seemingly legitimate organization might be
asking for information they should already have,
or ask yourself why they might need to know
what they are asking for. Be aware of your
organization’s procedures for reporting phishing
scams, and do so immediately.

Data from Pennsylvania State University Office
of Information Security. (2016). Stop phishing
scams. Retrieved from
http://phishing.psu.edu/what-is-phishing

Additional types of social engineering schemes include
spear phishing, which is a more specifically targeted
scheme where the attacker takes advantage of contact
information provided in an organization’s directory and
tailors the scam email to a specific person; baiting,
where a malware-infected USB flash drive is left in a
public area, thus tricking the finder into loading it to
identify its owner; and scareware, where the scam
email reports that the user has been hacked and tricks
them into giving the hacker remote access to the
computer to “fix” it (TechTarget, n.d.).

Another example of an important security threat to a
corporate network is the malicious insider. This person
can be a disgruntled or recently fired employee whose
rights of access to the corporate network have not yet
been removed. In the case of a recently fired
employee, his or her network access should be
suspended immediately upon notice of termination. To
avoid the potentially hazardous issues created by
malicious insiders, healthcare organizations need
some type of policy and specific procedures to monitor
employee activity to ensure that employees carry out
only those duties that are part of their normal job.
Separation of privileges is a common security tool; no
one employee should be able to complete a task that
could cause a critical event without the knowledge of
another employee. For example, the employee who
processes the checks and prints them should not be
the same person who signs those checks. Similarly, the

employee who alters pay rates and hours worked
should be required to submit a weekly report to a
supervisor before the changes take effect. Software
that can track and monitor employee activity is also
available. This software can log which files an
employee accesses, whether changes were made to
files, and whether the files were copied. Depending on
the number of employees, organizations may also
employ a full-time electronic auditor who does nothing
but monitor activity logs. More than half of healthcare
organizations have hired full-time employees to provide
network security (HIMSS, 2015). Additional strategies
for securing networks suggested in this most recent
HIMSS survey were mock cyberdefense exercises,
sharing information between and among healthcare
organizations, monitoring vendor intelligence feeds,
and subscribing to security alerts and tips from
US_CERT (United States Computer Emergency
Readiness Team).

Security Tools
A wide range of tools are available to an organization
to protect the organizational network and information.
These tools can be either a software solution, such as
antivirus software, or a hardware tool, such as a
proxy server. Such tools are effective only if they are
used along with employee awareness training. The
2015 HIMSS Cybersecurity Survey results indicate that
an average of 11 different software tools were used by

respondents to provide network security, with antivirus
technology, firewalls, and data encryption as the most
common tools.

For example, email scanning is a commonly used
software tool. All incoming email messages are
scanned to ensure they do not contain a virus or some
other malicious code. This software can find only
viruses that are currently known, so it is important that
the virus software be set to search for and download
updates automatically. Organizations can further
protect themselves by training employees to never
open an email attachment unless they are expecting
the attachment and know the sender. Even IT
managers have fallen victim to email viruses that sent
infected emails to everyone in their address book.
Employees should be taught to protect their
organization from new viruses that may not yet be
included in their scanning software by never opening
an email attachment unless the sender is known and
the attachment is expected. Email scanning software
and antivirus software should never be turned off, and
updates should be installed at least weekly—or, ideally,
daily. Software is also available to scan instant
messages and to delete automatically any spam email.

Many antivirus and adware software packages are
available for fees ranging from free to more than $25
per month (for personal use) to several thousands of
dollars per month (to secure an organization’s

network). The main factors to consider when
purchasing antivirus software are its effectiveness (i.e.,
the number of viruses it has missed), the ease of
installation and use, the effectiveness of the updates,
and the help and user support available. Numerous
websites compare and contrast the most recent
antivirus software packages. Be aware, however, that
some of these sites also sell antivirus software, so they
may present biased information.

Firewalls are another tool used by organizations to
protect their corporate networks when they are
attached to the Internet. A firewall can be either
hardware, software, or a combination of both that
examines all incoming messages or traffic to the
network. The firewall can be set up to allow only
messages from known senders into the corporate
network. It can also be set up to look at outgoing
information from the corporate network. If the message
contains some type of corporate secret, the firewall
may prevent the message from leaving. In essence,
firewalls serve as electronic security guards at the gate
of the corporate network.

Proxy servers also protect the organizational network.
Proxy servers prevent users from directly accessing
the Internet. Instead, users must first request passage
from the proxy server. The server looks at the request
and makes sure the request is from a legitimate user
and that the destination of the request is permissible.

For example, organizations can block requests to view
a website with the word “sex” in the title or the actual
uniform resource locator of a known pornography site.
The proxy server can also lend the requesting user a
mask to use while he or she is surfing the Web. In this
way, the corporation protects the identity of its
employees. The proxy server keeps track of which
employees are using which masks and directs the
traffic appropriately.

With hacking becoming more common, healthcare
organizations must have some type of protection to
avoid this invasion. An intrusion detection system
(both hardware and software) allows an organization to
monitor who is using the network and which files that
user has accessed. Detection systems can be set up to
monitor a single computer or an entire network.
Corporations must diligently monitor for unauthorized
access of their networks. Anytime someone uses a
secured network, a digital footprint of all of the user’s
travels is left, and this path can be easily tracked by
electronic auditing software.

Offsite Use of Portable Devices
Offsite uses of portable devices, such as laptops,
tablets, home computing systems, smartphones, smart
devices, and portable data storage devices, can help to
streamline the delivery of health care. For example,
home health nurses may need to access electronic

protected health information (EPHI) via a wireless
laptop connection during a home visit, or a physician
might use a smartphone to get specific patient
information related to a prescription refill in response to
a patient request. These mobile devices are invaluable
to healthcare efficiency and responsiveness to patient
need in such cases. At the very least, however,
agencies should require data encryption when EPHI is
being transmitted over unsecured networks or
transported on a mobile device as a way of protecting
sensitive information. Hotspots provided by companies,
such as coffee shops or restaurants, and by airports
are not secured networks. Virtual private networks
(VPNs) must be used to ensure that all data
transmitted on unsecured networks are encrypted. The
user must log into the VPN to reach the organization’s
network.

Only data essential for the job should be maintained on
the mobile device; other nonclinical information, such
as Social Security numbers, should never be carried
outside the secure network. Some institutions make
use of thin clients, which are basic interface portals that
do not keep secure information stored on them.
Essentially, users must log in to the network to get the
data they need. Use of thin clients may be problematic
in patient care situations where the user cannot access
the network easily. For example, some rural areas of
the United States do not have wireless or cellular data
coverage. In these instances, private health information

may need to be stored in a clinician’s laptop or tablet.
This is comparable to home health nurses carrying
paper charts in their cars to make home visits, and it
entails the same responsibilities accompanying such
use of private information outside the institution’s walls.

What happens if one of these devices is lost or stolen?
The agency is ultimately responsible for the integrity of
the data contained on these devices and is required by
HIPAA regulations (U.S. Department of Health and
Human Services, 2006) to have policies in place
covering such items as appropriate remote use,
removal of devices from their usual physical location,
and protection of these devices from loss or theft.
Simple rules, such as covering laptops left in a car and
locking car doors during transport of mobile devices
containing EPHI, can help to deter theft. If a device is
lost or stolen, the agency must have clear procedures
in place to help ensure that sensitive data are not
released or used inappropriately. Software packages
that provide for physical tracking of the static and
mobile computer inventory including laptops,
smartphones, and tablets are being used more widely
and can assist in the recovery of lost or stolen devices.
In addition, some software that allows for remote data
deletion (data wipe) in the event of theft or loss of a
mobile device can be invaluable to the agency in
preventing the release of EPHI.

If a member of an agency is caught accessing EPHI

inappropriately or steals a mobile device, the sanctions
should be swift and public. Sanctions may range from a
warning or suspension with retraining to termination or
prosecution, depending on the severity of the security
breach. The sanctions must send a clear message to
all that protecting EPHI is serious business.

The U.S. Department of Health and Human Services
(n.d.) suggests the following strategies for managing
remote access:

Restricting remote access to computers owned or
configured by your organization
Disallowing administrator privileges on remote
access computers
Placing restrictions in the VPN and remote access
policies
Configuring the VPN to operate in a “sandbox” or
virtual environment that isolates the session from
other software running on the remote machine
Educating users about safe computing practices in
remote locations (para. 8)

To protect our patients and their data, nurses must
consider the impact of wireless mobile devices (see
Box 12-3). Data can be stolen by an employee very
easily through the use of email or file transfers.

Malware, or malicious code that infiltrates a network,
can collect easily accessible data. One of the evolving

issues is lost or stolen devices that can provide a
gateway into a healthcare organization’s network and
records. When the device is owned by the employee,
other issues arise as to how the device is used and
secured.

The increase in cloud computing has also challenged
our personal and professional security and privacy.
Cloud computing refers to storing and accessing data
and computer programs on the Internet, rather than the
local hard drive of a computer. Common examples of
cloud computing for personal use include Google
Drive, Apple iCloud, and Amazon. Cloud computing
allows for easy syncing of separate devices to promote
sharing and collaboration (Griffith, 2016). According to
Jansen and Grance (2011), cloud computing “promises
to have far reaching effects on the systems and
networks of federal agencies and other organizations.
Many of the features that make cloud computing
attractive, however, can also be at odds with traditional
security models and controls” (p. vi). Healthcare
organizations are moving to the cloud because cloud
computing tends to be cheaper and faster, offers more
flexibility for work location, provides nearly immediate
disaster recovery, supports collaboration, provides
security, and offers frequent software updates
(Salesforce UK, 2015). However, there are important
security concerns related to cloud computing in health
care. Guccione (2015) offers these important

considerations for maintaining security in a cloud
environment:

BOX 12-3 POKEMON TARGETS

HOSPITAL

Informatics nurse specialists must be aware of
the uses of portable devices. In 2016, one
hospital in the Pittsburgh area was a site of a
popular game, and the administration was upset
because it creates a privacy issue for people
using their hospital as a search site. This
hospital actually contacted the game developer
to be removed from their game.

Hospitals must always be concerned about
privacy and safety issues within their control, but
also be on the alert for those outside their
control, such as the Pokemon Go game.
Pittsburgh’s Action News 4, Marcie Cipriani,
reported that Pokemon Go used West Penn
Hospital, part of Allegheny Health Network in
Pittsburgh, as a real-world location in the game.
The game utilizes enhanced reality, which
allows players to combine images from the real
world with those of the game. The Allegheny
Health Network officials stated that the exciting,
interactive game created concerns when it
brought players inside their hospital. They say
hunting Pokemon at the hospital created a

patient privacy issue and a safety concern.
Administrators warned those who are playing to
stay out of their hospitals and contacted the
game’s developer, who agreed to remove their
hospitals from the app. They have asked their
employees to be on the lookout for anyone
playing the app while they are walking around
the hospital and to contact security if they see
Pokemon Go players.

Data from Cipriani, M. (2016, July 30). Pokemon
Go targets Allegheny Health System hospitals in
Pittsburgh. Pittsburgh’s Action News 4.
Retrieved from
http://www.wtae.com/news/pokemon-go-
players-not-welcome-at-allegheny-health-
network-hospitals/40946828

First, a cloud service should be have
client-side encryption of data, which both
protects files on the local hard drive as
well as in the cloud. Second, a secure
cloud service should offer multi-factor
authentication to add an extra layer of
access control for all users. Finally, a
secure cloud provider should either
provide data loss prevention tools to
protect the stored data or allow an
organization to extend its DLP protocols
to the cloud. In both cases, the

organization is alerted immediately the
moment a user attempts to send sensitive
files to an outside source. (para. 5)

It is clear that healthcare organizations need to be
extra vigilant about their data security when using
cloud computing. However, as we emphasized several
times in this chapter, employee training on security
measures may be the most important defense,
because “the latest techniques for cyber theft are much
less about breaching networks from the outside, such
as through the cloud service, than they are exploiting
holes inside an organization, particularly from careless
employees” (Guccione, 2015, para. 9).

Summary
Technology changes so quickly that even the most
diligent user will likely encounter a situation that could
constitute a threat to his or her network. Organizations
must provide their users with the proper training to help
them avoid known threats and—more importantly—be
able to discern a possible new threat. Consider that 10
years ago wireless networks were the exception to the
rule, where today access to wireless networks is
almost taken for granted. How will computer networks
be accessed 10 years from now? The most important
concept to remember from this chapter is that the only
completely safe network is one that is turned off.

Network accessibility and network availability are
necessary evils that pose security risks. The
information must be available to be accessed, yet
remain secured from hackers, unauthorized users, and
any other potential security breaches. As the cloud
expands, so do the concerns over security and privacy.
In an ideal world, everyone would understand the
potential threats to network security and would
diligently monitor and implement tools to prevent
unauthorized access of their networks, data, and
information.

THOUGHT-PROVOKING QUESTIONS

1. Sue is a chronic obstructive pulmonary
disorder clinic nurse enrolled in a
master’s education program. She is
interested in writing a paper on the factors
that are associated with poor compliance
with medical regimens and associated
repeat hospitalization of chronic
obstructive pulmonary disorder patients.
She downloads patient information from
the clinic database to a thumb drive that
she later accesses on her home
computer. Sue understands rules about
privacy of information and believes that
because she is a nurse and needs this
information for a graduate school
assignment, she is entitled to the

information. Is Sue correct in her
thinking? Describe why she is or is not
correct.

2. The nursing education department of a
large hospital system has been
centralized; as a consequence, the nurse
educators are no longer assigned to one
hospital but must now travel among all of
the hospitals. They use their smartphones
to interact and share data and
information. What are the first steps you
would take to secure these transactions?
Describe why each step is necessary.

3. Research cloud computing in relation to
health care. What are the major security
and privacy challenges? Please choose
three and describe them in detail.

References
Caldwell, T. (2011). Ethical hackers:

Putting on the white hat. Network
Security, 2011(7), 10–13.
doi:10.1016/S1353-4858(11)70075-7

Degaspari, J. (2010). Staying ahead of the
curve on data security. Healthcare
Informatics, 27(10), 32–36.

Goldsborough, R. (2016). Protecting
yourself from ransomware. Teacher
Librarian, 43(4), 70–71.

Griffith, E. (2016). What is cloud
computing? PCMag. Retrieved from
http://www.pcmag.com/article2/0,2817,2372163,00.asp

Greenberg, A. (2015). Human error cited
as leading contributor to breaches,
study shows. SC Magazine. Retrieved
from
http://www.scmagazine.com/study-
find-carelessness-among-top-
human-errors-affecting-
security/article/406876

Guccione, D. (2015). Is the cloud safe for
healthcare? Healthcare Informatics.
Retrieved from
http://www.healthcare-
informatics.com/article/cloud-safe-
healthcare

Health Information and Management
Systems Society (HIMSS). (2015)
2015 HIMSS Cybersecurity Survey.
Retrieved from
http://www.himss.org/2015-
cybersecurity-survey/executive-
summary

Jansen, W., & Grance, T. (2011). National
Institute of Standards and Technology
(NIST): Guidelines on security and
privacy in public cloud computing.
Retrieved from
https://cloudsecurityalliance.org/wp-
content/uploads/2011/07/NIST-Draft-
SP-800-144_cloud-computing.pdf

Mowry, M., & Oakes, R. (n.d.). Not too
tight, not too loose. Healthcare
Informatics, Healthcare IT Leadership,
Vision & Strategy. Retrieved from
http://www.healthcare-
informatics.com/article/not-too-
tight-not-too-loose

Ponemon Institute. (2015, May). Fifth
annual benchmark study on privacy &

security of healthcare data. Retrieved
from
http://media.scmagazine.com/documents/121/healthcare_privacy_security_be_30019.pdf

Salesforce UK. (2015). Why move to the
cloud? Ten benefits of cloud
computing. Retrieved from
https://www.salesforce.com/uk/blog/2015/11/why-
move-to-the-cloud-10-benefits-of-
cloud-computing.html

Sullivan, T. (2012). Government health IT:
DHS lists top 5 mobile medical device
security risks. Retrieved from
http://www.govhealthit.com/news/dhs-
lists-top-5-mobile-device-security-
risks

TechTarget (n.d.). Social engineering.
Retrieved from
http://searchsecurity.techtarget.com/definition/social-
engineering

U.S. Department of Health and Human
Services. (2006). HIPAA security
guidance. Retrieved from
https://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/administrative/securityrule/remoteuse.pdf

U.S. Department of Health and Human
Services. (n.d.). Implement privacy and
security protection measures.
Retrieved from
http://www.hrsa.gov/healthit/toolbox/healthitimplementation/implementationtopics/ensureprivacysecurity/ensureprivacysecurity_9.html

CHAPTER 13: Workflow
and Beyond Meaningful
Use

Dee McGonigle, Kathleen Mastrian, and Denise
Hammel-Jones

Objectives
1. Provide an overview of the purpose of

conducting workflow analysis and design.
2. Deliver specific instructions on workflow

analysis and redesign techniques.
3. Cite measures of efficiency and

effectiveness that can be applied to
redesign efforts.

4. Explore meaningful use and beyond with
the Medicare Access and Summary CHIP
Reauthorization Act.

Key Terms
» Alternative Payment Models (APMs)

» American Recovery and Reinvestment
Act (ARRA)

» Bar-code medication administration
(BCMA)

» Clinical transformation

» Computerized provider order entry
(CPOE)

» Electronic health records (EHRs)

» Events

» Health information exchange (HIE)

» Health information technology (HIT)

» Information systems

» Interactions

» Lean

» Meaningful use (MU)

» Medical home models

» Medicare Access and CHIP
Reauthorization Act of 2015 (MACRA)

» Merit-Based Incentive Payment System
(MIPS)

» Metrics

» Process analysis

» Process map

» Process owners

» Qualified Clinical Data Registries
(QCDRs)

» Quality

» Quality payment program (QPP)

» Six Sigma

» Tasks

» Work process

» Workflow

» Workflow analysis

Introduction
The healthcare environment has grown more complex
and continues to evolve every day. Unfortunately, the
complexities that help clinicians to deliver better care

and improve patient outcomes also take a toll on the
clinicians themselves. This toll is exemplified through
hours spent learning new technology, loss in
productivity as the user adjusts and adapts to new
technology, and unintended workflow consequences
from the use of technology.

