Current Status , Challenges and Needs for Pilgrim Health Record Management Sharing Network , the Case of Malaysia

Background: Providing healthcare services to travelers has become very difficult especially when there is an urgent need to access their health records. During the pilgrim season, in Makkah, Madinah and Jeddah, the hospitals are having great difficulties in providing healthcare services to all the pilgrims. This paper discusses the current situation of pilgrim health record management in Malaysia and probe challenges and needs for implementing electronic medical records sharing framework


Introduction
A health record is a collection of clinical information shows the patients' situation.Health record contains the important information of the patient like blood pressure, type of blood, medical history, surgical procedures, laboratory results, etc.Many systems are used to manage health records.Some of them are software like mobile apps another are hardware implementing.Health record can be monitored by the patient himself or by an authorized person.
The terms electronic medical record (EMR), electronic health record (EHR) and personal health record (PHR)are used interchangeably but arguably they mean very different things.There are also a great variety of other terms used to describe electronicrecords, butEMR, EHR andPHRare more-orless accepted as the three real terms [1].For convenience, we will use the term EHR to refer broadly to systems that collect and store patients' medical information in digital form.
The challenges of implementing a global electronic health record are varied and touch on areas such as interoperability, standards, and more [2,3].
The Healthcare Information and Management Systems Society looked at a battery of EHR components within each country, including security, quality, financing sources and barriers to adoption and identified four common threads that affect EHR implementation around the globe: 1. Funding 2. Governance 3. Standardization and interoperability 4. Communication A major barrier to global EHR adoption from the top government level down to the private sector has been cost.Most healthcare organizations struggle with the high cost of hardware, software and communications systems.In addition to cost, fear of technology and change will continue to hamper EHR adoption at the clinical user level.Over time, continued education and growing familiarity with healthcare IT will reduce these fears [4].In some countries, a national approach to EHR adoption has been from the top-down, an approach that works best in a system where there is a single payer such as the federal government [5].In countries where the federal government takes a more passive role in healthcare IT, grass roots promotion from multiple stakeholders will be necessary.In either case, providing incentives to healthcare organizations and providers will be of paramount importance in their adoption of EHR systems [6] Although Malaysia enjoys a comparatively high standard of health, [7], it is facing dilemma of chronic diseases that affect adult population [8].However, there are only three large hospitals in Malaysiathat are capable of supporting a health information exchange (HIE) system: General Hospital, Subang Jaya Medical Centre, and Penang Adventist Hospital.
There is a government-funded health plan called the OpenMenu Plus (OPM) Initiative which is designed to provide an entry-level set of HIT services and functions.OMP will implement a secure infrastructure that will enable the private medical sector -hospitals, clinics and laboratories -to interact with their patients, clients and partners.This OPM will support both rural and city medical practices, and clinicians will be able to access the system through PCs, mobile devices, smart cards or smart phones.
This research is set to investigate the manner of how pilgrim health records are managed at TabungHaji Malaysia.It also explores issues pertaining to archiving, accessing, updating and sharing them.In this research a specific approaches will be introduced for collaboration with the global health system, to improve the healthcare service provided to Malaysian pilgrims.
PubMed, the world's largest biomedical research database managed by the National Library of Medicine (NLM), was queried for electronic patient record, electronic health record and electronic medical record.The main issues in managing a patient health record include health information and data, order entry/management, electroniccommuni-cation and connectivity, and reporting and population health management.Many studies are done in this field.For example, in India they studied the role of the National Archivesas the designated nodal agency to oversee the implementation of record management practices of the Central Government of India [9].One key issue identified and discussed was the vulnerability of electronic documents to loss by decay of the medium in which information is stored, becoming inaccessible and unreadable especially when the software needed to interpret them or the hardware on which the software runs becomes obsolete.This has necessitated copying of the digital information onto new medium.Although copying is a viable solution, it is likely to corrupt documents due to compression, encryption or ever changing data formats.
EHRs contain sensitive patient information which can have an impact on the patient's health and even their life.EHRs involve different health information management activities for different purposes and information security is important for all these functionalities.There are continuing discussions and developments in the area of consent mechanisms to ensure information security of patients [10].The requirements of consent for use of health information should not impede medical research and disease surveillance.Consequently, there needs to be a mechanism to address this efficiently to maintain patient privacy and fulfill the requirements of research and the epidemiology.Multiple broadcast encryption schemes incorporated into EHRs could be one of the solutions to this problem [11].However, this scheme is based on the unique identification of users of EHRs (patients, healthcare providers, medical researchers and so on) and this will need to be addressed first.Different authorization mechanisms incorporating cryptographic techniques could possibly enhance the information security of EHRs.Information security of EHRs should be studied extensively to en-sure patient safety through providing secure EHRs to healthcare providers, consumers, primary and secondary users of EHRs.Breach of information security can stem from breach of confidentiality by authorized users, and abuse of their access privileges.Therefore, ethical and legal responsibilities of users should also be considered for the information security of EHRs.
This study focuses on the technological aspect of information security in EHRs and does not cover the legislations, standards and policies for enhancing information security of EHRs.Consent plays an important role in maintaining patients' privacy.Informed consent implies that a patient is fully informed of the implications of their medical status, and gives voluntary agreement to divulge or permit access to or the collection of their health information [12].Many organizations with access to health information have not obtained the individual's consent for disclosing personal information.Effective notification and truly informed consent requires that individuals know and understand the contents of the record.It is unethical to use implied consent when the patient is not fully aware of information disclosure.Health data should not be processed in the absence of explicit consent unless they are needed for medical purposes or undertaken by a professional who in the circumstances owes a duty of confidentiality.The information that is shared as a result of a clinical relationship is considered confidential and must be protected [4].The information can take various forms (including identification data, diagnoses, treatment and progress notes, and laboratory results) and can be stored in multiple media (e.g., paper, video, electronic files).Information from which the identity of the patient cannot be ascertained -for example, the number of patients with prostate cancer in a given hospital-is not in this category.
The key to preserving confidentiality is making sure that only authorized individuals have access to information.The process of controlling access -li-miting who can see what-begins with authorizing users.In a physician practice, for example, the practice administrator identifies the users, determines what level of information is needed, and assigns usernames and passwords.Basic standards for passwords include requiring that they be changed at set intervals, setting a minimum number of characters, and prohibiting the reuse of passwords.
Many organizations and physician practices take a two-tier approach to authentication, adding a biometrics identifier scan, such as palm, finger, retina, or face recognition.Controlling access to health information is essential but not sufficient for protecting confidentiality; additional security measures such as extensive training and strong privacy and security policies and procedures are essential to securing patient information.

