Laboratory of Pathology - Staff

GEN. 42750 - Yes
Phase I

Computer Facility Maintenance
Is the computer facility and equipment clean, well-maintained and adequately ventilated with appropriate environmental control?

GEN. 42800 - Yes
Phase II

LIS Fire Equipment
Fire-fighting equipment (extinguishers) is appropriate for electrical components available?

Acceptable fire-fighting equipment/extinguishers in areas with information technology equipment may include:

1. Automatic sprinkler systems that are valved separately from other systems

2. Gaseous clean agent extinguishers systems

3. Listed portable fire extinguishers of carbon dioxide or halogenated agent type

4. Listed extinguishers with a minimum rating of 2-A for ordinary combustible material (paper and/or plastics)

5. Gaseous agent inside units or total flooding systems when there is critical need, e.g. to protect data in process, reduce equipment damage and to facilitate a return to service

Dry chemical extinguishers are not recommended because of the corrosive damage they cause. In the instance where no other extinguisher is available and there is imminent danger to personnel or property however, a dry extinguisher may be used.

GEN. 42900 - Yes
Phase II

LIS Power
The computer system is adequately protected against electrical power interruptions and surges?

GEN. 43022 - Yes
Phase II

Validation Checklist are found in LIS Admin Office File Cabinet

LIS Testing
There are records that programs are adequately tested for proper functioning when first installed and after any modifications, and that the laboratory director or designee has approved the use of all new programs and modifications.

GEN. 43033 - Yes -Revised 07/28/2015
Phase I

Custom LIS
Customized software, and modifications to that software, are appropriately documented and records allow for tracking to identify persons that have added or modified that software.

LIS Policy and Procedure Approval
The laboratory director or designee reviews and approves all new LIS policies and procedures, as well as substantial changes to existing documents before implementation.

GEN. 43055 - Yes Revised 7/28/2015
Phase II

Completed and Signed Competancy Forms are located in the LIS Admin Office

Computer System Training
There are records for training of all users of the computer system initially, after system modification, and after installation of a new system.

GEN. 43066 - Yes
Phase II

Computer Malfunction Notification
There is a written procedure with instructions for contacting a responsible person (e.g. Computer System Manager) in case of computer malfunction..

GEN. 43150 - Yes
Phase II

Access Patient Data
There are explicit written policies that specify who may use the computer system to enter or access patient data, change results, change billing or alter programs.

GEN. 43200 - Yes
Phase II

Computer Access Codes
Computer access codes (security codes, user codes) are in place to confine individuals' access to those functions they are authorized to use, and the security of access codes is maintained (e.g. inactivated when employees leave, not posted on terminals).

GEN. 43262 - Yes
Phase I

Unauthorized Software Installation
There are written policies and procedures that govern installation of software on any computer used by the laboratory.

GEN. 43325 - Yes - REV 7/28/2015
Phase II

The NIH as a whole and the NCI both have firewalls in place and security personnel that monitor our network.

Public Network Security
If the facility uses a public network, such as the Internet as a data exchange medium, there are network security measures in place to ensure confidentiality of patient data.

Information sent over a public domain such as the Internet or stored in "the cloud," is considered in the public domain. Thus it is potentially accessible to all parties on that network. Systems must be in place to protect network traffic, such as "fire walls" and data encryption schemes.

Evidence of Compliance:

Written policy defining mechanism for data protection

GEN. 43450 - N/A
Phase II

Calculated Patient Data Verification
Calculated values reported with patient results are reviewed every two years or when a system change is made that may affect the calculations.

This checklist requirement applies only to calculations based on formulas modifiable by the user.

Errors can be inadvertently introduced into established computer programs. Calculations involving reportable patient results must be rechecked and documented to ensure accuracy. This requirement applies to laboratory information systems, middleware, and analyzers. More frequent checks may be required for certain specific calculations, as delineated elsewhere in the checklists (for example, INR).

When calculations are performed by an LIS shared by multiple laboratories, this review only needs to be done at one location and each individual laboratory must have a copy of the review documentation. However, any calculations specific to an individual laboratory's methodology must be reviewed by that laboratory and the documentation of that review must be available.

Evidence of Compliance:

Records of validation of calculated test results

GEN. 43750 - Yes
Phase II

Specimen Quality Comment
The system provides for comments on specimen quality that might compromise the accuracy of analytic results (e.g. hemolyzed, lipemic).

Evidence of Compliance:

Patient reports

Our Pathology System has several mechanisms in place for our staff to input specimen quality information that flags our cases. The resulting system is text driven so this can also be added to the report.

GEN. 43800 - Yes
Phase II

The Softpath System has two ways of storing patient and case access. See GEN 43044

Data Input ID
There is an adequate system to identify all individuals who have entered and/or modified patient data or control files.