Despite the perceived negative downstream effects to
end users and patients as a result of technology, this
very same technology can improve efficiency and yield
a leaner healthcare environment. The intent of this
chapter is to outline the driving forces that create the
need to redesign workflow as well as to elucidate what
the nurse needs to know about how to conduct
workflow redesign, measure the impact of workflow
changes, and assess the impact of meaningful use.

Workflow Analysis Purpose
According to the American Association for Justice
(2016),

Research has confirmed that 440,000
people die every year because of
preventable medical errors. That is
equivalent to almost the entire population
of Atlanta, Georgia dying from a medical
error each year. Preventable medical
errors are the third leading cause of
death in the United States and cost our

country tens of billions of dollars a year.
(para. 1)

Not only is there an impact on patients and their
families from these errors, but there is also a significant
financial impact on healthcare organizations. Clearly,
we must minimize these errors, and one of the most
important tools for this purpose is the use of electronic
health records and information systems to provide
point-of-care decision support and automation. The key
point is that most of these errors are preventable and
we must find ways to prevent them.

Technology can provide a mechanism to improve care
delivery and create a safer patient environment,
provided it is implemented appropriately and considers
the surrounding workflow. In an important article by
Campbell, Guappone, Sittig, Dykstra, and Ash (2009),
the authors suggested that technology implemented
without consideration of workflow can provide greater
patient safety concerns than no technology at all.
Computerized provider order entry (CPOE) causes
us to focus more specifically on workflow
considerations. These workflow implications are
referred to as the unintended consequences of CPOE
implementation; they are just some of the effects of
poorly implemented technology. The Healthcare
Information Management Systems Society (HIMSS,
2010) ME-PI Toolkit addressed workflow redesign and

considered why it is so critical to successful technology
implementations. Thompson, Kell, Shetty, and
Banerjee (2016) stated “By partnering clinicians with
informaticists we strove to leverage the power of the
electronic medical record (EMR) to reduce heart failure
readmissions and improve patient transitions back to
the community” (p. 380). They concluded that
“Partnering with clinical informatics enabled the
multidisciplinary team to leverage the power of the
EMR in supporting and tracking new clinical workflows
that impact patient outcomes” (p. 380). This
multidisciplinary team believed that their success could
reshape how healthcare providers facilitate patient
discharge and the transition home. Leveraging the
multidisciplinary team and EMR could provide a model
for patient-centered and cost-effective care that could
extend beyond their patients with heart failure.

Technology is recognized to have a potentially positive
effect on patient outcomes. Nevertheless, even with
the promise of improving how care is delivered,
adoption of technology has been slow. The cost of
technology solutions such as CPOE, barcode
medication administration (BCMA), and electronic
health records (EHRs) remain staggeringly high. The
cost of technology, coupled with the lengthy timelines
required to develop and implement such technology,
has put this endeavor out of reach for many healthcare
organizations. In addition, upgrades or enhancements
to the technology are often necessary either mid-

implementation or shortly after a launch, leaving little
time to focus efforts on the optimization of the
technology within the current workflow. Furthermore,
the existence of technology does not in itself guarantee
that it will be used in a manner that promotes better
outcomes for patients.

Given the sluggish adoption of technology, in 2009 the
U.S. government took an unprecedented step when it
formally recognized the importance of health
information technology (HIT) for patient care
outcomes. As a result of the provisions of American
Recovery and Reinvestment Act (ARRA), healthcare
organizations can qualify for financial incentives based
on the level of meaningful use achieved. Meaningful
use (MU) refers to the rules and regulations
established by the ARRA. The three stages of MU
were part of an EHR incentive program. During stage
1, the focus was on data capturing and sharing. Stage
2 focused on advanced clinical processes, and stage 3
sought to improve outcomes. Stage 1 was initiated
during 2011–2012, stage 2 began in 2014, and stage 3
was to be launched in 2016/2017 and was intended to
last through 2019 and beyond (Centers for Medicare &
Medicaid Services [CMS], 2016a). However, with the
new goal of paying for value and better care, the
Medicare Access and CHIP Reauthorization Act of
2015 (MACRA) reformed Medicare payments by
making changes that created a quality payment
program (QPP) to replace the hodgepodge system of

Medicare reporting programs (CMS, 2016b; see
Figure 13-1). The MACRA QPP has two paths—Merit-
Based Incentive Payment System (MIPS) or
Alternative Payment Models (APMs)—that will be in
effect through 2021 and beyond (CMS, 2016b). The
MACRA requirements for the measure development
plan consist of the following:

Figure 13-1 MACRA

Multipayer applicability
Coordination and sharing across measure
developers
Clinical practice guidelines
Evidence base for non-endorsed measures
Gap analysis
Quality domains and priorities
Applicability of measures across healthcare settings
Clinical practice improvement activities
Considerations for electronic specifications and
Qualified Clinical Data Registries (QCDRs)
(CMS, 2016c, p. 16).

According to Hagland (2016), MACRA, MIPS, and
APMs will:

Allow physicians and other clinicians to choose to
select the measures that reflect how technology
best suits their day-to-day practice
Simplify the process for achievement and provide
multiple paths for success
Align with the Office for the National Coordinator for
Health Information Technology’s 2015 edition
Health IT Certification Criteria
Emphasize interoperability, information exchange,
and security measures and give patients access to
their information through APIs (application program
interfaces)
Reduce the number of measures to an all-time low
of 11 measures, down from 18 measures, and no
longer require reporting on the clinical decision
support and CPOE measures
Exempt certain physicians from reporting when
EHR technology is less applicable to their practice
and allow physicians to report as a group (para. 4).

For an organization that seeks to meet these
measures, the data to support these measures must be
gathered and reported on electronically—necessitating
the use of technology in all patient care areas. The
successful implementation of the measurement
development plan “depends on a successful
partnership with patients, frontline clinicians, and

professional organizations and collaboration with other
diverse stakeholders to develop measures that are
meaningful to patients and clinicians and can be used
across payers and health care settings” (CMS, 2016c,
p. 64). Many of the quality reporting measures rely on
nursing and medical documentation. Most healthcare
personnel already use EHRs, but MACRA measures
will push healthcare organizations to reexamine the
use of clinical technologies within their organization
and approach implementations in a new way.

Not only is there a potential for patient safety and
quality issues to arise from technology implementations
that do not address workflow, but a financial impact to
the organization is possible as well. All organizations,
regardless of their industry, must operate efficiently to
maintain profits and continue to provide services to
their customers. For hospitals, which normally have
significantly smaller profit margins than other
organizations, the need to maintain efficient and
effective care is essential for survival. Given that
hospital profit margins are diminishing, never has there
been a more crucial time to examine the costs of errors
and poorly designed workflows and the financial
burden they present to an organization than now.
Moreover, what are the costs to an organization that
fails to address the integration of technology? This is
an area where few supporting data exist to substantiate
the claim that technology without workflow
considerations can, in fact, impact the bottom line.

Today, many healthcare organizations are experiencing
the effects of poorly implemented clinical technology
solutions. These effects may be manifested in the form
of redundant documentation, non-value-added steps,
and additional time spent at the computer rather than in
direct care delivery. For example, Gugerty et al. (2007)
studied the challenges and opportunities in nursing
documentation and determined that it was possible to
decrease the time a nurse spends documenting per
shift by 25%. Technology ought not to be implemented
for the sake of automation unless it promises to deliver
gains in patient outcomes and proper workflow. In fact,
the cost to organizations for duplicate/redundant
documentation by nursing can range from $6,500 to
$13,000 per nurse, per year (Clancy, Delaney,
Morrison, & Gunn, 2006). Stokowski (2013) found
other issues, such as systems that are slow, freeze,
lose data, and “don’t dump data from monitors and
screening devices into the EHR in real time” slowing
the documentation process and increasing the amount
of time the nurse must spend on the computer and not
in direct patient care (p. 9).

Examining the workflow surrounding the use of
technology enables better use of the technology and
more efficient work. It also promotes safer patient care
delivery. The need to focus on workflow and
technology is attracting increasing recognition,
although there remains a dearth of literature that

addresses the importance of this area. As more
organizations work to achieve a level of technology
adoption that will enable them to meet MACRA
measures and receive financial payments, we will likely
see more attention paid to the area of workflow design
and, therefore, a greater body of research and
evidence (AHRQ, n.d.; Qualis Health, 2011; Yuan,
Finley, Long, Mills, & Johnson, 2013).

Workflow and Technology
Workflow is a term used to describe the action or
execution of a series of tasks in a prescribed
sequence. Another definition of workflow is a
progression of steps (tasks, events, interactions) that
constitute a work process, involve two or more
persons, and create or add value to the organization’s
activities. In a sequential workflow, each step depends
on the occurrence of the previous step; in a parallel
workflow, two or more steps can occur concurrently.
The term workflow is sometimes used interchangeably
with process or process flows, particularly in the
context of implementations. Observation and
documentation of workflow to better understand what is
happening in the current environment and how it can
be altered is referred to as process or workflow
analysis. A typical output of workflow analysis is a
visual depiction of the process, called a process map.
The process map ranges from simplistic to fairly
complex and provides an excellent tool to identify

specific steps. It also can provide a vehicle for
communication and a tool upon which to build
educational materials as well as policies and
procedures.

One school of thought suggests that technology should
be designed to meet the needs of clinical workflow
(Yuan et al., 2013). This model implies that system
analysts have a high degree of control over screen
layout and data capture. It also implies that technology
is malleable enough to allow for the flexibility to adapt
to a variety of workflow scenarios. Lessons learned
from more than three decades of clinical technology
implementations suggest that clinical technologies still
have a long way to go on the road to maturity to allow
this to be possible. The second and probably most
prevalent thought process is that workflow should be
adapted to the use of technology. Today, this is by far
the most commonly used model given the progress of
clinical technology. Bucur et al. (2016) developed
clinical models to support clinical decision making that
were inserted into the workflow models. This system
integrates a workflow suite and functionality for the
storage, management, and execution of clinical
workflows and for the storage of traces of execution.
The knowledge models are integrated and run from the
workflow to support decisions at the right point in the
clinical process (Bucur et al., p. 152). The ability to
track and assess decision making throughout a clinical

course of care for a patient will enhance our knowledge
and improve patient care.

A concept that has gained popularity in recent years
relative to workflow redesign is clinical transformation.
Clinical transformation is the complete alteration of
the clinical environment and, therefore, this term
should be used cautiously to describe redesign efforts.
Earl, Sampler, and Sghort (1995) define transformation
as “a radical change approach that produces a more
responsive organization that is more capable of
performing in unstable and changing environments that
organizations continue to be faced with” (p. 31). Many
workflow redesign efforts are focused on relatively
small changes and not the widespread change that
accompanies transformational activities. Moreover,
clinical transformation would imply that the manner in
which work is carried out and the outcomes achieved
are completely different from the prior state—which is
not always true when the change simply involves
implementing technology. Technology can be used to
launch or in conjunction with a clinical transformation
initiative, although the implementation of technology
alone is not perceived as transformational.

Before undertaking transformative initiatives, the
following guidelines should be understood:

Leadership must take the lead and create a case
for transformation.

Establish a vision for the end point.
Allow those persons with specific expertise to
provide the details.
Think about the most optimal experience for both
the patient and the clinician.
Do not replicate the current state.
Focus on those initiatives that offer the greatest
value to the organization.
Recognize that small gains have no real impact on
transformation.

Optimization
Most of what has been and will be discussed in this
chapter is related to workflow analysis in conjunction
with technology implementations. Nevertheless, not all
workflow analysis and redesign occurs prior to the
implementation of technology. Some analysis and
redesign efforts may occur weeks, months, or even
years following the implementation. When workflow
analysis occurs postimplementation, it is often referred
to as optimization. Optimization is the process of
moving conditions past their current state and into
more efficient and effective method of performing
tasks. Merriam-Webster Online Dictionary (2016)
considered optimization to be the act, process, or
methodology of making something (as a design,
system, or decision) as fully perfect, functional, or
effective as possible. Some organizations will routinely
engage in optimization efforts following an

implementation, whereas other organizations may
undertake this activity in response to clinician concerns
or marked change in operational performance.

Furthermore, workflow analysis can be conducted
either as a stand-alone effort or as part of an
operational improvement event. When the process is
addressed alone, the effort is termed process
improvement. Nursing informatics professionals should
always be included in these activities to represent the
needs of clinicians and to serve as a liaison for
technological solutions to process problems.
Additionally, informaticists will likely become
increasingly operationally focused and will need to
transform their role accordingly to address workflow in
an overall capacity as well as respective to technology.
As mentioned earlier, hospitals tend to operate with
smaller profit margins than other industries and these
profits will likely continue to diminish, forcing
organizations to work smarter, not harder—and to use
technology to accomplish this goal.

If optimization efforts are undertaken, the need to
revisit workflow design should not be considered a flaw
in the implementation approach. Even a well-designed
future-state workflow during a technology
implementation must be reexamined
postimplementation to ensure that what was projected
about the future state remains valid and to incorporate

any additional workflow elements into the process
redesign.

Exploring the topic of workflow analysis with regard to
clinical technology implementation will yield
considerably fewer literature results than searching for
other topical areas of implementation. More research is
needed in the area of the financial implications of
workflow inefficiencies and their impact on patient care.
Time studies require an investment of resources and
may be subject to patient privacy issues as well as the
challenges of capturing time measurements on
processes that are not exactly replicable. Another
confounding factor affecting the quality and quantity of
workflow research is the lack of standardized
terminology for this area. A comprehensive literature
search was conducted and published through the
Agency for Healthcare Quality and Research (AHRQ)
in 2008 as an evidence-based handbook for nurses;
this literature search yielded findings indicating that a
lack of standardized terminology in the area of
workflow and publications on this topic have made it a
difficult topic to support through research findings.

What all organizations ultimately strive for is efficient
and effective delivery of patient care. The terms
efficient and effective are widely known in quality areas
or Six Sigma and Lean departments, but are not
necessarily known or used in informatics. Effective
delivery of care or workflow suggests that the process

or end product is in the most desirable state. An
efficient delivery of care or workflow would mean that
little waste—that is, unnecessary motion,
transportation, over-processing, or defects—was
incurred. Health systems such as Virginia Mason
University Medical Center, among others, have
experienced significant quality and cost gains from the
widespread implementation of Lean development
throughout their organization.

Workflow Analysis and
Informatics Practice
The American Nurses Association (ANA), in Nursing
Informatics: Scope and Standards of Practice (2015),
defined functional areas of practice for the informatics
nurse specialist (INS). The functional area of analysis
identified the specific functional qualities related to
workflow analysis. Particularly, the ANA indicated that
the INS should develop techniques necessary to
assess and improve human–computer interaction.
Workflow analysis, however, is not relevant solely to
analysis, but rather is part of every functional area the
INS engages in. The functional areas covered by
consultants, researchers, and other areas need to
understand workflow and appreciate how lack of
efficient workflow affects patient care.

A critical aspect of the informatics role is workflow
design. Nursing informatics is uniquely positioned to
engage in the analysis and redesign of processes and
tasks surrounding the use of technology. The ANA
(2015) cites workflow redesign as one of the
fundamental skills sets that make up the discipline of
this specialty. Moreover, workflow analysis should be
part of every technology implementation, and the role
of the informaticist within this team is to direct others in
the execution of this task or to perform the task directly.

Case Study

In my experience consulting, I have seen
several examples of organizations that engage
in the printing of paper reports that replicate
information that has been entered and is
available with the electronic health record.
These reports are often reviewed, signed, and
acted on, instead of using the electronic
information. Despite the knowledge that the
information contained in these reports was
outdated the moment the report was printed and
that the very nature of using the report for
workflow is an inefficient practice, this method of
clinical workflow remains prevalent in many
hospitals across the United States.

There is an underlying fear that drives the
decisions to mold a paper-based workflow

around clinical technology. There is also a lack
of the appropriate amount of integration that
would otherwise allow this information to be
available in an electronic form.

Unfortunately, many nurses find themselves in an
informatics capacity without sufficient preparation for a
process analysis role. One area of practice that is
particularly susceptible to inadequate preparation is the
ability to facilitate process analysis. Workflow analysis
requires careful attention to detail and the ability to
moderate group discussions, organize concepts, and
generate solutions. These skills can be acquired
through a formal academic informatics program or
through courses that teach the discipline of Six Sigma
or Lean, by example. Regardless of where these skills
are acquired, it is important to understand that they are
now and will continue to remain a vital aspect of the
informatics role.

Some organizations have felt strongly enough about
the need for workflow analysis that departments have
been created to address this very need. Whether the
department carries the name of clinical excellence,
organizational effectiveness, or Six Sigma/Lean, it is
critical to recognize the value this group can offer
technology implementations and clinicians.

As we examine how workflow analysis is conducted,
note that while the nursing informaticist is an essential
member of the team to participate in or enable
workflow analysis, a team dedicated to this effort is
necessary for its success.

Building the Design Team
The workflow redesign team is an interdisciplinary
team consisting of “process owners.” Process owners
are those persons who directly engage in the workflow
to be analyzed and redesigned. These individuals can
speak about the intricacy of process, including process
variations from the norm. When constructing the team,
it is important to include individuals who are able to
contribute information about the exact current-state
workflow and offer suggestions for future-state
improvement. Members of the workflow redesign team
should also have the authority to make decisions about
how the process should be redesigned. This authority
is sometimes issued by managers, or it could come
from participation of the managers directly. Such a
careful blend of decision makers and “process owners”
can be difficult to assemble but is critical for forming
the team and enabling them for success. Often,
individuals at the manager level will want to participate
exclusively in the redesign process. While having
management participate provides the advantage of
having decision makers and management-level buy-in,
these individuals may also make erroneous

assumptions about how the process should be versus
how the process is truly occurring. Conversely,
including only process owners who do not possess the
authority to make decisions can slow down the work of
the team while decisions are made outside the group
sessions.

