Difference between revisions of "User:Shawndouglas/sandbox/sublevel3"

From LIMSWiki
Jump to navigationJump to search
 
(143 intermediate revisions by 2 users not shown)
Line 1: Line 1:


Computers in the laboratory are not a recent phenomena. The mid-1960s saw clinical laboratory computerization become increasingly popular<ref name="KriegClinical74">{{cite book |chapter=Chapter 30: Clinical Laboratory Computerization |title=Clinical Diagnosis by Laboratory Methods |author=Krieg, A.F. |editor=Davidsohn, I.; Henry, J.B. |publisher=W.B. Saunders Company |pages=1340–58 |year=1974 |isbn=0721629229}}</ref><ref name="FlynnComputer65">{{cite book |chapter=Computer-assisted processing of bio-chemical test data |title=Progress in Medical Computing |author=Flynn, F.V. |editor=Atkins, H.J.B. |publisher=Blackwell Science Ltd |page=46 |year=1965 |isbn=0632001801}}</ref><ref name="WilliamsTheUse64">{{cite journal |title=The Use of Data Processing and Automation in Clinical Pathology |journal=Military Medicine |author=Williams, G.Z. |volume=129 |issue=6 |pages=502–9 |year=1964 |doi=10.1093/milmed/129.6.502}}</ref><ref name="HicksRoutine66">{{cite journal |title=Routine Use of a Small Digital Computer in the Clinical Laboratory |journal=JAMA |author=Hicks, G.P.; Gieschen, M.M.; Slack, W.V. et al. |volume=196 |issue=11 |pages=973–78 |year=1966 |doi=10.1001/jama.1966.03100240107021}}</ref><ref name="StraumfjordElectronic67">{{cite journal |title=Electronic Data Processing System for Clinical Laboratories: A System Used for All Laboratory Sections |journal=American Journal of Clinical Pathology |author=Straumfjord, J.V.; Spraberry, M.N.; Biggs, H.G.; Noto, T.A. |volume=47 |issue=5_ts |pages=661–76 |year=1967 |doi=10.1093/ajcp/47.5_ts.661}}</ref>, though that enthusiasm was often based on the potential of the computers rather than their actual capabilities.<ref name="KriegClinical74" /> Researchers imagined potentials such as automatic specimen label generation, daily log and report management, instrument interfacing and data processing, results comparisons, and time management tools. It would take some time for some of those potentials to be realized.<ref name="KriegClinical74" />
==The laws themselves==


In 1970, Temple University Medical School's Marion Ball, M.A., an assistant professor in the Department of Medical Physics, conducted a survey of pathology directors in clinical laboratories that use computers. Asking their opinions about the advantages and disadvantages of computerized systems in the lab, she received responses from directors in 15 U.S. states, as well as from three other countries. Responses included<ref name="BallASurvey70">{{cite journal |title=A Survey of Field Experience in Clinical Laboratory Computerization |journal=Laboratory Medicine |author=Ball, M.J. |volume=1 |issue=11 |pages=25–27, 49–51 |year=1970 |doi=10.1093/labmed/1.11.25}}</ref>:
===1. Federal Telecommunications Act of 1996, Section 255 ([https://www.law.cornell.edu/uscode/text/47/255 47 U.S.C. § 255 - Access by persons with disabilities])===


<blockquote>''The ability to rapidly prepare cumulative records and then to inspect them for possible errors through analysis trends has been proven to be of tremendous advantage in a number of laboratories. We can prevent errors in our analytical systems, but we are not prepared to prevent errors in the collecting of the sample, the mislabeling of the sample, or the accidental use of an incorrect sample. Thus, the ability to inspect data trends presents the only real tool that we currently have to pick out these kinds of errors.'' - Max E. Chilcote, Ph.D, Meyer Memorial Hospital Division</blockquote>
<blockquote>'''(b) Manufacturing'''
A manufacturer of telecommunications equipment or customer premises equipment shall ensure that the equipment is designed, developed, and fabricated to be accessible to and usable by individuals with disabilities, if readily achievable.


