Data Lifecycle Management
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> Hello again and welcome to
00:00
the HCISPP Certification course
00:00
with Cybrary Data Lifecycle Management.
00:00
My name is Schlaine Hutchins
00:00
and I will be your instructor for today.
00:00
In this module, we're going to talk
00:00
about data lifecycle management,
00:00
health information management,
00:00
and records management lifecycle.
00:00
Data lifecycle management is
00:00
a policy-based approach to managing the flow
00:00
of data through a system from
00:00
creation to storage to the end of life.
00:00
The terms data lifecycle management and
00:00
information lifecycle management
00:00
are sometimes used interchangeably.
00:00
However, a distinction can be made.
00:00
DLM products deal with general attributes of files,
00:00
such as their type, size and age.
00:00
Information lifecycle management products or ILMs,
00:00
have more complex capabilities
00:00
such as searching various types
00:00
of stored files for
00:00
instances of a specific piece of data,
00:00
like a patient medical record number.
00:00
Hierarchical storage management is
00:00
just one type of data lifecycle management product.
00:00
DLM products automate the process
00:00
involved in managing data by organizing data
00:00
into separate tiers according to specified policies
00:00
and automating the movement of
00:00
data from one tier to another.
00:00
As a rule, newer data and data that must be
00:00
accessed more frequently is stored on faster,
00:00
more expensive storage media,
00:00
while less critical data is
00:00
stored on cheaper, slower media.
00:00
Why this information is important to
00:00
you as an HCISPP professional,
00:00
is because in order to secure the data,
00:00
you must understand how it's being
00:00
stored and how it's being accessed.
00:00
In order to apply specific rules and
00:00
regulations for privacy, again,
00:00
you must understand the storage that's being used,
00:00
how the data is accessed,
00:00
and who is authorized to access this data.
00:00
Let's continue. By using the HSM,
00:00
an administrator can establish guidelines for how often
00:00
different kinds of files are to be
00:00
copied to a backup storage device.
00:00
Once the guidelines are set up,
00:00
the software manages everything automatically.
00:00
One example of HSM is RAID
00:00
or redundant array of independent disk systems.
00:00
Others are optical storage or tape.
00:00
Each type is a different level of cost and
00:00
speed of retrieval when access is needed.
00:00
Typically, HSM applications migrate data
00:00
based on the length of time
00:00
elapsed since it was last accessed.
00:00
Health information management professionals manage
00:00
health records whether paper-based, hybrid or electronic.
00:00
An increasing number of HIM professionals are expanding
00:00
their role to manage all types of clinical content,
00:00
including picture archiving and communication
00:00
systems or PACS, images, voice,
00:00
text and speech files,
00:00
email and software versions,
00:00
regardless of whether it's
00:00
officially part of the health record.
00:00
The role of HIM professionals
00:00
>> are expanding into more of
00:00
>> an enterprise content and records management role
00:00
that includes management of
00:00
financial and administrative data.
00:00
Enterprise content management or ECRM,
00:00
includes the technologies, tools,
00:00
and methods used to capture, manage,
00:00
store, preserve,
00:00
and deliver content across the enterprise.
00:00
While you may see these roles in
00:00
more government type entities,
00:00
you won't find them as often in the private sector.
00:00
Records management lifecycle is
00:00
the foundation of ECRM principles.
00:00
The following stages of a records lifecycle
00:00
explore the elements of records management lifecycle,
00:00
address common components of records management,
00:00
and expand on the description of each phase.
00:00
Record creation, capture, or
00:00
receipt is the phase that includes creating,
00:00
editing, and reviewing work in process,
00:00
as well as capture of content, for example,
00:00
through document imaging technology
00:00
or receipt of content,
00:00
for example, through a health information exchange.
00:00
Every organization must establish business rules for
00:00
determining when content or documents become records.
00:00
For example, a clinical document must be
00:00
authenticated or signed in order
00:00
to be considered a record,
00:00
or a diagnostic result will be designated
00:00
preliminary and not considered
00:00
a record until it's designated as final.
00:00
Other examples of content that may not be
00:00
considered records are initial drafts of documents,
00:00
working documents, and informal communications.
00:00
The records maintenance and use phase
00:00
includes rules and protocols for searching,
00:00
indexing, routing, and distributing.
00:00
Records classification creates categories
00:00
or groups of records necessary for access,
00:00
search retrieval, retention,
00:00
and disposal of records.
00:00
While not a unique point in the lifecycle,
00:00
it supports the other processes or phases.
00:00
Metadata is generated at various points in
00:00
the records management lifecycle
00:00
providing underlying data to describe the document,
00:00
specify access controls and rights,
00:00
provide retention and disposition instructions,
00:00
and maintain the record history and audit trail.
00:00
The record audit and data control phase
00:00
includes edit checks at the data level,
00:00
identification of classes,
00:00
and checking records for completeness.
00:00
Preservation is synonymous with storage.
00:00
Issues associated with preservation include,
00:00
outdated technology in media,
00:00
media degradation, conversion over time,
00:00
and conversion of standards over time.
00:00
Planning for preservation and
00:00
retention should also include strategies to identify
00:00
and prevent modification or destruction of records
00:00
that are needed for legal purposes or a legal hold.
00:00
Record disposal encompasses the destruction process
00:00
for data and records,
00:00
including various media types and document destruction.
00:00
Again, this is important when it comes to discussing,
00:00
which we will in a later module,
00:00
the destruction of records or the return of
00:00
records that are shared with
00:00
business associates and third parties.
00:00
Without having these processes in
00:00
place for how information is stored, managed,
00:00
and maintained, its difficult to
00:00
understand the controls should there be a data breach.
00:00
These things are important to understand,
00:00
where the data was stored,
00:00
how long it was supposed to be retained,
00:00
whether or not it's used for
00:00
minimum use or whether or not it needs to be destroyed.
00:00
In summary, today, we've
00:00
reviewed data lifecycle management,
00:00
the role of health information management professionals,
00:00
and records management lifecycle.
00:00
Thanks for joining me and I'll see you in the next video.
Up Next