Methods
The main technique or instrument used for primary data collection was the structured interview survey.The questionnaire was designed to obtain a good response and to reflect the objectives of the study.Questions were framed in a relatively simple manner and were in both open and closed form to facilitate data collection.
The questionnaires were given out to a sample of 25 TabungHaji experts and staff, some of whom had first-hand experience of performing the Haj or Umrah themselves.The structured interview with TabungHajipersonnel was conducted with the objective of gaining in-depth understanding of the current practice of pilgrim health record management by TabungHaji in Malaysia.
This study adopts an exploratory mixed methods research approach in collecting data, analyzing the materials and findings, and arriving at a more complete understanding of the existing practices, models and frameworks for collaborative electronic patient record management.The exploratory approach is deemed suitable as the researcher is new to the field [13].Specifically, the research relies heavily on reviews of related areas and expert opinions gathered through focus group and interview.
Figure 1 shows the flowchart of the research process.The research started by determining the initial research aims and objectives, providing a justification for the research and the main questions that the research would aim to answer.After determining the research aims and objectives, an extensive literature review was conducted with a focus on EPR models and frameworks [14,15].This helped to develop the research framework and to gain an understanding and awareness of current research in the area.This was followed by data collection from fieldwork.This concentrated on improvements and enhancements to existing EPR models and frameworks.Based on the outcomes of the collected data analysis, an enhanced EPR framework was proposed for further evaluation leading to a validation.In order to validate the framework, a second survey was carried out.Figure 3 shows the conceptual framework which is shows the problem statement and also to identify the research variables, and clarify relationships among the variables.
In this research the data and information are collected from Malaysian TabungHaji personnel to identify current practices in TabungHaji and explore the level of understanding about HER access and sharing in order to bring about appropriate enhancements and improvements in a proposed framework.The researcher used a triangulation of focus group, survey questionnaire and interview (Figure 4) with a specific purpose to cross-validate data.
From the all participants there a focus group who are highly related to the work.The setting of focus group in this research the main three ingredients were identified: I. Purpose of study: To probe into the EPR Practice by TH.

