The Science of Implementing Enterprise Software

The Challenges of Healthcare Enterprise Software

Amidst an abundance of hospital, health system, and large private practice software options, information technology (IT) professionals must grapple with and evaluate the most appropriate clinical tools for their enterprise. Software has had a significant impact on health systems and the overall delivery of care. It touches a multitude of enterprise variables, such as workflow, quality/compliance, clinical decision-making, security, patient privacy, and costs.1

“You have to understand what the software is trying to accomplish," says Rob Eisemon, Director of Imaging Informatics at Loyola University Medical Center. Eisemon explains that implementing clinical software can potentially add more expense due to higher complexity in overall system architecture, inefficiencies created by incomplete data elements in upstream or downstream systems, and additional resources needed to get (and keep) multiple systems to integrate tightly enough to meet the unsaid expectations of clinicians.

"It is important to evaluate how the software may affect the electronic medical record (EMR), or even if the EMR can perform all or most of the functions provided by the external software,” says Eisemon.  It’s also critical to check the health system’s existing infrastructure to determine if there isn’t a similar system already in use. Eisemon cautions against clinicians “getting sold” on software that promises a quick and easy solution to a narrowly defined problem.  Those solutions usually need to be implemented in a complicated hospital environment that may have a number of interfaces and users, which can add to potential problems and expenditures. “You can’t just plug in new software and connect it to your EMR," he emphasizes.

Implementation is a Multistep Process

Assemble and Engage a Team

A first and essential step is assembling and engaging a multidisciplinary implementation team that ideally includes IT, C-suite executives, and practicing clinicians to ensure that the software properly supports safe, effective, and efficient clinical processes and works to complement existing workflows.1The team must also recognize that the enterprise implementation is a clinical one, not a technical one, and most of the effort should focus on preparing the clinical culture for a successful implementation.2

Ensure Patient Privacy and Security

Any software system that handles protected health information (PHI) must meet patient protection requirements, including the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH), in order to protect patient privacy.3 However, data security goes well beyond compliance and system interoperability. Meeting HIPPA and HITECH regulations does mean that the EMR data will be defended against data leaks and breaches.3 A strong security system should be in place that includes encryption algorithms and firewalls to safeguard the secure transmission of information over the internet.3

Before going live, any enterprise that allows patients to access their records via a web interface should thoroughly check their network systems and web servers for vulnerabilities. If image exchanges are part of the software system, Digital Imaging and Communications in Medicine (DICOM) standards, or other procedures for medical imaging information, should be part of the workflow and planning process.4 As part of the team approach, the implementation process must also communicate that exchanging information is challenging and everyone must be prepared to make it work.2 

Determine Who Has Access to Data

In order mitigate the chance of a data breech, it’s also critical to determine which members of the hospital workforce will have access to the data, as well as affiliated clinical and payer organizations. Therefore, implementation may also include the development of a process to allow, monitor, and terminate this type of access.5

Check Antivirus Software and Exclusions

Although a lack of validated antivirus protection can lead to system problems, antivirus software installed on enterprise EMR servers may impact server performance, so part of the implementation process should include both checking for validated antivirus protection, as well as configuring the software for exclusions if necessary. 3 

Provide Training

Training is essential to ensure that all users understand how to operate the technology securely and that end users are able to provide input to help drive improvements in systems, processes, and training resources.1

A Multifaceted Process

Implementing the appropriate enterprise software can help manage complex processes and enhance patient safety while supporting clinician and staff satisfaction. To make it all work, however, requires extensive evaluation, planning, and communication beyond one single team or system.1,2



  1. Implementing Health IT,, The Office of the National Coordinator for Health Information Technology, 2019. November 11, 2019.  
  2. Seven Challenges and Seven Solutions for Large-Scale EHR Implementations, NEJM Catalyst, October 2018. November 12, 2019.
  3. Security Techniques for the Electronic Health Records, Journal of Medical Systems, August 2017. November 9, 2019.
  4. Considerations for Exchanging and Sharing Medical Images for Improved Collaboration and Patient Care: HIMSS-SIIM Collaborative White Paper, Journal of Digital Imaging, October 2016. November 12, 2019.
  5. Critical Steps for Managing Third-Party Access to Your EHR, Xtelligent Healthcare Media, July 2017, Accessed November 12, 2019


                           Access related articles, videos, webinars at PRECISELY, by GE Healthcare and Roche.