Team focus needs to be addressed at the outset of the
team’s assembly. Early on, the team should decide
which workflow will be examined to avoid confusion or
spending time unnecessarily on workflow that does not
ultimately matter to the outcome. In the early stages of
workflow redesign, the team should define the
beginning and end of a process and a few high-level
steps of the process. Avoid focusing on process steps
in great detail in the beginning, as the conversation can
get sidetracked or team members may get bogged
down by focusing on details and not move along at a
good pace. Six Sigma expert George Eckes uses the
phrase “Stay as high as you can as long as you can”—
a good catch phrase to remember to keep the team
focused and at a high level. The pace at which any
implementation team progresses ultimately affects the
overall timeline of a project; therefore, focus and speed
are skills that the informatics expert should develop
and use throughout every initiative, but particularly
when addressing workflow redesign.

The workflow redesign team will develop a detailed
process map after agreement is reached on the

current-state process’s beginning and end points, and
a high-level map depicting the major process steps is
finalized. Because workflow crosses many different
care providers, it may be useful to construct the
process map using a swim-lane technique (Figure 13-
2). A swim-lane technique uses categories such as
functional workgroups and roles to visually depict
groups of work and to indicate who performs the work.
The resulting map shows how workflow and data
transition to clinicians and can demonstrate areas of
potential process and information breakdowns.

Figure 13-2 Example of the Swim Lane Technique

Courtesy of Greencastle Associates Consulting and Atlantic Health.

Reprinted by permission.

It may take several sessions of analysis to complete a
process map, as details are uncovered and

workarounds discussed. There is a tendency for
individuals who participate in process redesign
sessions to describe workflow as they believe it to be
occurring, rather than not how it really is. The
informatics expert and/or the process team facilitator
should determine what is really happening, however,
and capture that information accurately. Regardless of
whether a swim-lane or simplistic process map design
is used, the goal is to capture enough details to
accurately portray the process as it is happening today.

Other techniques (aside from process mapping) may
be used to help the team understand the workflow as it
exists in the current state. The future-state workflow
planning will be only as good as the reliability of the
current state; thus it is crucial to undertake whatever
other actions are needed to better understand what is
happening in the current state. Observation, interviews,
and process or waste walks are also helpful in
understanding the current state.

Value Added Versus Non–Value Added
Beyond analysis of tasks, current-state mapping
provides the opportunity for the process redesign team
to distinguish between value-added and non-value-
added activities. A value-added activity or step is one
that ultimately brings the process closer to completion
or changes the product or service for the better. An
example of a value-added step would be placing a

name tag on a specimen sample. The name tag is
necessary for the laboratory personnel to identify the
specimen and, therefore, its placement is an essential
or value-added step in the process. Some steps in a
process do not necessarily add value but are
necessary for regulatory or compliance reasons. These
steps are still considered necessary and need to be
included in the future process. A non-value-added step,
in contrast, does not alter the outcome of a process or
product. Activities such as handling, moving, and
holding are not considered value-added steps and
should be evaluated during workflow analysis.
Manipulating papers, moving through computer
screens, and walking or transporting items are all
considered non-value-added activities.

The five whys represent one technique to drive the
team toward identifying value-added versus non-value-
added steps. The process redesign facilitator will query
the group about why a specific task is done or done in
a particular way through a series of questions asking
“why?” The goal is to uncover tasks that came about
due to workarounds or for other unsubstantiated
reasons. Tasks that are considered non–value added
and are not necessary for the purpose of compliance or
regulatory reasons should be eliminated from the
future-state process. The team’s purpose in
redesigning workflow is to eliminate steps in a process
that do not add value to the end state or that create
waste by their very nature.

Waste
A key underpinning of the Lean philosophy is the
removal of waste activities from workflow. Waste is
classified as unnecessary activities or an excess of
products to perform tasks. The seven categories listed
here are the most widely recognized forms of waste:

Overproduction: pace is faster than necessary to
support the process
Waiting
Transport
Inappropriate processing: over-processing
Unnecessary inventory: excess stock
Unnecessary motion: bending, lifting, moving, and
so on
Defects: reproduction

Variation
The nature of the work situation for the nurse is one of
frequent interruptions causing the workflow to be
disrupted and increasing the chance of error (Yuan et
al., 2013). Variation in workflow is considered the
enemy of all good processes and, therefore, should be
eliminated when possible. Variation occurs when
workers perform the same function in different ways. It
usually arises because of flaws in the way a process
was originally designed, lack of knowledge about the

process, or inability to execute a process as originally
designed due to disruption or disturbances in the
workflow. Examining the process as it exists today will
help with identifying variation. A brief statement about
variation that cannot be eliminated: Processes that
involve highly customized products or services are
generally not conducive to standardization and the
elimination of variation inherent to the process.

Some argue that delivery of care is subject to variation
owing to its very nature and the individual needs of
patients. There is little doubt that each patient’s care
should be tailored to meet his or her specific needs.
Nevertheless, delivery of care involves some common
processes that can be standardized and improved
upon without jeopardizing care.

Transitioning to the Future State
Following redesign efforts, regardless of whether they
occurred during or after an implementation or as a
stand-alone process improvement event, steps must
be taken to ensure that change takes hold and the new
workflow continues after the support team has
disbanded. Management support and involvement
during the transition phase is essential, as
management will be necessary to enforce new
workflow procedures and further define/refine roles and
responsibilities. Documentation of the future-state
workflow should have occurred during the redesign

effort but is not completely finished until after the
redesign is complete and the workflow has become
operational. Policies and procedures are addressed
and rewritten to encompass the changes to workflows
and role assignments. Help desk, system analyst,
nursing education, and other support personnel need
to be educated about the workflow specifics as part of
the postimprovement effort. It is considered good
practice to involve the operational staff in the future
process discussions and planning so as to incorporate
specifics of these areas and ensure the buy-in of the
staff.

When workflow changes begin to fail and workarounds
develop, they signal that something is flawed about the
way in which the new process was constructed and
needs to be evaluated further. The workflow redesign
team is then brought together to review and, if
necessary, redesign the process.

The future state is constructed with the best possible
knowledge of how the process will ideally work. To
move from the current state to the future state, gap
analysis is necessary. Gap analysis zeros in on the
major areas most affected by the change—namely,
technology. What often happens in redesign efforts is
an exact or near-exact replication of the current state
using automation. The gap analysis discussion should
generate ideas from the group about how best to utilize
the technology to transform practice. A prudent step is

to consider having legal and risk representatives at the
table when initiating future-state discussions to identify
the parameters within which the group should work;
nevertheless, the group should not assume the existing
parameters are its only boundaries.

Future-state process maps become the basis of
educational materials for end users, communication
tools for the project team, and the foundation of new
policies and procedures. Simplified process maps
provide an excellent schematic for communicating
change to others.

Informatics as a Change Agent
Technology implementations represent a significant
change for clinicians, as does the workflow redesign
that accompanies adoption of technology. Often the
degree of change and its impact are underappreciated
and unaccounted for by leadership and staff alike. A
typical response to change is anger, frustration, and a
refusal to accept the proposed change. All of these
responses should be expected and need to be
accounted for; thus a plan to address the emotional
side of change is developed early on. Every workflow
redesign effort should begin with a change
management plan (Figure 13-3). Engagement of the
end user is a critical aspect of change management
and, therefore, technology adoption. Without end-user
involvement, change is resisted and efforts are subject

to failure. Users may be engaged and brought into the
prospective change through question-and-answer
forums, technology demonstrations, and frequent
communications regarding change, and as department-
specific representatives in working meetings.

Figure 13-3 Change Management

© Digital Storm/Shutterstock

Many change theories have been developed. No
matter which change theory is adopted by the
informatics specialist, however, communication,
planning, and support are key factors in any change
management strategy. Informaticists should become
knowledgeable about at least one change theory and
use this knowledge as the basis for change
management planning as part of every effort. John

Kotter (1996), one of the most widely recognized
change theorists, suggested the following conditions
must be addressed to deal with change in an
organization:

Education and communication
Participation and involvement
Facilitation and support
Negotiation and agreement
Manipulation and co-optation
Explicit and implicit coercion

In the HIMSS (2015) Nursing Informatics Impact
survey, nursing informaticists were identified as the
most significant resource in a project team that
influences adoption and change management. Nurses
bring to such teams their ability to interact with various
clinicians, their knowledge of clinical practice, and their
ability to empathize with the clinicians as they
experience the impact of workflow change. These
innate skills differentiate the nursing informaticist from
other members of the implementation team and are
highly desirable in the informatics community.

Nevertheless, no matter which change management
techniques are employed by the informatics specialist
and the project team, adoption of technology and
workflow may be slow to evolve. Change is often a
slow process that requires continual positive
reinforcement and involvement of supporting

resources. Failure to achieve strong adoption results
early on is not necessarily a failure of the methods
utilized, but rather may be due to other factors not
entirely within the control of the informaticist.

Perhaps a complete alteration in behavior is not
possible, but modifications to behaviors needed to
support a desired outcome can be realized. This
situation is analogous to the individual who stops
smoking; the desire for the cigarette remains, but the
behavior has been modified to no longer sustain
smoking. To manage change in an organization, nurses
must modify behavior to produce the intended
outcome.

Change takes hold when strong leadership support
exists. This support manifests itself as a visible
presence to staff, clear and concise communications,
an unwavering position, and an open door policy to
field concerns about change. Too often, leadership
gives verbal endorsement of change and then fails to
follow through with these actions or withdraws support
when the going gets tough. Inevitability, if leadership
wavers, so too will staff.

Measuring the Results
Metrics provide understanding about the performance
of a process or function. Typically within clinical
technology projects, we identify and collect specific

metrics about the performance of the technology or
metrics that capture the level of participation or
adoption. Equally important is the need for process
performance metrics. Process metrics are collected at
the initial stage of project or problem identification.
Current-state metrics are then benchmarked against
internal indicators. When there are no internal
indicators to benchmark against, a suitable course of
action is to benchmark against an external source such
as a similar business practice within a different
industry. Consider examining the hotel room change-
over strategy or the customer service approach of Walt
Disney Company or Ritz Carlton hotels, for example, to
determine suitable metrics for a particular project or
focus area.

The right workflow complement will provide the
organization with the data it needs to understand
operational and clinical performance. This area is
highlighted through the need for healthcare
organizations to capture MACRA measures. Good
metrics should tell the story of accomplishment. The
presence of technology alone does not guarantee an
organization’s ability to capture and report on these
measures without also addressing the surrounding
workflow. Metrics should focus on the variables of time,
quality, and costs. Table 13-1 provides examples of
relevant metrics.

Table 13-1 Examples of Metrics

Turnaround times Cycle times Throughput

Change-over time Set-up time System availability

Patient satisfaction Employee satisfaction

MACRA highlights the need for healthcare
organizations to collect information that represents the
impact of technology on patient outcomes.
Furthermore, data are necessary to demonstrate how a
process is performing in its current state. In spite of the
MACRA mandates, the need to collect data to
demonstrate improvement in workflow— though it
remains strong—is all too often absent in
implementation or redesign efforts. A team cannot
demonstrate improvements to an existing process
without collecting information about how the process is
performing today. Current-state measures also help the
process team validate that the correct area for
improvement was identified. Once a process
improvement effort is over and the new solution has
been implemented, postimprovement measures should
be gathered to demonstrate progress.

In some organizations, the informatics professional
reports to the director of operations, the chief
information officer, or the chief operations officer. In this
relationship, the need to demonstrate operational
measures is even stronger. Operational measures such

as turnaround times, throughput, and equipment or
technology availability are some of the measures
captured.

Future Directions
Workflow analysis is not an optional part of clinical
implementations, but rather a necessity for safe patient
care supported by technology. The ultimate goal of
workflow analysis is not to “pave the cow path,” but
rather to create a future-state solution that maximizes
the use of technology and eliminates non-value-added
activities. Although many tools to accomplish workflow
redesign are available, the best method is the one that
complements the organization and supports the work
of clinicians. Redesigning how people do work will
evidentially create change; thus the nursing
informaticist will need to apply change management
principles for the new way of doing things to take hold.

Workflow analysis has been described in this chapter
within the context of the most widely accepted tools
that are fundamentally linked to the concepts of Six
Sigma/Lean. Other methods of workflow analysis exist
and may become commonly used to assess clinical
workflow. An example of an alternative workflow
analysis tool is the use of radio frequency badges to
detect movement within a defined clinical area.
Clinician and patient movements may be tracked using
these devices, and corresponding actions may be

documented, painting a picture of the workflow for a
specific area (Vankipuram, 2010).

Another example of a workflow analysis tool involves
the use of modeling software. An application such as
ProModel provides images of the clinical work area
where clinician workflows can be plotted out and
reconfigured to best suit the needs of a specific area.
Simulation applications enable decision makers to
visualize realistic scenarios and draw conclusions
about how to leverage resources, implement
technology, and improve performance. Other vendors
that offer simulation applications include Maya and
Autodesk.

Healthcare organizations need to consider how other
industries have analyzed and addressed workflow to
streamline business practices and improve quality
outputs to glean best practices that might be
incorporated into the healthcare industry’s own clinical
and business approaches. First, however, each
healthcare organization must step outside itself and
recognize that not all aspects of patient care are
unique; consequently, many aspects of care can be
subjected to standardization. Many models of workflow
redesign from manufacturing and the service sector
can be extrapolated to health care. The healthcare
industry is facing difficult economic times and can
benefit from performance improvement strategies used
in other industries.

Although workflow analysis principles have been
described within the context of acute and ambulatory
care in this chapter, the need to perform process
analysis on a macro level will expand as more
organizations move forward with health information
exchanges and medical home models. A health
information exchange (HIE) requires the nursing
informaticist to visualize how patients move through the
entire continuum of care and not just a specific patient
care area.

Technology initiatives will become increasingly complex
in the future. In turn, nursing informaticists will need
greater preparation in the area of process analysis and
improvement techniques to meet the growing
challenges that technology brings and the operational
performance demands of fiscally impaired healthcare
organizations.

Summary
Meaningful use (MU) reflected the rules and
regulations arising from ARRA. MACRA has changed
the game and how payment will be determined. EHR
adoptions “represent a small step rather than a giant
leap forward” (Murphy, 2013, para. 1). Workflows
integrating technology provide the healthcare
professional with the data necessary to make informed

decisions. This quality data must be collected and
captured to meet MACRA measures. Nurses must be
involved in “meaningful data collection and reporting.
Documentation by nurses can tell what’s going on with
the patient beyond physical exams, test results, and
procedures” (Daley, 2013, para. 5).

Workflow redesign is a critical aspect of technology
implementation. When done well, it yields technology
that is more likely to achieve the intended patient
outcomes and safety benefits. Nursing informatics
professionals are taking on a greater role with respect
to workflow design, and this aspect of practice will grow
in light of MACRA-driven measures. Other initiatives
that impact hospital performance will also drive
informatics professionals to influence how technology
is used in the context of workflow to improve the
bottom line for their organizations. In an ideal world,
nurse informaticists who are experts at workflow
analysis will be core members of every technology
implementation team.

THOUGHT-PROVOKING QUESTIONS

1. What do you perceive as the current
obstacles to redesigning workflow within
your clinical setting?

2. Thinking about your last implementation,
were you able to challenge the policies
and practices that constitute today’s

workflow or were you able to create a
workflow solution that eliminated non–
value-added steps?

3. Is the workflow surrounding technology
usage providing the healthcare
organization with the data it needs to
make decisions and eventually meet
MACRA criteria?

4. How does the current educational
preparation need to change to address
the skills necessary to perform workflow
analysis and redesign clinical processes?

5. Describe the role of the nurse
informaticist as the payment programs
change related to MACRA.

References
Agency for Healthcare Research and

Quality (AHRQ). (n.d.). Workflow
assessment for health IT toolkit.
Retrieved from
http://healthit.ahrq.gov/health-it-
tools-and-resources/workflow-
assessment-health-it-toolkit

Agency for Healthcare Research and
Quality (AHRQ). (2008). Patient safety

and quality: An evidence-based
handbook for nurses. Retrieved from
http://www.ahrq.gov/qual/nurseshdbk

American Association for Justice. (2016).
Medical errors. Retrieved from
https://www.justice.org/what-we-
do/advocate-civil-justice-
system/issue-advocacy/medical-
errors

American Nurses Association. (2015).
Nursing informatics: Scope and
standards of practice (2nd ed.). Silver
Springs, MD: Author.

Bucur, A., van Leeuwen, J.,
Christodoulou, N., Sigdel, K., Argyri,
K., Koumakis, L., . . . Stamatakos, G.
(2016). Workflow-driven clinical
decision support for personalized
oncology. BMC Medical Informatics &
Decision Making, 16, 151–162.
doi:10.1186/s12911-016-0314-3

Campbell, E., Guappone, K., Sittig, D.,
Dykstra, R., & Ash, J. (2009).

Computerized provider order entry
adoption: Implications for clinical
workflow. Journal of General Internal
Medicine, 24(1), 21–26.