II. Information of participants:
The members of focus group are TH executives and management directly involved with the handling of pilgrims.III.Budget: The budget and time constrains permits limited three sessions of two hours for each one In this study, the focus group was used as a preliminarily step before starting with the survey questionnaire and interview.It helps the researcher in choosing and determining the right questions to be asked in collecting data on the internal perspectives and external factors affecting EHR as practiced by TabungHaji. Figure 5 shows the focus group process.

Participants
The focus group involved twentyparticipants.Eight were from TabungHaji and twelve from the Makkah, Madinah and Jeddah hospitals.The eight participants fromTabungHajiwere with different roles and responsibilities (management, operations, research and development, programming, administration).The average number of years' experience working is 12 years.Their experience with the current health-related systemrangedbetween two to four years.The purpose and complexity of the study, and the number of questions were taken

Content
The participants from TabungHaji asked different questions depending on their specialties.This is to enable the researcher to address the right perspectives and factors affecting the TabungHajisystem.
Participants were asked engagement questions to make them comfortable with the topic of discussion, exploration questions to get to the main topic of discussion, and exit questions to see if anything was missed in the discussion.For the main topic of discussion, the group was asked 10 open-ended questions which were unambiguously worded.
On the other hand, participants from KSA hospitals asked 12 open-ended questions.The main objectives of the interview were to establish the current practice and process of the EHR system in the KSA hospitals with special regard to issues, challenges and enablers.Therefore, the questions were framed to elicit responses about network security, privacy and confidentiality policy, data sharing and collaboration methods.
The researcher used three types of focus group questions: IV. Engagement questions whereby participants were introduced to the topic of discussion.V. Exploration question to get to the crux of the discussion.VI.Exit questions to check to see if anything was missed in the discussion.The method used for analyzing the focus group data was thematic analysis, which involved six steps: data familiarity, code generation, theme searching, theme reviewing, theme naming, and report production [16].In order for all participant comments to be understandable and useful, they must be boiled down to essential information using a systematic and verifiable process.
The researcher began by transcribing all focus group tapes and inserting notes into transcribed material where appropriate.After that, transcripts were cleaned up by stripping off non-essential words.Each participant comment/quote was simultaneously assigned a separate line on the page as well as each new thought or idea therein.Each line was labelled with the participant and group number.When all comments had been entered, common categories or themes across the entries for each question were identified.Once the categories for organizing the data has been decided, a number or letter was assigned to each category.Then the number/letter of the category that best fits was assigned to each entry on the sheet, followed by using the Excel 'Sort' function to group entries by the categories assigned to them.Entries which seemed inconsistent for their category were re-categorized or a new category added.Finally, categories were arranged from those with the largest number of entries to those with the smallest.(Table 1)

Survey Questionnaire
A survey questionnaire was developed.This survey questionnaire is used in the data collection involving 25 personnel of TabungHaji.One of the major outcomes of the focus group discussion is to identify areas that need to be explored further by using the structured questionnaire.
In this research, three models were combined to produce the research model: Delone and McLean IS Success Model [17], Balanced Scorecard [18] and PEST [19].From this point, the survey question- naire was developed by using different resources.
(Figure 6) The survey questionnaire was divided into three parts: current practice, requirements and demographic information.The survey questionnaire development has many phases and contained a number of drafts until the final version was presented.Data analysis includes examining, categorizing, tabulating or otherwise re-combining the collected data [20].
After completion of data collection using data collection tools, the analysis of these data was done.The purpose of data analysis is to identify the current situation of EHR in TabungHaji, the willingness of management and administrative staff of TabungHaji to adopt EHR and the challenges faced during the implementation of EHR in TabungHaji from data collected.
In this study, the researcher uses case description as a means of the analysis of data that is the use of a descriptive method to review the data.(Table 2)

Interview
To start analysis of the interview, a verbatim transcription was carried out, followed by thematic analysis to get all the key points and facts from the interview (qualitative method).The analysis consists of identifying, coding, and categorizing patterns or themes found in the data.
Upon collecting the qualitative data derived from the said interviews, the data was evaluated to prepare a summary of the main challenges to accessing and sharing the patients' records as perceived by the participants.(Table 3)