<blockquote>''There is little argument about whether an operating computer system can be an advantage in a laboratory, but the most critical time is the installation and transition from a "manual" to a "computer" oriented laboratory.'' - Robert L. Habig, Duke University Medical Center</blockquote>
'''(c) Telecommunications services'''


<blockquote>''The most pressing future need for computerization of the laboratory lies in the area of medical diagnosis and guidance of the therapeutic management. This is where the physician's role for the future in the laboratory lies ... We will be gathering vast amounts of information on the health status of many individuals. We can then take advantage of large data processing computers to analyze this information and come up with patterns of disease states.'' - Leonard Jarett, M.D., Barnes Hospital</blockquote>
A provider of telecommunications service shall ensure that the service is accessible to and usable by individuals with disabilities, if readily achievable.


Reading about these potentials and opinions today, some 50 years later, we see both clear similarities and definite advances. For example, Habig's statement about transitioning from manual to more automated processes still rings true today: it can be nerve wracking and critical to get the transition right. Conversely, while the systems of decades past weren't able to "prevent errors in the collecting of the sample, the mislabeling of the sample, or the accidental use of an incorrect sample," modern laboratory informatics systems provide more assurances to sample management in the lab. In many cases, activities such as label generation, reporting, results analysis, workflow control, test ordering, and broad interoperability are commonplace in modern systems.<ref name="JonesInformatics14">{{cite journal |title=Informatics and the Clinical Laboratory |journal=The Clinical Biochemist Reviews |author=Jones, R.G.; Johnson, O.A.; Batstone, G. |volume=35 |issue=3 |pages=177–92 |year=2014 |pmc=25336763 |pmid=PMC4204239}}</ref> And those systems continue to advance, with machine learning now becoming a part of laboratory data management and analysis.<ref name="BurtonNHS18">{{cite web |url=https://towardsdatascience.com/nhs-laboratories-need-data-science-c93f7983302c |title=NHS Laboratories Need Data Science |author=Burton, R. |work=Towards Data Science |date=19 July 2018 |accessdate=28 January 2020}}</ref><ref name="CuffAugment18">{{cite web |url=https://www.nextplatform.com/2018/06/19/augmenting-pathology-labs-with-big-data-and-machine-learning/ |title=Augmenting Pathology Labs with Big Data and Machine Learning |author=Cuff, J. |work=The Next Platform |date=18 June 2018 |accessdate=28 January 2020}}</ref>
'''(d) Compatibility'''
Whenever the requirements of subsections (b) and (c) are not readily achievable, such a manufacturer or provider shall ensure that the equipment or service is compatible with existing peripheral devices or specialized customer premises equipment commonly used by individuals with disabilities to achieve access, if readily achievable.</blockquote>


We've come a long way since the 1960s, to a point where the question is no longer "can a computerized system help my lab?" but rather "how do I choose and implement an informatics system to help my lab?" What follows is information to help you with that question, while considering the technology, features, security, cost, implementation, and vendor guarantees that come with such a system.
The term '''disability''' is [https://www.law.cornell.edu/uscode/text/42/12102 defined here]. You can read the full entry, but the basics are:


==2.1 Evaluation and selection==
<blockquote>'''(1) Disability''' The term “disability” means, with respect to an individual—
:'''(A)''' a physical or mental impairment that substantially limits one or more major life activities of such individual;


:'''(B)''' a record of such an impairment; or


===2.1.1 Technology considerations===
:'''(C)''' being regarded as having such an impairment (as described in paragraph (3)).</blockquote>
Your laboratory's workflow, instruments, data management requirements, budget, technological expertise, business goals, and risk tolerances will all play a role in deciding what technology to invest in.  