Centers for Medicare & Medicaid Services
(CMS). (2016a). Electronic health
records (EHR) incentive programs.
Retrieved from
https://www.cms.gov/Regulations-
and-
Guidance/Legislation/EHRIncentivePrograms/index.html

Centers for Medicare & Medicaid Services
(CMS). (2016b). MACRA: Delivery
system reform, Medicare payment
reform. Retrieved from
https://www.cms.gov/Medicare/Quality-
Initiatives-Patient-Assessment-
Instruments/Value-Based-
Programs/MACRA-MIPS-and-
APMs/MACRA-MIPS-and-APMs.html

Centers for Medicare & Medicaid Services
(CMS). (2016c). CMS quality measure
development plan: Supporting the
transition to the merit-based incentive

payment system (MIPS) and
alternative payment models (APMs).
Retrieved from
https://www.cms.gov/Medicare/Quality-
Initiatives-Patient-Assessment-
Instruments/Value-Based-
Programs/MACRA-MIPS-and-
APMs/Final-MDP.pdf

Clancy, T., Delaney, C., Morrison, B., &
Gunn, J. (2006). The benefits of
standardized nursing languages in
complex adaptive systems such as
hospitals. Journal of Nursing
Administration, 36(9), 426–434.

Daley, K. (2013). Making HIT meaningful
for nursing and patients. The American
Nurse. Retrieved from
http://www.theamericannurse.org/index.php/2011/08/01/making-
hit-meaningful-for-nursing-and-
patients

Earl, M., Sampler, J., & Sghort, J. (1995).
Strategies for business process
reengineering: Evidence from field

studies. Journal of Management
Information Systems, 12(1), 31–56.

Gugerty, B., Maranda, M. J., Beachley, M.,
Navarro, V. B., Newbold, S., Hawk, W.,
. . . Wilhelm, D. (2007). Challenges
and Opportunities in documentation of
the nursing care of patients. Baltimore,
MD: Documentation Work Group,
Maryland Nursing Workforce
Commission. Retrieved from
http://mbon.maryland.gov/Documents/documentation_challenges.pdf

Hagland, M. (2016). CMS announces
long-awaited MACRA proposed rule;
Program includes MU makeover for
MDs. Healthcare Informatics.
Retrieved from
http://www.healthcare-
informatics.com/article/breaking-
news-cms-announces-plan-replace-
meaningful-use-physicians-new-
quality-reporting

Healthcare Information Management
Systems Society (HIMSS). (2010). ME-
PI toolkit: Process management,

workflow & mapping: Tools, tips and
case studies to support the
understanding, optimizing and
monitoring of processes. Retrieved
from http://www.himss.org/me-pi-
toolkit-change-management

Healthcare Information Management
Systems Society (HIMSS). (2015).
Nursing informatics impact study.
Retrieved from
http://www.himss.org/ni-impact-
survey

Kotter, J. P. (1996). Leading change (pp.
33–147). Cambridge, MA: Harvard
Business Press.

Merriam-Webster Online Dictionary.
(2016). Optimization. Retrieved from
http://www.merriam-
webster.com/dictionary/optimization

Murphy, K. (2013). Nursing approach to
meaningful use, EHR adoption: CIO
series. Retrieved from
https://ehrintelligence.com/news/nursing-

approach-to-meaningful-use-ehr-
adoption-cio-series

Qualis Health. (2011). Workflow analysis.
Retrieved from
http://www.qualishealthmedicare.org/healthcare-
providers/improvement-
fundamentals/workflow-analysis

Stokowski, L. (2013). Electronic nursing
documentation: Charting new territory.
Medscape. Retrieved from
http://www.medscape.com/viewarticle/810573

Thompson, C., Kell, C., Shetty, R., &
Banerjee, D. (2016). Clinical workflow
redesign leveraging informatics
improves patient outcomes. Heart &
Lung, 45(4), 380–381.

Vankipuram, K. (2010). Toward automated
workflow analysis and visualization in
clinical environment. Journal of
Biomedical Informatics.
doi:10.1016/jbi.2010.05.015

Yuan, M., Finley, G., Long, J., Mills, C. &
Johnson, R. (2013). Evaluation of user
interface and workflow design of a
bedside nursing clinical decision
support system. Interactive Journal of
Medical Research, 2(1), e4.

SECTION IV: Nursing
Informatics Practice
Applications: Care Delivery

Chapter 14 The Electronic Health Record and
Clinical Informatics

Chapter 15 Informatics Tools to Promote Patient
Safety and Quality Outcomes

Chapter 16 Patient Engagement and Connected
Health

Chapter 17 Using Informatics to Promote
Community/Population Health

Chapter 18 Telenursing and Remote Access
Telehealth

Nursing information systems must support nurses as
they fulfill their roles in delivering quality patient care.
Such systems must be responsive to nurses’ needs,
allowing them to manage their data and information as
needed and providing access to necessary references,
literature sources, and other networked departments.
Nurses have always practiced in a field where they
have needed to use their ingenuity, resourcefulness,
creativity, initiative, and skills. To improve patient care

and advance the science of nursing, clinicians as
knowledge workers must apply these same abilities
and skills to become astute users of available
information systems.

In this section, the reader learns about clinical practice
tools, electronic health records, and clinical information
systems; informatics tools to enhance patient safety,
provide consumer information, and meet education
needs; population and community health tools; and
telehealth and telenursing.

Information systems, electronic documentation, and
electronic health records are changing the way nurses
and physicians practice. Nursing informatics systems
are also changing how patients enter and receive data
and information. Some institutions, for example, are
permitting patients to access their own records
electronically via the Internet or a dedicated patient
portal. Confidentiality and privacy issues loom with
these new electronic systems. HIPAA regulations
(covered in the Perspectives on Nursing Informatics
section) and professional ethics principles (covered in
the Building Blocks of Nursing Informatics section)
must remain at the forefront when clinicians interact
electronically with intimate patient data and
information.

The material within this book is placed within the
context of the Foundation of Knowledge model (Figure

IV-1) to meet the needs of healthcare delivery systems,
organizations, patients, and nurses. Readers should
continue to assess their personal knowledge
progression. The Foundation of Knowledge model
challenges us to reflect on how our knowledge
foundation is ever-changing and to appreciate that
acquiring new information is a key resource for
knowledge building. This section addresses the
information systems with which clinicians interact in
their healthcare environments as affected by
legislation, professional codes of ethics, consumerism,
and reconceptualization of practice paradigms, such as
in telenursing. All of the various nursing roles—
practice, administration, education, research, and
informatics—involve the science of nursing.

Figure IV-1 Foundation of Knowledge Model

Designed by Alicia Mastrian

CHAPTER 14: The
Electronic Health Record
and Clinical Informatics

Emily B. Barey, Kathleen Mastrian, and Dee McGonigle

Objectives
1. Describe the common components of an

electronic health record.
2. Assess the benefits of implementing an

electronic health record.
3. Explore the ownership of an electronic

health record.
4. Evaluate the flexibility of the electronic

health record in meeting the needs of
clinicians and patients.

Key Terms

» Administrative processes

» American Recovery and Reinvestment
Act of 2009 (ARRA)

» Connectivity

» Decision support

» Electronic communication

» Electronic health records

» Health information

» Health Information Technology for
Economic and Clinical Health Act of 2009
(HITECH)

» Interoperability

» Meaningful use

» Order entry management

» Patient support

» Population health management

» Reporting

» Results management

Introduction

The significance of electronic health records (EHRs)
to nursing cannot be underestimated. Although EHRs
on the surface suggest a simple automation of clinical
documentation, in fact their implications are broad,
ranging from the ways in which care is delivered, to the
types of interactions nurses have with patients in
conjunction with the use of technology, to the research
surrounding EHRs that will inform nursing practice for
tomorrow. Although EHR standards are evolving and
barriers to adoption remain, the collective work has a
positive momentum that will benefit clinicians and
patients alike.

A basic knowledge of EHRs and nursing informatics is
now considered by many to be an entry-level nursing
competency. Various nursing workgroups have
delineated nursing informatics competencies from entry
level to nursing informatics specialists, and other
groups have identified competencies specific to the
EHR. The American Health Information Management
Association (AHIMA) collaborated with the Health
Professions Network and the Employment and Training
Administration to create a graphic depiction of
competencies necessary for EHR interaction. The
Electronic Health Records Competency Model is
divided into six levels: Personal Effectiveness
Competencies, Academic Competencies, Workplace
Competencies, Industry-Wide Technical Competencies,
Industry-Sector Technical Competencies, and a
Management Competencies level shared with

Occupation Specific Requirements. The EHR
Competency Model can be viewed at:
www.careeronestop.org/CompetencyModel/competency-
models/electronic-health-records.aspx. Hovering
over each block in the model provides a definition of
each of the competencies covered by the model. For
example, the industry-sector technical competencies
section includes health information literacy and skills,
health informatics skills using the EHR, privacy and
confidentiality of health information, and health
information data technical security. This drive to adopt
EHRs was underscored with the passage of the Health
Information Technology for Economic and Clinical
Health Act of 2009 (HITECH). It is essential that EHR
competency be developed if nurses are to participate
fully in the changing world of healthcare information
technology.

This chapter has four goals. First, it describes the
common components of an EHR. Second, it reviews
the benefits of implementing an EHR. Third, it provides
an overview of successful ownership of an EHR,
including nursing’s role in promoting the safe adoption
of EHRs in day-to-day practice. Fourth, it discusses the
flexibility of an EHR in meeting the needs of both
clinicians and patients and emphasizes the need for
fully interoperable EHRs and clinical information
systems (CISs).

Setting the Stage
The U.S. healthcare system faces the enormous
challenge of improving the quality of care while
simultaneously controlling costs. EHRs were proposed
as one solution to achieve this goal (Institute of
Medicine [IOM], 2001). In January 2004, President
George W. Bush raised the profile of EHRs in his State
of the Union address by outlining a plan to ensure that
most Americans have an EHR by 2014. He stated that
“by computerizing health records we can avoid
dangerous medical mistakes, reduce costs, and
improve care” (Bush, 2004). This proclamation
generated an increased demand for understanding
EHRs and promoting their adoption, but relatively few
healthcare organizations were motivated at that time to
pursue adoption of EHRs. The Healthcare Information
and Management Systems Society (HIMSS) has been
tracking EHR adoption since 2005 through its “Stage 7”
award, and in 2013 reported that most U.S. healthcare
organizations (77%) were in Stage 3, reflecting only
implementation of the basic EHR components of
laboratory, radiology, and pharmacy ancillaries; a
clinical data repository, including a controlled medical
vocabulary; and simple nursing documentation and
clinical decision support (HIMSS, 2013). Higher stages
of the electronic medical record adoption model include
more sophisticated use of clinical decision support
systems (CDSSs) and medication administration tools,
with HIMSS Stage 7—the highest level—consisting of

EHRs that have data sharing and warehousing
capabilities and that are completely interfaced with
emergency and outpatient facilities (HIMSS Analytics,
2013). Real progress is being made on the adoption of
more robust EHRs. HIMSS Analytics (2015) reports
that 1,313 hospitals in the United States have achieved
Stage 6 with full physician documentation, a robust
CDSS, and electronic access to medical images.
Healthcare IT News (2015) reported that, to date, over
200 hospitals have achieved Stage 7 and are totally
paperless, and that more organizations reach this goal
every day.

In President Barack Obama’s first term in office,
Congress passed the American Recovery and
Reinvestment Act of 2009 (ARRA). This legislation
included the HITECH Act, which specifically sought to
incentivize health organizations and providers to
become meaningful users of EHRs. These incentives
came in the form of increased reimbursement rates
from the Centers for Medicare and Medicaid Services
(CMS); ultimately, the HITECH Act resulted in payment
of a penalty by any healthcare organization that had
not adopted an EHR by January 2015. The final rule
was published by the Department of Health and
Human Services (USDHHS) in July 2010 for the first
phase of implementation. Stage 1 meaningful use
criteria focused on data capture and sharing
(USDHHS, 2010a). Stage 2 criteria, implemented in
2014, advanced several clinical processes and

promoted health information exchange (HIE) and more
patient control over personal data. Stage 3, which has
a target implementation date of 2016, focuses on
improved outcomes for individuals and populations,
and introduction of patient self-management tools
(HealthIT.gov, 2013).

Components of Electronic
Health Records

Overview
Before enactment of the ARRA, several variants of
EHRs existed, each with its own terminology and each
developed with a different audience in mind. The
sources of these records included, for example, the
federal government (Certification Commission for
Healthcare Information Technology, 2007), the IOM
(2003), the HIMSS (2007), and the National Institutes
of Health (2006; Robert Wood Johnson Foundation
[RWJF], 2006). Under ARRA, there is now an explicit
requirement for providers and hospitals to use a
certified EHR that meets a set of standard functional
definitions to be eligible for the increased
reimbursement incentive. Initially, USDHHS granted
two organizations the authority to accredit EHRs: the
Drummond Group and the Certification Commission for
Healthcare Information Technology. In 2015, there
were five recognized bodies for testing and certifying

EHRs (HealthIT.gov, 2015a). These bodies are
authorized to test and certify EHR vendors against the
standards and test procedures developed by the
National Institute of Standards and Technology (NIST)
and endorsed by the Office of the National Coordinator
for Health Information Technology for EHRs.

The initial NIST test procedure included 45 certification
criteria, ranging from the basic ability to record patient
demographics, document vital signs, and maintain an
up-to-date problem list, to more complex functions,
such as electronic exchange of clinical information and
patient summary records (Jansen & Grance, 2011;
NIST, 2010). Box 14-1 lists the 45 certification criteria
outlined by NIST in 2010. These criteria have been
updated several times since 2010, with the 2015
version developed after going out for public comment
(HealthIT.gov, 2015b). Each iteration of certification
criteria and testing procedures seeks to make the EHR
more robust, interoperable, and functional to meet the
needs of patients and users.

BOX 14-1 EHR CERTIFICATION

CRITERIA

Criteria # Certification Criteria

§170.302 (a) Drug–drug, drug–allergy interaction checks

§170.302 (b) Drug formulary checks

§170.302 (c) Maintain up-to-date problem list

§170.302 (d) Maintain active medication list

§170.302 (e) Maintain active medication allergy list

§170.302 (f)

(1)

Vital signs

§170.302 (f)

(2)

Calculate body mass index

§170.302 (f)

(3)

Plot and display growth charts

§170.302 (g) Smoking status

§170.302 (h) Incorporate laboratory test results

§170.302 (i) Generate patient lists

§170.302 (j) Medication reconciliation

§170.302 (k) Submission to immunization registries

§170.302 (l) Public health surveillance

§170.302 (m) Patient-specific education resources

§170.302 (n) Automated measure calculation

§170.302 (o) Access control

§170.302 (p) Emergency access

§170.302 (q) Automatic log-off

§170.302 (r) Audit log

§170.302 (s) Integrity

§170.302 (t) Authentication

§170.302 (u) General encryption

§170.302 (v) Encryption when exchanging electronic health

information

§170.302 (w) Accounting of disclosures (optional)

§170.304 (a) Computerized provider order entry

§170.304 (b) Electronic prescribing

§170.304 (c) Record demographics

§170.304 (d) Patient reminders

§170.304 (e) Clinical decision support

§170.304 (f) Electronic copy of health information

§170.304 (g) Timely access

§170.304 (h) Clinical summaries

§170.304 (i) Exchange clinical information and patient summary

record

§170.304 (j) Calculate and submit clinical quality measures

§170.306 (a) Computerized provider order entry

§170.306 (b) Record demographics

§170.306 (c) Clinical decision support

§170.306 (d)

(1)

Electronic copy of health information

§170.306 (d)

(2)

Electronic copy of health information

Note: For discharge summary

§170.306 (e) Electronic copy of discharge instructions

§170.306 (f) Exchange clinical information and patient summary

record

§170.306 (g) Reportable lab results

§170.306 (h) Advance directives

§170.306 (i) Calculate and submit clinical quality measures

Reproduced from National Institute of Standards and Technology

(NIST). (2010). Meaningful use test method: Approved test procedures
version 1.0. Retrieved from

http://healthcare.nist.gov/use_testing/finalized_requirements.html

Despite the points articulated in the ARRA, the IOM
definition of an EHR also remains a valid reference
point. This definition is useful because it has distilled all
the possible features of an EHR into eight essential
components with an emphasis on functions that
promote patient safety—a universal denominator that
everyone in health care can accept. The eight

components are (1) health information and data, (2)
results management, (3) order entry management, (4)
decision support, (5) electronic communication and
connectivity, (6) patient support, (7) administrative
processes, and (8) reporting and population health
management (IOM, 2003). These initial core
components, as well as more recent modifications
described by the Health Resources and Services
Administration (HRSA, n.d.) and the components of a
comprehensive EHR identified by HealthIT.gov
(Charles, Gabriel, & Searcy, 2015), are described in
more detail here. With the exception of EHR
infrastructure functions, such as security and privacy
management, controlled medical vocabularies, and
interoperability standards, the 45 initial NIST standards
easily map into the IOM categories (Jansen & Grance,
2011).

Health Information and Data
Health information and data comprise the patient data
required to make sound clinical decisions, including
demographics, medical and nursing diagnoses,
medication lists, allergies, and test results (IOM, 2003).
This component of the EHR also includes care
management data regarding details of patient visits
and interactions with patients, medication
reconciliation, consents, and directives (HRSA, n.d.). A
comprehensive EHR will also contain nursing

assessments and problem lists (Charles, Gabriel, &
Searcy, 2015).

Results Management
Results management is the ability to manage results
of all types electronically, including laboratory and
radiology procedure reports, both current and historical
(IOM, 2003).

Order Entry Management
Order entry management is the ability of a clinician to
enter medication and other care orders, including
laboratory, microbiology, pathology, radiology, nursing,
and supply orders; ancillary services; and
consultations, directly into a computer (IOM, 2003). A
comprehensive EHR will also contain nursing orders
(Charles, Gabriel, & Searcy, 2015).

Decision Support
Decision support entails the use of computer
reminders and alerts to improve the diagnosis and care
of a patient, including screening for correct drug
selection and dosing, screening for medication
interactions with other medications, preventive health
reminders in such areas as vaccinations, health risk
screening and detection, and clinical guidelines for
patient disease treatment (IOM, 2003).