Findings
For the survey questionnaire, there was a 76% (19 respondents) response rate from the [25] questionnaires distributed.Among the findings, it is observable that the whole sample confirmed that Hajj authority has a designated person in KSA to help pilgrims' healthcare provision, and around three quarters affirmed that there is no partnership in regards to healthcare needs.For the interview with KSA personnel, we could observe that most of the respondents' answers were focused on two main outcomes: these are the need for independence and the lack of resources to manage the pilgrims' healthcare requirements.It is well known that the KSA hosts officially between 2-3 million pilgrims yearly.It is estimated that the unofficial number of people carrying out the Hajj is double of that.No matter how big the resources of any country, it will be very difficult to provide a total healthcare for pilgrims.The diversity of background, diet, and climate from which the pilgrims come from would increase the health issues and complaints, making it very difficult for the authorities to manage such a big number of people.
The findings above are not surprising as TH with its limited resources is trying to provide the optimum setting and facilities for its members to have a safe pilgrimage ritual.Many countries do not have unlimited resources to provide their citizens with a full spectrum of services [IbrahIm, 2013].Other experience has been witnessed from other parts of the world in relation to minimum healthcare assistance especially for religious travelers.The findings show that TabungHaji has its system of managing the health of the pilgrims which include documentation of basic health information.The process starts only when the potential pilgrim registers for Hajj, whereupon the pilgrim has to undergo a set of investigations and vaccination that is needed for Hajj purpose.This information pertaining to the process will be stored electronically and will be communicated with designated personnel in KSA; the person is Malaysian, employed by Malaysian authorities and is responsible to coordinate and liaise with KSA health facilities to ensure optimum health care.However, there is no access to previous health records of any pilgrim prior to Hajj.The flow is captured in the following framework of Figure 7.
TabungHajiscreening process adhered by a strict healthcare framework which it follows in order to meet the requirements by the pilgrimage authorities of the Kingdom of Saudi Arabia.Through this process, the pilgrim's health status can be ascertained, filtered and recorded.In terms of archiving and updating the health records, it was learned that these records are used for that particular seasonofHajj and will be discarded after the season finishes.
Response from the relevant staff at TabungHaji revealed that there is a need for a sharing framework and it is perceived to improve healthcare for pilgrims and maintain better tracking.However, the main challenges facing implementation of such a framework is the collaboration with the Ministry of Health and private health facilities to share the health records, as not all records are stored electronically with many of the health facilities still depending on paper and hard-copy documentation.Among the important challenges is the privacy and required permission from the pilgrim to access his/ her records.Availability of the staff, method of archiving and technologies were not perceived to be problems to implementing the expected framework.

Discussion
In the year 2000, the Malaysian Government embarked on the EHR system as part of the Total Hospital Information System (THIS) concept launched through the Multimedia Super Corridor (MSC).The THIS concept was anticipated to provide fully integrated functions in a hospital ranging from the clinical, lab and imaging, to administration such as human resource and finance.To date, THIS has been adopted in only a few government hospitals around the country such as Selayang Hospital, Putrajaya Hospital, Pandan Hospital and Serdang Hospital.EHR in Malaysia is still emerging and the future will largely dependon the adoption rate, regulatory standards, government support and future trends affecting domestic healthcare systems.The adoption and implementation rate will be accelerated by learning from more developed nations and potentially utilizing innovative approaches such as cloudbased solutions.
However, not much is known in terms of how the hospitals experience the benefits and the challenges of such implementation, and the impact to the quality of healthcare service to patients.As such, any framework for TabungHaji to share its health records with the Ministry of Health, government hospitals, and private health facilitiescan only be developed in tandem with the maturing of EHR practices in Malaysia.On this note, TabungHaji must prepare itself to introduce changes to its processes.It must make proactive steps to understand factors and challenges in implementing a successful HRM beyond its present practice in improving the quality of health services to Malaysian Pilgrims.Specifically, TabungHaji will need to look into the aspects of: Funding, Governance, Standardization and Interoperability, and Communication.

Conclusion
This paper is presented to study the pilgrim health record management system in place at TabungHaji.It can be seen that current processes are as yet inadequate and there is still a significant gap in integrating the data, in the archiving, accessing, updating and sharing processes, to expect a complete and proper implementation at this juncture.In conclusion, there is a further need to explore and investigate the use of EPRM to bring about efficiency and improvement in the healthcare service provided to Malaysian pilgrims.

Figure 2
further shows the strategy that drives the data collection.The data collection is partly crucial in the development of a case study which contributes to the construction of the framework.

Figure 4 :
Figure 4: Construction of the Case Study.

Table 1 .
Summary of Focus Group.

Table 3 .
Summary of Interview.