===2.1.2 Features and functions===
The term '''readily achievable''' is [https://www.law.cornell.edu/uscode/text/42/12181 defined here]. It is defines as:
====Base features====
A LIMS or LIS can have an extravagant list of features, or it may have minimal functionality. Software developers with competent and experienced personnel usually do well with a collection of the required base features, plus any industry-specific features a laboratory may need. But not all developers get it right.


What follows is a list of system functionality that is considered by a variety of experts to be vital to almost any medical diagnostic or research laboratory.<ref name="APHLLab19">{{cite web |url=https://www.aphl.org/aboutAPHL/publications/Documents/GH-2019May-LIS-Guidebook-web.pdf |format=PDF |title=Laboratory Information Systems Project Management: A Guidebook for International Implementations |author=Association of Public Health Laboratories |publisher=APHL |date=May 2019 |accessdate=30 January 2020}}</ref><ref name="KyobeSelecting17">{{cite journal |title=Selecting a Laboratory Information Management System for Biorepositories in Low- and Middle-Income Countries: The H3Africa Experience and Lessons Learned |journal=Biopreservation and Biobanking |author=Kyobe, S.; Musinguzi, H.; Lwanga, N. et al. |volume=15 |issue=2 |pages=111–15 |year=2017 |doi=10.1089/bio.2017.0006 |pmc=PMC5397240}}</ref><ref name="">{{cite journal |title=Efficient sample tracking with OpenLabFramework |journal=Scientific Reports |author=List, M.; Schmidt, S.; Trojnar, J. et al. |volume=4 |pages=4278 |year=2014 |doi=10.1038/srep04278 |pmid=24589879 |pmc=PMC3940979}}</ref><ref name="APILISTool13">{{cite web |url=https://www.pathologyinformatics.org/lis_toolkit.php |title=LIS Functionality Assessment Toolkit |author=Splitz, A.R.; Balis, U.J.; Friedman, B.A. et al. |publisher=Association for Pathology Informatics |date=20 September 2013 |accessdate=30 January 2020}}</ref> Without this functionality, end users may at best grumble about additional workloads or more complicated procedures, and at worse be setting themselves up for major liability issues by not complying with regulations. Arguably, a few items such as mobile device support, voice recognition, and multilingual support may be negotiable, but if the system you are evaluating doesn't contain most of the below bullet-pointed functionality, you may want to look elsewhere.
<blockquote>'''(9) Readily achievable''' The term “readily achievable” means easily accomplishable and able to be carried out without much difficulty or expense. In determining whether an action is readily achievable, factors to be considered include—
'''Test, experiment, and patient management'''


* specimen log-in and management, with support for unique IDs
:'''(A)''' the nature and cost of the action needed under this chapter;
* batching support
:'''(B)''' the overall financial resources of the facility or facilities involved in the action; the number of persons employed at such facility; the effect on expenses and resources, or the impact otherwise of such action upon the operation of the facility;
* barcode and RFID support
:'''(C)''' the overall financial resources of the covered entity; the overall size of the business of a covered entity with respect to the number of its employees; the number, type, and location of its facilities; and
* specimen tracking
:'''(D)''' the type of operation or operations of the covered entity, including the composition, structure, and functions of the workforce of such entity; the geographic separateness, administrative or fiscal relationship of the facility or facilities in question to the covered entity.</blockquote>
* clinical decision support, including test ordering tools and duplicate test checks
* custom test management
* event and instrument scheduling
* templates, forms, and data fields that are configurable
* analytical tools, including data visualization, trend analysis, and data mining features
* data import and export
* robust query tools
* document and image management
* project and experiment management
* workflow management
* patient management
* case management
* physician and supplier management


'''Quality, security, and compliance'''
===2. Rehabilitation Act of 1973, Section 508, amended ([https://www.law.cornell.edu/uscode/text/29/794d 29 U.S.C. 794d] - Electronic and information technology)===