Electronic Communication and
Connectivity
Electronic communication and connectivity include
the online communication among healthcare team
members, their care partners, and patients, including
email, Web messaging, and an integrated health
record within and across settings, institutions, and
telemedicine (IOM, 2003). This component has been
expanded to include interfaces and interoperability
required to exchange health information with other
providers, laboratories, pharmacies (e-prescribing),
patients, and government disease registries (HRSA,
n.d., para. 2)

Patient Support
Patient support encompasses patient education and
self-monitoring tools, including interactive computer-
based patient education, home telemonitoring, and
telehealth systems (IOM, 2003).

Administrative Processes
Administrative processes are activities carried out by
the electronic scheduling, billing, and claims
management systems, including electronic scheduling
for inpatient and outpatient visits and procedures,
electronic insurance eligibility validation, claim
authorization and prior approval, identification of

possible research study participants, and drug recall
support (IOM, 2003).

Reporting and Population Health
Management
Reporting and population health management are
the data collection tools to support public and private
reporting requirements, including data represented in a
standardized terminology and machine-readable format
(IOM, 2003).

NIST has not provided an exhaustive list of all possible
features and functions of an EHR. Consequently,
different vendor EHR systems combine different
components in their offerings, and often a single set of
EHR components may not meet the needs of all
clinicians and patient populations. For example, a
pediatric setting may demand functions for
immunization management, growth tracking, and more
robust order entry features to include weight-based
dosing (Spooner & Council on Clinical Information
Technology, 2007). These types of features may not
be provided by all EHR systems, and it is important to
consider EHR certification to be a minimum standard.
See Figure 14-1 for a graphic depiction of EHR
functions and communication capabilities.

Figure 14-1 EHR Functions and Communication
Capabilities

Reproduced from American Hospital Association. (2010). The road to

meaningful use: What it takes to implement EHR systems in hospitals.

Retrieved from http://www.aha.org/research/reports/tw/10apr-tw-

HITmeanuse.pdf

Another group that focuses on EHR standards and
functionality is Health Level Seven International (HL7).
Founded in 1987, “Health Level Seven International
(HL7) is a not-for-profit, ANSI-accredited standards

developing organization dedicated to providing a
comprehensive framework and related standards for
the exchange, integration, sharing, and retrieval of
electronic health information that supports clinical
practice and the management, delivery and evaluation
of health services” (Health level Seven International,
n.d., para. 1). This group concentrates on developing
the behind-the-scenes programming standards (Level
Seven is the application level of the Open Systems
Interconnection model) for interfaces to ensure
interoperability and connectivity among systems.

Advantages of Electronic
Health Records
Measuring the benefits of EHRs can be challenging.
Possible methods to estimate EHR benefits include
using vendor-supplied data that have been retrieved
from their customers’ systems, synthesizing and
applying studies of overall EHR value, creating logical
engineering models of EHR value, summarizing
focused studies of elements of EHR value, and
conducting and applying information from site visits
(HealthIT.gov, 2012; Thompson, Osheroff, Classen,
& Sittig, 2007).

Early on, the four most common benefits cited for
EHRs were (1) increased delivery of guidelines-based
care, (2) enhanced capacity to perform surveillance

and monitoring for disease conditions, (3) reduction in
medication errors, and (4) decreased use of care
(Chaudhry et al., 2006; HealthIT.gov, 2012). These
findings were echoed by two similar literature reviews.
The first review (Dorr et al., 2007) focused on the use
of informatics systems for managing patients with
chronic illness. It found that the processes of care most
positively impacted were guidelines adherence, visit
frequency (i.e., a decrease in emergency department
visits), provider documentation, patient treatment
adherence, and screening and testing.

The second review (Shekelle, Morton, & Keeler,
2006) was a cost–benefit analysis of health information
technology completed by the Agency for Healthcare
Research and Quality (AHRQ) that studied the value of
an EHR in the ambulatory care and pediatric settings,
including its overall economic value. The AHRQ study
highlighted the common findings already described, but
also noted that most of the data available for review
came from six leading healthcare organizations in the
United States, underscoring the challenge of
generalizing these results to the broader healthcare
industry. As noted previously by the HIMSS Stage 7
Awards, the challenge to generalize results persists in
the hospital arena, with fewer than 1% of U.S. hospitals
or eight leading organizations providing most of the
experience with comprehensive EHRs (HIMSS,
2010a). Finally, the literature reviews cited here
indicated that there are a limited number of hypothesis-

testing studies of EHRs and even fewer that have
reported cost data.

The descriptive studies do have value, however, and
should not be hastily dismissed. Although not as
rigorous in their design, they do describe the
advantages of EHRs well and often include useful
implementation recommendations learned from
practical experience. As identified in these types of
reviews, EHR advantages include simple benefits,
such as no longer having to interpret poor handwriting
and handwritten orders, reduced turnaround time for
laboratory results in an emergency department, and
decreased time to administration of the first dose of
antibiotics in an inpatient nursing unit (HealthIT.gov,
2012; Husk & Waxman, 2004; Smith et al., 2004). In
the ambulatory care setting, improved management of
cardiac-related risk factors in patients with diabetes
and effective patient notification of medication recalls
have been demonstrated to be benefits of the EHR
(Jain et al., 2005; Reed & Bernard, 2005). Two other
unique advantages that have great potential are the
ability to use the EHR and decision support functions to
identify patients who qualify for research studies or
who qualify for prescription drug benefits offered by
pharmaceutical companies at safety-net clinics and
hospitals (Embi et al., 2005; Poprock, 2005).

The HIMSS Davies Award may be the best resource
for combined quantitative and qualitative results of

successful EHR implementation. The Davies Award
recognizes healthcare organizations that have
achieved both excellence in implementation and value
from health information technology (HIMSS, 2010a).
One winner demonstrated a significant avoidance of
medication errors because of bar-code scanning alerts,
a $3 million decrease in medical records expenses as
a result of going paperless, and a 5% reduction of
duplicate laboratory orders by using computerized
provider order entry alerting (HIMSS, 2010b). Another
winner noted a 13% decrease in adverse drug
reactions through the use of computerized physician
order entry; it also achieved a decrease in methicillin-
resistant Staphylococcus aureus (MRSA) nosocomial
infections from 9.8 per 10,000 discharges to 6.4 per
10,000 discharges in less than a year using an EHR
flagging function, which made clinicians immediately
aware that contact precautions were required for
MRSA-positive patients (HIMSS, 2009). At both
organizations, there was qualitative and quantitative
evidence of high rates of end user adoption and
satisfaction with use of the EHR.

A 2011 study of the effects of EHR adoption on nurse
perceptions of quality of care, communication, and
patient safety documented that nurses report better
care outcomes and fewer concerns with care
coordination and patient safety in hospitals with a basic
EHR (Kutney-Lee & Kelly, 2011). In this study, nurses
perceived that in hospitals with a functioning EHR,

there was better communication among staff,
especially during patient transfers, and fewer
medication errors. Bayliss et al. (2015) demonstrated
that an integrated care system utilizing an EHR
resulted in fewer hospital readmissions and emergency
room visits for over 12,000 seniors with multiple health
challenges.

Without an EHR system, any of these benefits would
be very difficult and costly to accomplish. Thus, despite
limited standards and published studies, there is
enough evidence to embrace widespread
implementation of the EHR (Halamka, 2006;
HealthIT.gov, 2012), and certainly enough evidence to
warrant further study of the use and benefits of EHRs.
Box 14-2 describes some of the specific CIS functions
of an EHR.

BOX 14-2 THE EHR AS A CLINICAL

INFORMATION SYSTEM

Denise Tyler

A CIS is a technology-based system applied at
the point of care and designed to support care
by providing instant access to information for
clinicians. Early CISs implemented prior to the
advent of EHRs were limited in scope and
provided such information as interpretation of
laboratory results or a medication formulary and

drug interaction information. With the
implementation of EHRs, the goal of many
organizations is to expand the scope of the early
CISs to become comprehensive systems that
provide clinical decision support, an electronic
patient record, and in some instances
professional development and training tools.
Benefits of such a comprehensive system
include easy access to patient data at the point
of care; structured and legible information that
can be searched easily and lends itself to data
mining and analysis; and improved patient
safety, especially the prevention of adverse drug
reactions and the identification of health risk
factors, such as falls.

TRACKING CLINICAL
OUTCOMES
The ability to measure outcomes can be
enhanced or impeded by the way an information
system is designed and used. Although many
practitioners can paint a very good picture of the
patient by using a narrative (free text),
employing this mode of expression in a clinical
system without the use of a coded entry makes
it difficult to analyze the care given or the
patient’s response. Free-text reporting also
leads to inconsistencies of reporting from

clinician to clinician and patient information that
is fragmented or disorganized. This can limit the
usefulness of patient data to other clinicians and
interfere with the ability to create reports from
the data for quality assurance and measurement
purposes. Moreover, not all clinicians are
equally skilled at the free-text form of
communication, yielding inconsistent quality of
documentation. Integrating standardized nursing
terminologies into computerized nursing
documentation systems enhances the ability to
use the data for reporting and further research.

According to the IOM (2012), “Payers,
healthcare delivery organizations and medical
product companies should contribute data to
research and analytic consortia to support
expanded use of care data to generate new
insights” (para. 2). McLaughlin and Halilovic
(2006) described the use of clinical analytics to
promote medical care outcomes research. The
use of a CIS in conjunction with standardized
codes for patient clinical issues helps to support
the rigorous analysis of clinical data. Outcomes
data produced as part of these analyses may
include length of stay, mortality, readmissions,
and complications. Future goals include the
ability to compare data and outcomes across
various institutions as a means of developing
clinical guidelines or best practices guidelines.

With the implementation of a comprehensive
CIS, similar analyses of nursing outcomes could
also be performed and shared. Likewise, such a
system could aid nurse administrators in cross-
unit comparisons and staffing decisions,
especially when coupled with acuity systems
data. In addition, clinical analytics can support
required data reporting functions, especially
those required by accreditation bodies.

SUPPORTING EVIDENCE-
BASED PRACTICE
Evidence-based practice (EBP) can be thought
of as the integration of clinical expertise and
best practices based on systematic research to
enhance decision making and improve patient
care. References supporting EBP, such as
clinical guidelines, are available for review at the
click of a mouse or the press of a few
keystrokes. The CIS’s prompting capabilities
can also reinforce the practice of looking for
evidence to support nursing interventions rather
than relying on how things have been done
historically. This approach enhances processing
and understanding of the information and allows
the nurse to apply the information to other
areas, increasing the knowledge obtained about

why certain conditions or responses result in
prompts for additional questions or actions.

To incorporate EBP into the practice of clinical
nursing, the information needs to be embedded
in the computerized documentation system so
that it is part of the workflow. The most typical
way of embedding this timely information is
through clinical practice guidelines. The
resulting interventions and clinical outcomes
need to be measurable and reportable for
further research. The supporting documentation
for the EBP needs to be easily retrievable and
meaningful. Links, reminders, and prompts can
all be used as vehicles for transmission of this
information. The format needs to allow for rapid
scanning, with the ability to expand the amount
of information when more detail is required or
desired. Balancing a consistency in formatting
with creativity can be difficult but is worth the
effort to stimulate an atmosphere for learning.

EBP is supported by translational research, an
exciting movement that has enormous potential
for the sharing and use of EBP. The use of
translational research to support EBP may help
to close the gap between what is known
(research) and what is done (practice).

THE CIS AS A STAFF

DEVELOPMENT TOOL
Joy Hilty, a registered nurse from Kaweah Delta,
came up with a creative way to provide staff
development or education without taking staff
away from the bedside to a classroom setting.
She created pop-up boxes on the opening
charting screens for all staff who chart on the
computer. These pop-ups vary in color and
content and include a short piece of clinical
information, along with a question. Staff can
earn vacations from these pop-ups for as long
as 14 days by emailing the correct answer to the
question. This medium has provided
information, stimulation, and a definite benefit:
the vacation from the pop-up boxes. The pop-up
box education format has also encouraged staff
to share their answers, thereby creating
interaction, knowledge dissemination, and
reinforcement of the education provided.

Embedding EBP into nursing documentation can
also increase the compliance with Joint
Commission core measures, such as providing
information on influenza and pneumococcal
vaccinations to at-risk patients. In the author’s
experience at Kaweah Delta, educating staff via
classes, flyers, and storyboards was not
successful in improving compliance with the
documentation of immunization status or

offering education on these vaccinations to at-
risk patients. Embedding the prompts,
information, and related questions in the nursing
documentation with a link to the protocol and
educational material, however, improved the
compliance to 96% for pneumococcal
vaccinations and to 95% for influenza
vaccinations (Hettinger, 2007).

As more information is stored electronically,
nurse informaticists must translate the
technology so that the input and retrieval of
information are developed in a manner that is
easy for clinicians to learn and use. A highly
usable product should decrease errors and
improve information entry and retrieval. Nurse
informaticists must be able to work with staff and
expert users to design systems that meet the
needs of the staff who will actually use the
systems. The work is not done after the system
is installed; the system must continue to be
developed and improved, because as staff use
the system, they will be able to suggest changes
to improve it. This ongoing revision should result
in a system that is mature and meets the needs
of the users.

In an ideal world, all clinical documentation will
be shared through a national database, in a
standard language, to enable evaluation of
nursing care, increase the body of evidence,

and improve patient outcomes. With minimal
effort, the information will be translated into new
research that can be analyzed and linked to new
evidence that will be intuitively applied to the
CIS. Alerts will be meaningful and will be patient
and provider specific. The steps required of the
clinician to find current, reliable information will
be almost transparent, and the information will
be presented in a personalized manner based
on user preferences stored in the CIS.

REFERENCES

Hettinger, M. (2007, March). Core
measure reporting: Performance
improvement. Visalia, CA: Kaweah
Delta Health Care District.

Institute of Medicine (IOM). (2012).
Best care at lower cost. Retrieved
from
https://www.nap.edu/catalog/13444/best-
care-at-lower-cost-the-path-to-
continuously-learning

McLaughlin, T., & Halilovic, M. (2006).
Clinical analytics, rigorous coding
bring objectivity to quality
assertions. Medical Staff Update

Online, 30(6). Retrieved from
http://med.stanford.edu/shs/update/archives/JUNE2006/analytics.htm

A more recent description of the benefits of an EHR by
HealthIT.gov (2014) emphasizes that EHRs hold the
promise of transforming healthcare; specifically, EHRs
will lead to:

Better health care by improving all aspects of
patient care, including safety, effectiveness, patient-
centeredness, communication, education,
timeliness, efficiency, and equity
Better health by encouraging healthier lifestyles in
the entire population, including increased physical
activity, better nutrition, avoidance of behavioral
risks, and wider use of preventative care
Improved efficiencies and lower healthcare
costs by promoting preventative medicine and
improved coordination of healthcare services, as
well as by reducing waste and redundant tests
Better clinical decision making by integrating
patient information from multiple sources (para. 4)

Standardized Terminology and
the EHR

As we inch closer to interoperable EHRs that provide
for seamless health information exchange among
providers and healthcare institutions, the need for
standardizing terminologies becomes ever clearer.
Consider also the trend toward value-based care
reimbursements, in which healthcare data are mined
“to demonstrate nursing’s contributions to improving
the cost, quality, and efficiency of care, key elements of
the value equation” (Adams, Ponte, & Somerville,
2016, p. 127). EHR data must be formatted in a
machine-readable manner in order to support
interoperable exchange of information and data mining.
An important distinction that needs to be made here is
the difference between interface terminologies
(NANDA, NIC, or NOC) and reference terminologies
(SMOMED-CT, LOINC).

While interface terminologies play an
important role in promoting direct entry of
categorical data by health care providers,
both terminology developers and the
standards community historically have
focused on other types of terminologies,
including reference and administrative
(rather than on interface) terminologies.
Such terminologies are generally
designed to provide exact and complete
representations of a given domain’s
knowledge, including its entities and
ideas and their interrelationships. For

example, reference terminologies can
support the storage, retrieval, and
classification of clinical data; their
contents correspond to the internal
system representation storage formats to
which interface terminologies are typically
mapped. (Rosenbloom, Miller,
Johnson, Elkin, & Brown, 2006, p. 278)

The various interface terminologies and their subsets
are coded in the EHR and typically presented to the
user in dropdown menus. Users may also be able to
use a search function in the EHR to identify the most
appropriate term that represents the patient’s
condition(s). Bronnert, Masarie, Naeymi-Rad, Rose,
and Aldin (2012) described the value of an interface
terminology for clinician workflow:

Clinicians interact with interface
terminology when documenting
diagnoses and procedures in the patient’s
electronic record. The physician performs
searches using the search functionality in
designated locations in the EHR, which
returns terms to the provider to select the
appropriate problem or procedure. The
physician [nurse] selects the appropriate
term to capture the clinical intent. The
term(s) populate predetermined fields in

the electronic record. The selected term
contains mappings to one or more
industry standard terminologies, such as
ICD or SNOMED CT. The “behind-the-
scenes” mappings allow the physician to
focus on patient care while at the same
time capturing the necessary
administrative and reference codes.
(para. 17)

The National Library of Medicine has been designated
as the central coordinating body for clinical
terminologies by the USDHHS. (See Box 14-3 for a list
and description of administrative and reference
terminologies used in an EHR.) Recall the ongoing
work of nursing groups looking to standardize nursing
terminologies to capture and codify the work of nursing.
(See Chapter 6 for a list of approved nursing
terminologies.) In 2015, the American Nurses
Association reaffirmed its support for the use of
standardized terminologies:

The purpose of this position statement is
to reaffirm the American Nurses
Association’s (ANA) support for the use
of recognized terminologies supporting
nursing practice as valuable
representations of nursing practice and to
promote the integration of those

terminologies into information technology
solutions. Standardized terminologies
have become a significant vehicle for
facilitating interoperability between
different concepts, nomenclatures, and
information systems. (para. 1)

BOX 14-3 STANDARD EHR

ADMINISTRATIVE AND REFERENCE

TERMINOLOGIES

Administrative (Billing) Terminologies

* ICD-10 (International Classification of
Diseases, Version 10): Medical diagnosis
code set

* CPT (Current Procedural Terminology):
Used to code procedures for billing

CLINICAL TERMINOLOGIES
SNOMED CT (Systematized Nomenclature
of Medicine—Clinical Terms):
Comprehensive clinical terminology
(mapping to this terminology is ongoing,
including nursing-orders mapping)
LOINC (Logical Observation Identifier
Names and Codes): Universal codes for
laboratory and clinical observations

RxNorm: Terminology system for drug
names, providing links to drug vocabularies
and interaction software
Unified Medical Language System (UMLS)
and the Metathesaurus: Support terminology
integration efforts and online searches (not a
terminology system)

See the U.S. National Library of Medicine
website for more comprehensive information:
www.nlm.nih.gov/hit_interoperability.html

Because no single model of standardized terminology
for health care or nursing can represent all of the
contributions to the health of a patient, work is ongoing
to map terminologies to one another. For example,
Kim, Hardiker, and Coenen (2014) studied the degree
of similarity between the International Classification for
Nursing Practice (ICNP) and the Systematized
Nomenclature of Medicine–Clinical Terms (SNOMED–
CT); while they identified some areas of overlap, they
cautioned that there is still more work to be done to
truly represent nursing concepts in the EHR. Adams et
al. (2016) issued a call to action to Chief Nursing
Officers (CNOs): “CNOs must begin partnering with
and influencing EHR developers and vendors to ensure
the EHRs implemented in their organizations capture
nursing content using a standardized taxonomy that is
evidence based and mapped to SNOMED-CT and

LOINC” (p. 127). Ongoing efforts to map nursing
problem lists to SNOMED-CT are evident in the work of
Matney and colleagues (2011) and on the National
Library of Medicine website
(www.nlm.nih.gov/hit_interoperability.html). It is
probably safe to say that the number of different types
of EHRs and the variability of EHRs are likely to
contract and converge as the demand for robust
systems supporting interoperability expands. Nurse
informatics specialists and CNOs participating in the
selection and implementation of EHRs must ask a
critical question: To what extent are nursing care
contributions visible, retrievable, and accurately
represented in this EHR?