When individual tests from a single test order (e.g., multiple tests with same accession number) are performed by separate individuals and the test result is entered into the LIS, the system must provide an audit trail to document each person involved. For example, a single accession number having orders for electrolytes and a lipid panel may have testing done by two or more individuals. The laboratory should be able to identify the responsible personnel who performed each test and posted the data. This includes sequential corrections made to a single test result. If autoverification is used, then the audit trail should reflect that the result was verified automatically at a given time. With point-of-care testing, if the individual performing the test is different than the individual entering test data into the LIS, both should be uniquely identified by the system and retrievable by audit trail.

GEN. 43825 - N/A
Phase II

Result Verification
Manual and automated result entries are verified before final acceptance and reporting by the computer?

GEN. 43837 - Yes
Phase II

Downtime Result Reporting
There are documented procedures to ensure reporting of patient results in a prompt and useful fashion during partial or complete downtime and recovery of the system?

In Anatomic Pathology, results that need to cross the interface during a downtime situation are held until the system is restored. Once this happens, all the held results will then begin to interface.

GEN. 43900 - Yes
Phase II

Archived Test Result
A complete copy of archived patient test results can be retrieved, including original reference ranges and interpretive comments, including any flags or footnotes that were present in the original report, and the date of the original report.

Stored patient result data and archival information must be easily and readily retrievable within a time frame consistent with patient care needs.

All of our results are available on demand from @1957. We have not archived data as of yet.

GEN. 43920 - N/A
Phase I

Multiple Analyzer ID
When multiple identical analyzers are used, they are uniquely identified such that a test result may be appropriately traced back to the instrument performing the test.

Best practice is to store these data in the LIS.

GEN. 43946 - Yes
Phase II

Data Preservation/Destructive Event
There are written procedures for the preservation of data and equipment in case of an unexpected destructive event (e.g. fire, flood), software failure and/or hardware failure, and these procedures allow for the timely restoration of service, including data integrity check.

Procedures must

1) be adequate to address scheduled and unscheduled interruptions of power or function;

2) be tested periodically for effectiveness; and

3) include systems to backup programs and data.

These procedures can include, but are not limited to,

1) steps to limit the extent of the destructive event,

2) periodic backing up and storing of information,

3) off-site storage of backup data, and

4) restoring information from backed up media. The procedures should specifically address the recoverability of patient information. Changes to hardware and software commonly require review and reevaluation of these written procedures. These procedures must specifically address the physical environment and equipment and are often addressed by the organization's disaster plan.

GEN. 46000 - N/A
Phase I

Reference Range/Units Transmission
As applicable, reference ranges and units of measure for every test are transmitted with the patient result across the interface.

GEN. 48500 - Yes
Phase II

Interface Result Integrity
There is a procedure to verify that patient results are accurately transmitted from the point of data entry (interfaced instruments and manual input) to patient reports (whether paper or electronic).

Verification must be performed prior to implementation of an interface (i.e. pre go-live), and every 2 years thereafter. This includes evaluation of data transmitted from the LIS to other computer systems and their output devices. Reference ranges and comments, as well as actual patient results, must be evaluated.

Verification of accurate data transmission from the LIS to other systems must be performed by reviewing data in the first downstream (or interfaced) system in which the ordering clinician may be expected to routinely access patient data. This requirement can be met by printing screen shots or by other methods that document that a verification procedure has been performed. If the LIS has separate interfaces to multiple receiving systems in which patient data can be accessed by clinicians, then reports from each receiving system must be validated. However, where multiple sites use the same recipient system (e.g. the same installed instance of an electronic medical record system), validation need only occur for the interface (i.e. at one of the sites) and not for each individual site that is served by that single installed system.

At implementation of a new interface, validation of at least 2 examples of reports from each of the following disciplines, where applicable, satisfies the intent of this checklist requirement. Subsequently, at least 2 examples of reports from at least 4 of these disciplines should be validated every 2 years. Not all of these report types will be applicable to every laboratory:

Surgical pathology reports
Cytopathology reports (preferably gynecologic and non-gynecologic)
Clinical laboratory textual reports (e.g. molecular, protein electrophoresis, coagulation panel interpretation)
Quantitative results (e.g. chemistry, hematology, or coagulation)
Quantitative or categorical results (e.g. serology)
Microbiology reports (e.g. culture and antimicrobial sensitivity)
Blood bank reports (e.g. type and screen)
Interface validation should include examples of individual results, test packages or batteries, abnormal flags, and results with comments/footnotes. Initial interface validation should include verification that corrected results for clinical laboratory and anatomic pathology results are handled accurately in the receiving system.
Evidence of Compliance:
Records of verification

GEN. 48750 - Yes
Phase II
See Gen 43837

LIS Interface Shutdown/Recovery
There are procedures for changes in laboratory functions necessary during partial or complete shutdown and recovery of systems that interface with the laboratory information system.