A patient information system in mental health care is a necessary tool which maintains data of patients who suffer from mental health problems and the treatments they receive. World Health Organization claims that a mental health information system is “a system for action” (Mental Health Information Systems). Thus, mental health care information systems should not only exists for collecting information but empower well-informed decision-making in diverse aspects of the mental health system. According to the case, the Mentcare system has two major goals. First of all, it is expected to generate management information. Also, it has to provide the staff of mental care facilities with data necessary for patient treatment and care. The Mentcare system has such features as individual care management, patient monitoring, and administrative reporting. Still, it involves some system requirements specific to users and the system itself.
The patient information system in mental health care has both patient and system requirements. Patient requirements include security, privacy, user’s interface, and usability. Security means that the system should be safe from outside interventions and stable to information loss. Also, access to data should be granted only to authorized individuals through unique logins and passwords. Privacy is closely related to the system’s security and implies that patient private data are not available to the third parties. User’s interface is expected to be comfortable and comprehensible so that every person could understand what to do and which data to put. Finally, usability means that the system is easy to implement for any user, has a well-developed design, does not need much printing, and can be used by patients without much outside assistance.
System requirements include security, flexibility, accessibility, and maintenance costs. Security implies the use of hardware and software able to provide safe functioning of the system without data loss. Flexibility of the system presupposes that it can be adjusted to needs of every facility and consider peculiarities of patients because mental illnesses and their treatments are diverse and individual. Accessibility of the patient information system in mental health care means that the system should be developed in a way that provides access to its functions from any device used by authorized individuals. Finally, maintenance costs are an important requirement because not all mental care facilities are funded enough to apply an expensive system.
In addition to patient and system requirements, functional and non-functional ones should be considered. Functional requirements for the system include authorization levels, system interfaces, reporting options, and notifications (See Figure 1). Different authorization levels are necessary to provide access to data for patients, caregivers, physicians, and facility administration. Patients and caregivers should have access only to their personal records, physicians need information about their patients, and administration of a facility can have access to any data necessary for work. System interfaces should also be different depending on the authorization level to provide comfortable and logic access to information. Reporting options are useful for extracting statistical or factual information for diverse needs including research and reports to regulatory authorities. Finally, presence of notifications contributes to functionality of the system informing the facility staff about peculiarities of patients, which is important in conditions of mental care because of risks of self-harm or harm to others from some patients. Also, notifications are useful for patients to remind them about the appointment or prescribed medicine.
Non-functional requirements for the patient information system in mental health care are reliability, security, data integrity, and usability. Reliability implies continuous functioning of the system and its stability in conditions of data overload. Security is a critical requirement because it provides personal data safety. Data integrity presupposes that all patient information and treatment histories are stored in a patient’s record and can be integrated with records from any facility where the patient is examined or treated. After all, usability is a necessary requirement because it combines interfaces and functionality of software making the system easy to use for patients, physicians, or other authorized individuals.
Security control assessment is crucial for system utilization because it allows evaluating the possible risks and preventing their incidence prior to system implementation within a mental care facility. There are three types of risks that have to be assessed to check the security of a system such as preliminary, design, and operational risk assessment (See Figure 2). Preliminary risk assessment is the most general evaluation of system risks aimed at identification of drawbacks and vulnerabilities to avoid them after system implementation. Design risk assessment implies analysis of such aspects as technology selection, architectural design, and design assets. Finally, operational risk assessment concentrates on the unexpected situations that can arise during the launch of the system and its application by users.
On the whole, the patient information system in mental health care is a useful tool that empowers the process of care. The major concerns related to the system are security, personal data safety, privacy, operational costs, and system usability. To provide flawless functioning of the system, the security assessment that evaluates the existing risks should be provided at the stage of development.