Ownership of Electronic Health
Records
The implementation of an EHR has the potential to
affect every member of a healthcare organization. The
process of becoming a successful owner of an EHR
has multiple steps and requires integrating the EHR
into the organization’s day-to-day operations and long-
term vision, as well as into the clinician’s day-to-day
practice. All members of the healthcare organization—
from the executive level to the clinician at the point of
care—must feel a sense of ownership to make the
implementation successful for themselves, their
colleagues, and their patients. Successful ownership of

an EHR may be defined in part by the level of clinician
adoption of the tool, and this section reviews key steps
and strategies for the selection, implementation and
evaluation, and optimization of an EHR in pursuit of
that goal.

Historically, many systems were developed locally by
the information technology department of a healthcare
organization. It was not unusual for software
developers to be employed by the organization to
create needed systems and interfaces between them.
As commercial offerings were introduced and matured,
it became less and less common to see homegrown or
locally developed systems.

As this history suggests, the first step of ownership is
typically a vendor selection process for a commercially
available EHR. During this step, it is important to
survey the organization’s level of interest, identify
possible barriers to participation, document desired
functions of an EHR, and assess the willingness to
fund the implementation (Holbrook, Keshavjee,
Troyan, Pray, & Ford, 2003). Although clinicians, as
the primary end users, should drive the project, the
assessment should also include the needs and
readiness of the executive leadership, information
technology, and project management teams. It is
essential that leadership understands that this type of
project is as much about redesigning clinical work as it
is about technically automating it and that they agree to

assume accountability for its success (Goddard,
2000). In addition, this pre-acquisition phase should
concentrate on understanding the current state of the
health information technology industry to identify
appropriate questions and the next steps in the
selection process (American Organization of Nurse
Executives, 2009). These first steps begin to identify
any organizational risks related to successful
implementation and pave the way for initiating a
change management process to educate the
organization about the future state of delivering health
care with an EHR system.

The second step of the selection process is to select a
system based on the organization’s current and
predicted needs. It is common during this phase to see
a demonstration of several vendors’ EHR products.
Based on the completed needs assessment, the
organization should establish key evaluation criteria to
compare the different vendors and products. These
criteria should include both subjective and objective
items that cover such topics as common clinical
workflows, decision support, reporting, usability,
technical build, and maintenance of the system.
Providing the vendor with these guidelines will ensure
that the process meets the organization’s needs;
however, it is also essential to let the vendor
demonstrate a proposed future state from its own
perspective. This activity is critical to ensuring that the
vendor’s vision and the organization’s vision are well

aligned (Konschak & Shiple, n.d.). It also helps spark
dialogue about the possible future state of clinical work
at the organization and the change required in
obtaining it. Such demonstrations not only enable the
organization to compare and contrast the features and
functions of different systems, but also are a good way
to engage the organization’s members in being a part
of this strategic decision.

Implementation planning should occur concurrently
with the selection process, particularly the assessment
of the scope of the work, initial sequencing of the EHR
components to be implemented, and resources
required. However, this step begins in earnest once a
vendor and a product have been selected. In addition
to further refining the implementation plan, this is the
time to identify key metrics by which to measure the
EHR’s success. An organization may realize numerous
benefits from implementing an EHR. It should choose
metrics that match its overall strategy and goals in the
coming years and may include expected improvements
in financial, quality, and clinical outcomes. Commonly
used metrics focus on reductions in the number of
duplicate laboratory tests through duplicate orders
alerting, reductions in the number of adverse drug
events through the use of bar-code medication
administration, meaningful use objectives and
measures, and the EHR advantages mentioned earlier
in this chapter. To ensure that the desired benefits are
realized, it is important to avoid choosing so many that

they become meaningless or unobtainable, to carefully
and practically define those that are chosen, to
measure before and after the implementation, and to
assign accountability to a member of the organization
to ensure the work is completed.

End-user adoption of the EHR is also essential to
realizing its benefits. Clinicians must be engaged to
use the EHR successfully in their practice and daily
workflows so that data may be captured to drive the
decision support that underlies so many of the
advantages and metrics described. To promote
adoption, a change management plan must be
developed in conjunction with the EHR implementation
plan. The most effective change management plans
offer end users several exposures to the system and
relevant workflows in advance of its use and continue
through the go-live and post-live time periods.
Successful pre-live strategies include end-user
involvement as subject-matter experts to validate the
EHR workflow design and content build, hosting end-
user usability testing sessions, shadowing end users in
their current daily work in parallel with the new system,
and formal training activities. The goal of these pre-live
activities is not only to ensure that the EHR
implementation will meet end user needs, but also to
assess the impact of the new EHR on current workflow
and process. The larger the impact, the more change
management is required above and beyond system
training. For example, simulation laboratory

experiences may be offered to more thoroughly dress
rehearse a significant workflow change, executive
leadership may need to convey their support and
expectations of clinicians about a new way of working,
and generally more anticipatory guidance is required to
communicate to those impacted by the changes.

Training may be delivered in a variety of media. Often
a combination of approaches works best, including
classroom time, electronic learning, independent
exercises, and peer-to-peer, at-the-elbow support.
Training must be workflow based and reflect real
clinical processes. It must also be planned and
budgeted for through the post-live period to ensure that
competency with the system is assessed at the go-live
point and that any necessary retraining or
reinforcements are made in the 30 to 60 days post-live.
This not only promotes reliability and safe use of the
system as it was designed but also can have a positive
impact on end users’ morale: Users will feel that they
are being supported beyond the initial go-live period
and have an opportunity to move from basic skills to
advanced proficiency with the system.

Finally, the implementation plan should account for the
long-term optimization of the EHR. This step is
commonly overlooked and often results in benefits
falling short of expectations because the resources are
not available to realize them permanently. It also often
means the difference between end users of EHRs

merely surviving the change versus becoming savvy
about how to adopt the EHR as another powerful
clinical tool, much as clinicians have embraced such
technologies as the stethoscope (HealthIT.gov, 2012).
Optimization activities of the EHR should be
considered a routine part of the organization’s
operations, should be resourced accordingly, and
should emphasize the continued involvement of
clinician users to identify ways that the EHR can
enable the organization to achieve its overall mission.
Many organizations start an implementation of EHRs
with the goal of transforming their care delivery and
operations. An endeavor that differs from simply
automating a previously manual or fragmented
process, transformation often includes steps to improve
the process so as to realize better patient care
outcomes or added efficiency. Although some
transformation is experienced with the initial use of the
system, most of this work is done postimplementation
and relies on widespread clinician adoption of the EHR.
As such, it makes optimization a critical component to
successful ownership of an EHR.

Flexibility and Expandability
Health care is as unique as the patients themselves. It
is delivered in a variety of settings, for a variety of
reasons, over the course of a patient’s lifetime. In
addition, patients rarely receive all their care from one
healthcare organization; indeed, choice is a

cornerstone of the American healthcare system. An
EHR must be flexible and expandable to meet the
needs of patients and caregivers in all these settings,
despite the challenges.

At a very basic level, there is as yet no EHR system
available that can provide all functions for all
specialties to such a degree that all clinicians would
successfully adopt it. Consider oncology as an
example. Most systems do not yet provide the
advanced ordering features required for the complex
treatment planning undertaken in this field. An
oncologist could use a general system, but he or she
would not find as many benefits without additional
features for chemotherapy ordering, lifetime cumulative
dose tracking, or the ability to adjust a treatment day
schedule and recalculate a schedule for the remaining
days of the plan. Some EHRs do a good job of
supporting the work of nursing staff and physicians, but
are not as supportive of the work of clinicians such as
dieticians, physical and occupational therapists, and
other healthcare personnel. These systems will
continue to evolve and support interprofessional
collaboration as more healthcare professionals are
exposed to the power of these systems to support their
work and become better able to articulate their specific
needs.

Further, most healthcare organizations do not yet have
the capacity to implement and maintain systems in all

care areas. As one physician stated, “Implementing an
EMR is a complex and difficult multidisciplinary effort
that will stretch an organization’s skills and capacity for
change” (Chin, 2004, p. 47).

These two conditions are improving every day at both
vendor and healthcare organizations alike.
Improvements in both areas were recently fueled by
ARRA incentives (see Box 14-4).

BOX 14-4 CLOUDY EHRS

A paradigm shift from healthcare facility–owned,
machine-based computing to offsite, vendor-
owned cloud computing, Web browser–based
log-in accessible data, software, and hardware
could link systems together and reduce costs.
Hospitals with shrinking budgets and extreme IT
needs are exploring the successes in this area
achieved in other industries, such as Amazon’s
S3. As providers strive to implement potent
EHRs, they are looking for cloud-based models
that offer the necessary functionality without
having to assume the burden associated with all
of the hardware, software, application, and
storage issues. However, in the face of the
HITECH Act and its associated penalties, how
can we overcome the challenges to realize the
benefits of this approach? Cloud computing has
both advantages and disadvantages, and while

they explore this new paradigm, healthcare
providers must relinquish control as they
continue to strive to maintain security. The
vendors that are responsible for developing and
maintaining this new environment are also
facing challenges originating from both
legislatures and healthcare providers. As the
vendors and healthcare providers work together
to improve the implementation and adoption of
the cloud-based EHR, the sky is the limit!

ARRA has also set the expectation that despite the
large number of settings in which a patient may receive
care, a minimum set of data from those records must
flow or “interoperate” among each setting and the
unique EHR systems used in those settings. Today,
interoperability exists through what is called a
Continuity of Care Document (CCD). This dataset
includes patient demographics, medication, allergy,
and problem lists, among other things, and the
formatting and exchange of the CCD is required to be
supported by EHR vendors and healthcare
organizations seeking ARRA meaningful use
incentives. The document formatted according to HL7
standards is both machine readable and human
readable.

Despite this positive step forward, financial and patient
privacy hurdles remain to be overcome to achieve an

expansive EHR. Most health care is delivered by small
community practices and hospitals, many of which do
not have the financial or technical resources to
implement robust, interoperable EHRs. USDHHS
recently loosened regulations so that physicians may
now be able to receive healthcare information
technology software, hardware, and implementation
services from hospitals to alleviate the financial burden
placed on individual providers and to foster more
widespread adoption of the EHR.

Finally, patient privacy is a pivotal issue in determining
how far and how easy it will be to share data across
healthcare organizations. In addition to the Health
Insurance Portability and Accountability Act privacy
rules, many states have regulations in place related to
patient confidentiality. An experience of the state of
Minnesota foreshadows what all states may encounter.
In 2007, Governor Tim Pawlenty announced the
creation of the Minnesota Health Information Exchange
(State of Minnesota, Office of the Governor, 2007).
Although the intentions of the exchange were to
promote patient safety and increase healthcare
efficiency across the state, it raised significant
concerns about security and privacy. New questions
arose about the definition of when and how patient
consent is required to exchange data electronically,
and older paper-based processes needed to be
updated to support real-time electronic exchange
(Minnesota Department of Health, 2007). For health

exchanges such as these to reach their full potential,
members of the public must be able to trust that their
privacy will be protected, or else the healthcare
industry risks that patients may not share a full medical
history, or worse yet, may not seek care, effectively
making the exchanges useless.

Accountable Care
Organizations and the EHR
EHRs with data-sharing capabilities are central to the
support of Accountable Care Organizations (ACOs), a
payment incentive program established by the CMS
(2015). As discussed elsewhere, this program of
shared medical and financial responsibility is designed
to provide quality, coordinated care while limiting costs.
Some of the core information technology requirements
for an ACO are EHRs, HIEs, care management
systems, and analytics and reporting systems
(Mastagni, Welter, & Holmes, 2015). A robust EHR
can support many of these functions:

EHR solutions that are interoperable
across organizations can significantly
reduce the cost and complication of IT
infrastructure by creating full EHR
visibility between providers. This shared
visibility reduces or eliminates the need to
participate in HIEs or invest in solutions

to integrate data across different EHR
platforms. Many EHRs also can serve as
a program’s care management system,
eliminating the need for a separate
system to document care management
efforts and help care teams engage with
patients. (Mastagni et al., 2015, para. 5)

See Figure 14-2.

Figure 14-2 How EHRs Support Accountable Care

Data from ECG Consultants. (2015). The use of technology in healthcare

reform: IT considerations for accountable care. Retrieved from

http://www.ecgmc.com/thought-leadership/articles/the-use-of-

technology-in-healthcare-reform-it-considerations-for-accountable-

care

The Future
Despite the challenges, the future of EHRs is an
exciting one for patients and clinicians alike. Benefits
may be realized by implementing stand-alone EHRs as
described here, but the most significant transformation
will come as interoperability is realized between
systems. As the former national information technology
coordinator in the USDHHS David Brailer predicted
about the potential of interoperability:

For the first time, clinicians everywhere
can have a longitudinal medical record
with full information about each patient.
Consumers will have better information
about their health status since personal
health records and similar access
strategies can be feasible in an
interoperable world. Consumers can
move more easily between and among
clinicians without fear of their information
being lost. Payers can benefit from the
economic efficiencies, fewer errors, and

reduced duplication that arises from
interoperability. Healthcare information
exchange and interoperability (HIEI) also
underlies meaningful public health
reporting, bioterrorism surveillance,
qsuality monitoring, and advances in
clinical trials. In short, there is little that
most people want from health care for
which HIEI isn’t a prerequisite. ( Brailer ,
2005, p. W 5-20)

The future also holds tremendous potential for EHR
features and functions that will include not only more
sophisticated decision support and clinical reporting
capacity, but also improved support for all healthcare
professionals, improved biomedical device integration,
ease of use and intuitiveness, and access through
more hardware platforms.

Implementation of robust and interoperable EHRs is
becoming more commonplace. More organizations
adopting EHRs will facilitate broader dissemination of
implementation best practices, with the hope of further
shortening the time required to take advantage of
advanced EHR features.

In the future, we can expect to see more EHRs housed
in the cloud, usable patient portals as we move toward
more patient-centered health care, better mobile

applications for the EHR, the expansion of
telemedicine applications for rural patients and those
with chronic illnesses, and precision medicine
advances supported by data analytics (Reisenwitz,
2016).

Summary
It is an important time for health care and technology.
EHRs have come to the forefront and will remain
central to shaping the future of health care. In an ideal
world, all nurses, from entry-level personnel to
executives, will have a basic competency in nursing
informatics that will enable them to participate fully in
shaping the future use of technology in the practice at
a national level and wherever care is delivered. Such
initiatives as Technology Informatics Guiding Education
Reform (TIGER) and the important nursing terminology
work are imperative for better integration and,
ultimately, more visibility of nursing contributions to
health care.

THOUGHT-PROVOKING QUESTIONS

1. What are the implications for nursing
education as the EHR becomes the
standard for caring for patients?

2. What are the ethical considerations
related to interoperability and a shared
EHR?

3. You are asked about a diagnosis with
which you are unfamiliar. Where would
you start looking for information? How
would you determine the validity of the
information?

4. Think about the documentation and
knowledge management functions of your
specialty. If you had the opportunity to
create a wish list, what would you include
in an EHR to support your work?

References
Adams, J., Ponte, P. & Somerville, J.

(2016). Assuring the capture of
standardized nursing data: a call to
action for chief nursing officers.
International Journal of Nursing
Knowledge, 27(3), 127–128.
doi:10.1111/2047-3095.12136.

American Nurses Association (ANA).
(2015). Inclusion of recognized
terminologies within ehrs and other
health information technology
solutions. Retrieved from
http://www.nursingworld.org/MainMenuCategories/Policy-
Advocacy/Positions-and-

Resolutions/ANAPositionStatements/Position-
Statements-
Alphabetically/Inclusion-of-
Recognized-Terminologies-within-
EHRs.html

American Organization of Nurse
Executives. (2009). AONE guiding
principles for defining the role of the
nurse executive in technology
acquisition and implementation.
Washington, DC: Author. Retrieved
from
http://www.aone.org/resources/technology-
acquisition-implementation.pdf

Bayliss, E. A., Ellis, J. L., Shoup, J. A.,
Chan, Z., McQuillan, D. B., & Steiner,
J. F. (2015). Effect of continuity of care
on hospital utilization for seniors with
multiple medical conditions in an
integrated health care system. Annals
of Family Medicine, 13(2), 123–129.
doi:10.1370/afm.1739

Brailer, D. J. (2005, January).
Interoperability: The key to the future

healthcare system. Health Affairs—
Web Exclusive, W 5–19–W 5–21.
Retrieved from
http://content.healthaffairs.org/cgi/reprint/hlthaff.w5.19v1

Bronnert, J., Masarie, C., Naeymi-Rad, F.,
Rose, E., & Aldin, G. (2012, July).
Problem-centered care delivery: How
interface terminology makes
standardized health information
possible. Journal of AHIMA, 83(7), 30–
35.

Bush, G. W. (2004). State of the Union
address. Retrieved from
http://content.healthaffairs.org/cgi/reprint/hlthaff.w5.19v1

Centers for Medicare and Medicaid
Services (CMS). (2015). Accountable
care organizations. Retrieved from
https://www.cms.gov/Medicare/Medicare-
Fee-for-Service-
Payment/ACO/index.html

Certification Commission for Healthcare
Information Technology. (2007).
Certification Commission announces

new work group members. Retrieved
from Retrieved from
http://www.healthimaging.com/topics/health-
it/cchit-announces-new-work-group-
members

Charles, D., Gabriel, M., & Searcy, T.
(2015). Adoption of electronic health
record systems among U.S. non-
federal acute care hospitals: 2008–
2014. HealthIT.gov. Retrieved from
http://www.healthit.gov/sites/default/files/data-
brief/2014HospitalAdoptionDataBrief.pdf

Chaudhry, B., Wang, J., Wu, S., Maglione,
M., Mojica, W., Roth, E., . . . Shekelle,
P. (2006).

Systematic review: Impact of health
information technology on quality,
efficiency, and costs of medical care.
Annals of Internal Medicine, 144(10),
E-12–E-22.

Chin, H. L. (2004). The reality of EMR
implementation: Lessons from the
field. Permanente Journal, 8(4), 43–48.

Dorr, D., Bonner, L. M., Cohen, A. N.,
Shoai, R. S., Perrin, R., Chaney, E., &
Young, A. (2007). Informatics systems
to promote improved care for chronic
illness: A literature review. Journal of
the American Medical Informatics
Association, 14(2), 156–163.

Embi, P. J., Jain, A., Clark, J., Bizjack, S.,
Hornung, R., & Harris, C. M. (2005).
Effect of a clinical trial alert system on
physician participation in trial
recruitment. Archives of Internal
Medicine, 165, 2272–2277.

Goddard, B. L. (2000). Termination of a
contract to implement an enterprise
electronic medical record system.
Journal of American Medical
Informatics Association, 7, 564–568.

Halamka, J. D. (2006, May). Health
information technology: Shall we wait
for the evidence? [Letter to the editor].
Annals of Internal Medicine, 144(10),
775–776.

Healthcare Information and Management
Systems Society (HIMSS). (2007).
Electronic health record. Retrieved
from
http://www.himss.org/ASP/topics_ehr.asp

Healthcare Information and Management
Systems Society (HIMSS). (2009).
HIMSS Davies Organizational Award
application: MultiCare. Retrieved from
http://www.himss.org/multicare-
davies-enterpriseorganizational-
award

Healthcare Information and Management
Systems Society (HIMSS). (2010a).
Davies Award. Retrieved from
http://www.himss.org/davies

Healthcare Information and Management
Systems Society (HIMSS). (2010b).
Recipient list. Retrieved from
http://www.himss.org/himss-
enterprise-davies-award-recipients

Healthcare Information and Management
Systems Society (HIMSS). (2013).
HIMSS 2013 iHIT Study: Executive
summary. Retrieved from
http://www.himss.org/library/clinical-
informatics/2013-ihitstudy-
executive-summary

Healthcare Information and Management
Systems Society (HIMSS) Analytics.
(2013). Electronic medical record
adoption model (EMRAM). Retrieved
from
http://www.himssanalytics.org/emram/index.aspx

Healthcare Information and Management
Systems Society (HIMSS) Analytics.
(2014). EMRAM stage criteria.
Retrieved from
http://www.himssanalytics.org/research/emram-
stage-criteria

Healthcare Information and Management
Systems Society (HIMSS) Analytics.
(2015). Validated Stage 6 & 7
Providers List. Retrieved from
http://www.himssanalytics.org/case-

study/validated-stage-6-7-providers-
list

Healthcare IT News. (2015). 7 tips for
EMR success from Stage 7 hospitals.
Retrieved from
http://www.healthcareitnews.com/news/7-
tips-emr-success-stage-7-hospitals

HealthIT.gov. (2012). Benefits of EHRs:
Why adopt EHRs? Retrieved from
http://www.healthit.gov/providers-
professionals/why-adopt-ehrs

HealthIT.gov. (2013). How to attain
meaningful use. Retrieved from
http://www.healthit.gov/providers-
professionals/how-attain-
meaningful-use

HealthIT.gov. (2014). What are the
advantages of electronic health
records? Retrieved from
http://www.healthit.gov/providers-
professionals/faqs/what-are-
advantages-electronic-health-
records

HealthIT.gov. (2015a). About the ONC
Health IT certification program.
Retrieved from
http://www.healthit.gov/policy-
researchers-
implementers/certification-bodies-
testing-laboratories

HealthIT.gov. (2015b). 2015 edition test
method. Retrieved from
http://www.healthit.gov/policy-
researchers-implementers/2015-
edition-draft-test-procedures

Health Level Seven International (HL7).
(n.d.) About HL7 International.
Retrieved from http://www.hl7.org

Health Resources and Services
Administration (HRSA). (n.d.) Common
EHR functions. Retrieved from
http://www.hrsa.gov/healthit/toolbox/healthitimplementation/implementationtopics/selectcertifiedehr/selectacertifiedehr_5.html

Holbrook, A., Keshavjee, K., Troyan, S.,
Pray, M., & Ford, P. T. (2003). Applying

methodology to electronic medical
record selection. International Journal
of Medical Informatics, 71, 43–50.

Husk, G., & Waxman, D. A. (2004). Using
data from hospital information systems
to improve emergency care. Academic
Emergency Medicine, 11(11), 1237–
1244.

Institute of Medicine (IOM). (2001).
Crossing the quality chasm: A new
health system for the 21st century.
Washington, DC: National Academies
Press.

Institute of Medicine (IOM). (2003). Key
capabilities of an electronic health
record system: Letter report.
Washington, DC: National Academies
Press.

Jain, A., Atreja, A., Harris, C. M.,
Lehmann, M., Burns, J., & Young, J.
(2005). Responding to the rofecoxib
withdrawal crisis: A new model for
notifying patients at risk and their

healthcare providers. Annals of
Internal Medicine, 142(3), 182–186.

Jansen, W., & Grance, T. (2011). National
Institute of Standards and Technology
(NIST): Guidelines on security and
privacy in public cloud computing.
Retrieved from
https://cloudsecurityalliance.org/wp-
content/uploads/2011/07/NIST-Draft-
SP-800-144_cloud-computing.pdf

Kelly, T. (2016). Electronic health records
for quality nursing & health care.
Lancaster, PA: DEStech Publications,
Inc.

Kim, T. Y., Hardiker, N., & Coenen, A.
(2014). Inter-terminology mapping of
nursing problems. Journal of
Biomedical Informatics, 49, 213–220.
doi:10.1016/j.jbi.2014.03.001

Konschak, C., & Shiple, D. (n.d.). System
selection: Aligning vision and
technology. Retrieved from
http://divurgent.com/wp-

content/uploads/2013/12/White-
Paper.Vendor-Selection.vfinal.pdf

Kutney-Lee, A., & Kelly, D. (2011). The
effect of hospital electronic health
record adoption on nurse-assessed
quality of care and patient safety.
Journal of Nursing Administration,
41(11), 466–472.
doi:10.1097/NNA.0b013e3182346e4b

Mastagni, E., Welter, T., & Holmes, M.
(2015). The use of technology in
healthcare reform: IT considerations
for accountable care. ECG
Management Consultants. Retrieved
from
http://www.ecgmc.com/thought-
leadership/articles/the-use-of-
technology-in-healthcare-reform-it-
considerations-for-accountable-care

Matney, S. A., Warren, J. J., Evans, J. L.,
Kim, T. Y., Coenen, A., & Auld, V. A.
(2012). Development of the nursing
problem list subset of SNOMED CT.
Journal of Biomedical Informatics,

45(4), 683–688.
doi:10.1016/j.jbi.2011.12.003

Minnesota Department of Health. (2007,
June). Minnesota Health Records Act
—HF 1078 fact sheet. Minneapolis,
MN: Author. Retrieved from
http://www.health.state.mn.us/e-
health/summit/summit2007/beyerkropuenske07.pdf

National Institute of Standards and
Technology (NIST). (2010). Meaningful
use test measures: Approved test
procedures. Retrieved from
http://healthcare.nist.gov/use_testing/finalized_requirements.html

National Institutes of Health. (2006, April).
Electronic health records overview.
McLean, VA: Mitre Corporation.

Poprock, B. (2005, September). Using
Epic’s alternative medications
reminder to reduce prescription costs
and encourage assistance programs
for indigent patients. Presented at the
Epic Systems Corporation user group
meeting, Madison, WI.

Reed, H. L., & Bernard, E. (2005).
Reductions in diabetic cardiovascular
risk by community primary care
providers. International Journal of
Circumpolar Health, 64(1), 26–37.

Reisenwitz, C. (2016, January). Top 5
EHR trends for 2016. Capterra Medical
Software Blog. Retrieved from
http://blog.capterra.com/top-5-ehr-
trends-for-2016-2/

Robert Wood Johnson Foundation
(RWJF). (2006). Health information
technology in the United States: The
information base for progress.
Retrieved from
http://www.rwjf.org/programareas/resources/product.jsp?
id=15895&pid=1142&gsa=1

Rosenbloom, S. T., Miller, R. A., Johnson,
K. B., Elkin, P. L., & Brown, S. H.
(2006). Interface terminologies:
Facilitating direct entry of clinical data
into electronic health record systems.
Journal of the American Medical

Informatics Association, 13(3), 277–
288.
http://doi.org/10.1197/jamia.M1957

Shekelle, P. G., Morton, S. C., & Keeler, E.
B. (2006). Costs and benefits of health
information technology. Evidence
report/technology assessment, No.
132 [Prepared by the Southern
California Evidence-based Practice
Center under Contract No. 290-02-
0003]. Agency for Healthcare
Research and Quality Publication No.
06-E006. Rockville, MD: Agency for
Healthcare Research and Quality.

Smith, T., Semerdjian, N., King, P.,
DeMartin, B., Levi, S., Reynolds, K.,…
Dowd, J. (2004). Nicholas E. Davies
Award of Excellence: Transforming
healthcare with a patient-centric
electronic health record system.
Evanston, IL: Evanston Northwestern
Healthcare. Retrieved from
http://www.himss.org/content/files/davies2004_evanston.pdf

Spooner, S. A., & Council on Clinical
Information Technology. (2007).
Special requirements of electronic
health record systems in pediatrics.
Pediatrics, 119, 631–637.

State of Minnesota, Office of the
Governor. (2007). New public–private
partnership to improve patient care,
safety and efficiency. Retrieved from
http://www.governor.state.mn.us/mediacenter/pressreleases/2007/PROD008303.html

Technology Informatics Guiding Education
Reform (TIGER). (2006). Evidence and
informatics transforming nursing.
Retrieved from
http://www.amia.org/sites/amia.org/files/Malin-
AMIA-Tiger-Team-Testimony.pdf

Thompson, D. I., Osheroff, J., Classen, D.,
& Sittig, D. F. (2007). A review of
methods to estimate the benefits of
electronic medical records in hospitals
and the need for a national database.
Journal of Healthcare Information
Management, 21(1), 62–68.

Turk, M. (2015). Electronic health records.
Brooklyn Law Review, 80(2), 565–597.

U.S. Department of Health and Human
Services (USDHHS). (2010). Medicare
and Medicaid programs: Electronic
health record incentive program.
Retrieved from
http://www.ofr.gov/OFRUpload/OFRData/2010-
17202_PI.pdf

U.S. National Library of Medicine. (2016).
Supporting Interoperability –
Terminology, subsets and other
resources from NLM. Retrieved from
https://www.nlm.nih.gov/hit_interoperability.html

CHAPTER 15: Informatics
Tools to Promote Patient
Safety and Quality
Outcomes

Dee McGonigle and Kathleen Mastrian

Objectives
1. Explore the characteristics of a safety

culture.
2. Examine strategies for developing a

safety culture.
3. Recognize how human factors contribute

to errors.
4. Appreciate the impact of informatics

technology on patient safety.

Key Terms

» Adverse events

» Agency for Healthcare Research and
Quality (AHRQ)

» Alarm fatigue

» Applications (apps)

» Bar-code medication administration
(BCMA)

» Clinical decision support (CDS)

» Computerized physician order entry
(CPOE)

» Electronic medication administration
system (eMAR)

» Failure modes and effects analysis
(FMEA)

» Government Accountability Office
(GAO)

» High-hazard drugs

» Human factors engineering

» Just culture

» Never events

» Radio frequency identifier (RFID)

» Root-cause analysis

» Safety culture

» Smart pump

» Smart rooms

» Systems engineering

» Wearable technology

» Workarounds

Introduction
Nursing professionals have an ethical duty to ensure
patient safety. According to Lavin et al. (2015), “Direct
care nurses, at their core, are risk managers. They
attach meaning to what is and anticipate ‘what might
be’” (para. 8). As the media and patients circulate
stories about the lack of safety in healthcare
institutions, it is no wonder that healthcare consumers
are skeptical and providers are wary. A study out of
Johns Hopkins University (Johns Hopkins Medicine,
2016) suggested that medical errors are the third-
leading cause of death in the United States. Versel
(2016) reminded us, however, that “it’s not the first time
someone has called medical error the No. 3 cause of
death in the U.S. John T. James, founder of a group
called Patient Safety America, did that in a 2013 report
in the Journal of Patient Safety.” (para. 2). Increasing
demands on professionals in complex and fast-paced

healthcare environments may lead them to cut corners
or develop workarounds that deviate from accepted
and expected practice protocols. These deviations are
not carried out deliberately to put patients at risk, but
rather are often practiced in the interest of saving time
or because the organizational culture is such that risky
behaviors are commonplace. Occasionally, these
inappropriate actions or omissions of appropriate
actions result in harm or significant risk of harm to
patients. Consider the following case scenario:

A 19-year-old obese woman who had
recently undergone C-section delivery of
a baby presented in the emergency
department (ED) with dyspnea. Believing
the patient had developed a pulmonary
embolism, the physician prescribed an IV
heparin bolus dose of 5,000 units
followed by a heparin infusion at 1,000
units/hour. After administering the bolus
dose, a nurse started the heparin infusion
but misprogrammed the pump to run at
1,000 mL/hour, not 1,000 units/hour (20
mL/hour). By the time the error was
discovered, the patient had received
more than 17,000 units (5,000 unit
loading dose and about 12,000 units from
the infusion) in less than an hour since
arrival in the ED. A smart pump with
dosing limits for heparin had been used.

Thus, the programming error should have
been recognized before the infusion was
started. However, the nurse had elected
to bypass the dose-checking technology
and had used the pump in its standard
mode. It was quite fortunate that the
patient did not experience adverse
bleeding as her aPTT values were as
prolonged as 240 seconds when initially
measured and 148 seconds two hours
later. (Institute for Safe Medication
Practices, 2007, para. 2)

The smart pump used in this scenario was equipped
with dose calculation software that compares the
programmed infusion rate to a drug database to check
for dosing within safe limits. This technology is
particularly important when high-alert or high-hazard
drugs are being administered. In this case, however,
the available dose-checking technology had been
turned off and the pump was operated in standard
mode. A subsequent analysis of the error event
revealed that many nurses in the institution were
bypassing the safety technology afforded by the smart
pump to save time. Even though it has been more than
a decade since this error occurred, we continue to see
alerts and safety checks being worked around, ignored,
or turned off. This chapter focuses on some of the
recommended organizational strategies used to

promote a culture of safety and some of the specific
informatics technologies designed to reduce errors and
promote patient safety.

What Is a Culture of Safety?
The 2000 Institute of Medicine report To Err Is Human
is widely credited for launching the current focus on
patient safety in health care. This report was followed
in 2001 by the Institute of Medicine’s Crossing the
Quality Chasm report, which brought to national
attention healthcare quality and safety. This national
attention resulted in a $50 million grant by Congress to
the Agency for Healthcare Research and Quality
(AHRQ) to launch initiatives focused on safety
research for patients. Other initiatives prompted by
these seminal reports were the Joint Commission’s
National Patient Safety Goals (2002); the National
Quality Forum’s adverse events and “never events”
list (2002); the creation of the Office of National
Coordinator for Health Information Technology (HIT) to
computerize health care (2004); the formation of the
World Health Organization’s Alliance for Patient Safety
(2004); the Institute for Healthcare Improvement’s (IHI)
100,000 Lives campaign (2005) and 5 Million Lives
campaign (2008); Congressional authorization of
patient safety organizations created by the Patient
Safety and Quality Improvement Act to promote
blameless error reporting and shared learning (2005);
the “no pay for errors” initiative launched by Medicare

(2008); and the $19 billion Congressional appropriation
to support electronic health records (EHRs) and patient
safety (Wachter, 2010). In 2013, the Patient Safety
Movement Foundation launched the Open Data
Pledge, and later announced three new patient safety
challenges in 2016 (Patient Safety Movement, 2016).
The most pressing challenges they identified—venous
thromboembolism, mental health, and pediatric
adverse drug events—reflect those where patient
death could be prevented with the proper protocols in
place during the provision of patient care (Patient
Safety Movement).

The AHRQ (2012) safety culture primer laid the
foundation for and suggested that organizations should
strive to achieve high reliability by being committed to
improving healthcare quality and preventing medical
errors and to demonstrate an overall commitment to
patient safety. That is, everyone and every level in an
organization must embrace the safety culture. Key
features of a safety culture identified by the AHRQ are
as follows:

Acknowledgment of the high-risk nature of an
organization’s activities and the determination to
achieve consistently safe operations
A blame-free environment where individuals are
able to report errors or near misses without fear of
reprimand or punishment
Encouragement of collaboration across ranks and

disciplines to seek solutions to patient safety
problems
Organizational commitment of resources to address
safety concerns (AHRQ, 2012, para. 1)

An important part of the safety culture is cultivating a
blame-free environment. Errors and near misses must
always be reported so that they can be thoroughly
analyzed. All organizations can learn from mistakes
and change their organizational processes or culture to
ensure patient safety. The Patient Safety and Quality
Improvement Act of 2005 mandated the creation of a
national database of medical errors and funded several
organizations to analyze these data with the goal of
developing shared learning to prevent medical errors.
Organizations themselves can engage in root-cause
analysis or failure modes and effects analysis
(FMEA) to examine medical errors closely and to
determine the system processes that need to be
changed to prevent similar future errors (Harrison &
Daly, 2009). A tool for implementing root-cause
analysis developed by the U.S. Department of
Veteran’s Affairs National Center for Patient Safety
(2015) had three goals: to determine “what happened,
why did it happen and how to prevent it from
happening again” (para. 4). Everyone is encouraged to
submit actual medical errors and/or patient safety
issues to the Patient Safety Network (PSNet, 2016a).
Similarly, the IHI has a website dedicated to FMEA.
“Failure Modes and Effects Analysis (FMEA) is a

systematic, proactive method for evaluating a process
to identify where and how it might fail, and to assess
the relative impact of different failures in order to
identify the parts of the process that are most in need
of change” (IHI, 2016b, para. 1). If one embraces a
blame-free environment to encourage error reporting,
then where does individual accountability fit in?
According to the AHRQ, one way to balance these
competing cultural values (blameless versus
accountability) is to establish a “just culture” where
system or process issues that lead to unsafe behaviors
and errors are addressed by changing practices or
workflow processes, and a clear message is
communicated that reckless behaviors are not
tolerated. The “just culture” approach accounts for
three types of behaviors leading to patient safety
compromises: (1) human error (unintentional
mistakes); (2) risky behaviors (workarounds); and (3)
reckless behavior (total disregard for established
policies and procedures).

Strategies for Developing a
Safety Culture
Strategies for achieving a safety culture have been
addressed frequently in the literature. The focus here is
limited to those strategies described by two key
organizations, the AHRQ and the IHI. The AHRQ
(2016), based on data from the Hospital Survey on

Patient Safety Culture, suggested that teamwork
training, executive walk-arounds, and unit-based safety
teams have improved safety culture perceptions but
have not led to a significant reduction in error rates.
The AHRQ recommended seven steps of action
planning: “1. Understand your survey results. 2.
Communicate and discuss survey results. 3. Develop
focused action plans. 4. Communicate action plans and
deliverables. 5. Implement action plans. 6. Track
progress and evaluate impact. 7. Share what works” (p.
61). Informatics can assist with the analysis, trending,
synthesis, and dissemination of the action plan results.

The IHI (2016a) stressed that organizational leaders
must drive the culture change by making a visible
commitment to safety and by enabling staff to share
safety information openly. Some of the strategies
suggested by the IHI include appointing a safety
champion for every unit, creating an adverse event
response team, and reenacting or simulating adverse
events to better understand the organizational or
procedural processes that failed. Barnet (2016)
reported that 49 companies had signed the open data
pledge with Patient Safety Movement. Radick (2016)
believed that senior leaders must be involved in order
to sustain patient safety improvements. Leadership
oversight and support is critical to ongoing sharing and,
most importantly, collaborative solution development to
provide safe care and achieve quality outcomes for all
patients.

A systems engineering approach to patient safety, in
which technology manufacturers partner with
organizations to identify risks to patient safety and
promote safe technology integration, has been
advocated by Ebben, Gieras, and Gosbee (2008).
They noted that human factors engineering is “[t]he
discipline of applying what is known about human
capabilities and limitations to the design of products,
processes, systems, and work environments,” and its
application to system design improves “ease of use,
system performance and reliability, and user
satisfaction, while reducing operational errors, operator
stress, training requirements, user fatigue, and product
liability” (p. 327). For example, Ebben et al. described
the feel of an oxygen control knob that rotated
smoothly between settings, suggesting to the user that
oxygen flows at all points on the knob, when in fact
oxygen flowed only at specifically designated liter flow
settings. Human factors engineering testing would
most likely reveal this design flaw, and the setting knob
could be improved to include discrete audio or tactile
feedback (click into place) to the user to indicate a
point on the dial where oxygen flows. Ebben et al. also
emphasized that testing human use factors provides
more objective safety data than the subjective
responses gained from user preference testing.
“Understanding how the equipment shapes human
performance is as important as evaluating reliability or
other technical criteria” (p. 329). Organizations that are

purchasing medical technology devices should avail
themselves of shared safety data on equipment
maintained by several key organizations, including the
Joint Commission, the Food and Drug Administration,
and the Medical Product Safety Network. Many
healthcare practitioners feel that we have not made
great strides in either sharing our data or accessing the
available data to enhance patient safety interests.
According to WISH Patient Safety Forum (2015), the
patient safety premises that harms are inevitable, data
silos are natural, and heroism is the norm “have
inadvertently provided excuses for not addressing
patient safety comprehensively” (p. 9). This forum also
stated that

[t]he belief that data silos are acceptable
in healthcare settings is an irresponsible
view regarding the role of data; it lacks an
understanding of the current operational
setting. Healthcare is a complex,
multidisciplinary environment that
requires collaboration and sharing of data
across an integrated stakeholder
community. (WISH Patient Safety Forum,
p. 9)

As HIT evolves, refinements in HIT continue to improve
patient safety. Banger and Graber (2015) stated that
the

ONC is involved in a number of initiatives
in support of this goal, including plans for
a new national Health IT Safety Center to
coordinate these efforts. Combined with
the active engagement from the private
sector, there is every reason to be
optimistic that health IT will continue to
improve the quality and safety of health
care beyond the accomplishments
realized to date. (p. 10)

According to the PSNet (2015), “busy health care
workers rely on equipment to carry out life-saving
interventions, with the underlying assumption that
technology will improve outcomes” (para. 2). PSNet
provided the following descriptions of equipment
issues:

An obstetric nurse connects a bag of pain
medication intended for an epidural
catheter to the mother’s intravenous (IV)
line, resulting in a fatal cardiac arrest.
Newborns in a neonatal intensive care
unit are given full-dose heparin instead of
low-dose flushes, leading to three deaths
from intracranial bleeding. An elderly man
experiences cardiac arrest while
hospitalized, but when the code blue
team arrives, they are unable to

administer a potentially life-saving shock
because the defibrillator pads and the
defibrillator itself cannot be physically
connected. (para. 1)

See also Figure 15-1.

Figure 15-1 User–Technology–Patient Safety Scheme

Once the technology is integrated into the organization,
biomedical engineers can become valuable partners in
promoting patient safety through appropriate use of
these technologies. For example, in one organization,
the biomedical engineers helped to revamp processes
associated with the new technology alarm systems
after they discovered several key issues: slow

response times to legitimate alarms and multiple false
alarms (promoting alarm fatigue) created by alarm
parameters that were too sensitive. Strategies for
addressing these issues included improving the nurse
call system by adding Voice over Internet Protocol
telephones that wirelessly receive alarms directly from
technology equipment carried by all nurses, thus
reducing response times to alarms; feeding alarm data
into a reporting database for further analysis; and
encouraging nurses to round with physicians to provide
input into alarm parameters that were too sensitive and
were generating multiple false alarms (Joint
Commission, 2013; Williams, 2009). Research Brief 1
describes three investigations spanning from 2009 to
2016: a study of intelligent agent (IA) technology to
improve the specificity of physiologic alarms, an
integrative review of alarms, and default alarm setting
changes coupled with in-service education. The Case
Scenario, Well-Intentioned Providers, demonstrates
how well-intentioned healthcare providers can cause
harm. An audit conducted at one of their customer sites
by Philips Healthcare (2013) revealed that a

Telemetry Charge Nurse was found to be
receiving and responding to an average
of 3.7 alarms per minute over the
duration of the audit. Even allowing for
minimal time to respond to each alarm, it
is clear that this situation was
problematic. A majority of that nurse’s

time was spent responding to alarms, and
inevitably some were missed. (para. 1)

The Joint Commission (2016) released the 2016
Hospital National Patient Safety Goals, and one
category, Use Alarms Safely, stated that hospitals must
“make improvements to ensure that alarms on medical
equipment are heard and responded to on time” (para.
4).

RESEARCH BRIEF 1

The investigators in one study used simple
reactive IA technology to develop and test
decision algorithms for improving the sensitivity
and specificity of physiologic alarms. The IA
technology was tested in a 14-bed
cardiothoracic unit over 28 days and was
implemented in parallel to the usual physiologic
patient monitor that provided measures such as
systolic blood pressure, mean arterial pressure,
central venous pressure, and cardiac index.
Alarm data generated by both systems were
compared and classified as to whether the alarm
represented a true medical event requiring
clinician intervention or a false-positive alarm. A
total of 293,049 alarms were generated by the
usual physiologic monitoring system, and 1,012
alarms were generated by the IA system after
raw physiologic data were filtered using rule-

based IA technology. The IA filtering system
shows promise for improving the specificity of
physiologic alarms and decreasing the number
of false-positive alarms generated by artifacts,
thus reducing the incidence of alert fatigue in
clinicians.

The full article appears in Blum, J., Kruger, G.,
Sanders, K., Gutierrez, J., & Rosenberg, A.
(2009). Specificity improvement for network
distributed physiologic alarms based on a simple
deterministic reactive intelligent agent in the
critical care environment. Journal of Clinical
Monitoring and Computing, 23(1), 21–30.

Another study conducted an integrative review
of monitor alarm fatigue. The study’s evidence-
based practice recommendations for technology
included incorporating short delays to increase
response rates, creating a set of standardized
alarms to enhance the staff’s ability to quickly
determine what the alarm is for, and animated
troubleshooting on monitoring equipment. The
author concluded that lack of response to
alarms has caused harm and death and stated
that, because a focus on patient outcomes is
needed, outcomes research must be performed.

The full article appears in Cvach, M. (2012).
Monitor alarm fatigue: An integrative review.

Biomedical Instrumentation & Technology, 46(4),
268–277. doi.org/10.2345/0899-8205-46.4.268

A pilot project was conducted to investigate if
“(1) a change in default alarm settings of the
cardiac monitors and (2) in-service nursing
education on cardiac monitor use in an ICU”
would decrease alarm rates and improve the
attitudes and practices of nurses in relation to
clinical alarms (para. 2). This quality
improvement project examined 39 nurses in a
20-bed transplant/cardiac ICU. Nurses received
an in-service on monitor use, an audit log of
alarms was collected, and the nurses’ attitudes
and clinical practices were assessed using a
pre- and postintervention survey. The authors
concluded that “changing default alarm settings
and standard in-service education on cardiac
monitor use are insufficient to improve alarm
systems safety” (para. 5).

The full article appears in Sowan, A. K., Gomez, T. M, Tarriela,

A. F., Reed, C. C., & Paper, B. M. (2016). Changes in default

alarm settings and standard in-service are insufficient to improve

alarm fatigue in an intensive care unit: A pilot project. JMIR

Human Factors, 3(1), e1.

CASE SCENARIO: WELL-INTENTIONED

PROVIDERS

Even well-intentioned healthcare providers can
cause harm. Consider what should have been
done differently in the case example below.

Laura, a 25-year-old woman,
arrived at the ER complaining of
chest pain. She has two young
children at home: a 6-year-old boy
and a 4-year-old girl. She stated
that she has been experiencing
severe fatigue and fluttering in her
chest for weeks but felt that she
needed rest and it was probably
nothing. Today, she had the
fluttering with chest pain, and even
her teeth and jaw hurt. This scared
her, so she decided to go to the
hospital. However, she had to wait
2 hours for her mother to arrive to
watch the children. Her husband is
on a business trip and will not be
returning for 4 days. The initial
ECG revealed normal sinus
rhythm and all lab values were
normal. The ER physician decided
to keep her for observation and
sent her to the telemetry unit.

Laura was moved to telemetry
and, as she stated, “wired for
sound.” The nurse described the

equipment and told her that in
addition to all of the monitoring
equipment, they would check her
vital signs every hour as well. The
nurse no sooner returned to the
nurse’s station when Laura’s
cardiac monitor alerted her that
Laura was experiencing severe
bradycardia (heart rate of less than
40 beats per minute). When the
nurse arrived at Laura’s bedside,
she found Laura sound asleep.
She woke her gently and told her
that her monitor was alarming and
that she was going to check her.
Laura stated that she felt tired and
was enjoying the peaceful sleep.
Laura’s vital signs were fine and
her heart rate was 72 beats per
minute. The nurse reset the
monitor, by which point Laura had
already fallen back to sleep. The
monitor alarmed the same way
three more times within the next
hour. Each time the nurse woke
Laura and everything was fine.
The nurse decided to contact the
resident. While she was waiting for
the resident, it alarmed twice
again, but she just reset it and let

Laura sleep. The resident came
and examined Laura. The resident
felt everything was OK and that
this young mother needed her rest.
The resident suggested that the
nurse stop the hourly vitals, call
and have the equipment examined
by the biomedical department, and
in the meantime to turn the alarm
off. The nurse agreed, turned off
the alarm, placed a call to the
biomedical technician on duty, and
left a message.

The nurse had another patient who
also had frequent alarms, but his
corresponded to actual medical
events. As a result, the nurse was
spending a great deal of time with
this elderly gentleman and his
wife. Each time she walked by
Laura’s bed, the nurse noted that
Laura was sleeping. She realized
that it had been 2 hours since she
turned off the alarm and called the
biomedical technician, so she
decided to check on Laura;
however, her other patient’s alarm
went off and, since Laura was
sleeping, the nurse went to the

other pateint’s bedside. At 4 hours
after the alarm had been turned
off, the biomedical technician
arrived and apologized because
there was a call-off in their
department and they were running
shorthanded. The nurse explained
what had happened and the
biomedical technician went to
check Laura’s monitoring
equipment. The biomedical
technician called for the nurse as
the patient was unresponsive. The
nurse could not wake Laura, and
the monitor was showing asystole.
A code was initiated and Laura
was pronounced dead 5 hours
after she arrived on the telemetry
unit.

This situation was assessed by the
patient safety officer and the
patient safety committee.

Because the monitor was
integrated and all functions ran
through the same controller, the
nurse did not realize she was
turning off all of the monitors
(pulse oximetry, blood pressure,
etc.). This was found to be an

issue with the equipment itself
because the alarm settings are too
close together and not clearly
labeled; however, the nurse should
never have turned the alarms off.
With the hourly checks cancelled
and all of the monitoring
equipment silenced, Laura was not
being monitored at all. Well-
intentioned providers were
allowing this young mother to
sleep, but with fatal
consequences.

It is evident from Research Brief 1 and the Case
Scenario that we have yet to find a solution to the
problem of alarm fatigue and related issues that
negatively impact patient safety.

Clearly, there is more work to be done to create safety
cultures in complex healthcare organizations and to
reduce the incidence of errors. Many organizations are
looking to informatics technology to help manage these
complex safety issues by using smart technologies that
provide knowledge access to users, provide automated
safety checks, and improve communication processes.
Harrison (2016) stated that “as nurse leaders in a
clinical setting where smart tools are leveraged to

increase the quality and safety of patient care, we have
certain responsibilities to ensure safe implementation,
training, and monitoring” (p. 21). To best utilize the
available technology, nurse leaders and administrators
must be able to use data. More and more graduate
programs for nursing administrators are realizing the
need for these emerging nursing leaders to be skilled
in nursing informatics. These leaders must be able to
use data, information, and knowledge efficiently and
effectively to assess and manage their clinical settings
and ultimately apply these informatics skills to improve
patient outcomes and the quality of patient care
(Figure 15-2).

We need to know how to access data and information.

Next, we judiciously select and retrieve the data and information

necessary to provide safe, high quality nursing care.

We must be able to search through the available data and information.

Figure 15-2 Data and Quality Connection: There are
many ways to obtain data and information.

On a much higher level, the Government
Accountability Office (GAO) selected and assessed
six hospitals, from which it identified three challenges
in implementing patient safety practices. The number
one challenge was “obtaining data to identify adverse
reactions in their own hospitals” (GAO, 2016, para. 2).
Nursing informatics skills and knowledge can address
this challenge.

The GAO interviewed patient safety experts and the
related literature to identify three key gaps where better
information could help guide hospital officials in their
continued efforts to implement patient safety practices.
These gaps involve a lack of “(1) information about the
effect of contextual factors on implementation of patient
safety practices, (2) sufficiently detailed information on
the experience of hospitals that have previously used
specific patient safety implementation strategies, and
(3) valid and accurate measurement of how frequently
certain adverse events occur” (p. 22). Once again,
implementing solid nursing informatics practices, skills,
and knowledge can close these gaps.

Informatics Technologies for
Patient Safety
Healthcare technologies are frequently designed to
improve patient safety, streamline work processes, and

improve the quality and outcomes of healthcare
delivery. However, technology is not always the answer
to patient safety; as the Joint Commission (2008)
cautioned, “the overall safety and effectiveness of
technology in health care ultimately depends on its
human users, and . . . any form of technology can have
a negative impact on the quality and safety of care if it
is designed or implemented improperly or is<