* quality assurance / quality control mechanisms, including tracking of nonconformance
There's a government website dedicated to Section 508: [https://www.section508.gov/ https://www.section508.gov/] The related laws and polices can be [https://www.section508.gov/manage/laws-and-policies/ found here]. The intro states (italics emphasis mine):
* data normalization and validation
* results review and approval
* version control
* user qualification, performance, and training management
* audit trails and chain of custody support
* configurable and granular role-based security
* configurable system access and use (log-in requirements, account usage rules, account locking, etc.)
* electronic signature support
* configurable alarms and alerts
* data encryption and secure communication protocols
* data archiving and retention support
* configurable data backups
* environmental monitoring and control


'''Operations management and reporting'''
<blockquote>In 1998, Congress amended the Rehabilitation Act of 1973 to require Federal agencies to make their electronic and information technology (EIT) accessible to people with disabilities. The law (29 U.S.C § 794 (d)) ''applies to all Federal agencies when they develop, procure, maintain, or use electronic and information technology''. Under Section 508, agencies must give ''disabled employees and members of the public'' access to information comparable to the access available to others.


* customizable rich-text reporting, with multiple supported output formats
The [https://www.access-board.gov/ U.S. Access Board] is responsible for developing Information and Communication Technology (ICT) accessibility ''standards'' to ''incorporate into regulations that govern Federal procurement practices.'' On January 18, 2017, the Access Board issued a final rule that updated accessibility requirements covered by Section 508, and refreshed guidelines for telecommunications equipment subject to Section 255 of the Communications Act. The final rule went into effect on January 18, 2018.
* synoptic reporting
* industry-compliant labeling
* email integration
* internal messaging system
* revenue management
* instrument interfacing and data management
* instrument calibration and maintenance tracking
* inventory and reagent management
* third-party software and database interfacing
* mobile device support
* voice recognition capability
* results portal for external parties
* integrated (or online) system help
* configurable language


In the following subsections, the subcategories of labs we looked at in the prior chapter are reviewed, specifically for functionality critical to their specialty. This functionality is supported by four to five citations from vendors and other academic sources.
The rule updated and reorganized the Section 508 Standards and Section 255 Guidelines ''in response to market trends and innovations in technology.'' The refresh also harmonized these requirements with other guidelines and standards both in the U.S. and abroad, including standards issued by the European Commission, ''and with the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines (WCAG 2.0), a globally recognized voluntary consensus standard for web content and ICT.''</blockquote>


====Specialty-specific functionality====
In discussing ICT, the U.S. Access Board [https://www.access-board.gov/ict/#b-summary-of-key-provisions summarized the key provisions] as such:


'''Anatomical and clinical pathology lab'''<ref name="LabWareAnatomic20">{{cite web |url=https://www.labware.com/en/p/Industries/Healthcare/Hospitals-and-Reference-Labs/Anatomic-Pathology |title=Anatomic Pathology |publisher=LabWare, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="SunquestCoPath20">{{cite web |url=https://www.sunquestinfo.com/software-and-services/copathplus/ |title=Sunquest CoPathPlus |publisher=Sunquest Information Systems, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="NovoPathHome20">{{cite web |url=https://www.novopath.com/ |title=NovoPath: Software Advancing Patient Diagnostics |publisher=NovoPath, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="TDMS_TDHistoCyto20">{{cite web |url=https://www.technidata-web.com/en-gb/solutions/disciplines/histopathology |title=TD HistoCyto Livextens |publisher=Technidata SAS |date=2020 |accessdate=30 January 2020}}</ref>:
<blockquote>The Revised 508 Standards and 255 Guidelines replace the current product-based regulatory approach with an approach based on ICT functions. The revised technical requirements, which are organized along the lines of ICT functionality, provide requirements to ensure that covered hardware, software, electronic content, and support documentation and services are accessible to people with disabilities. In addition, the revised requirements include functional performance criteria, which are outcome-based provisions that apply in two limited instances: when the technical requirements do not address one or more features of ICT or when evaluation of an alternative design or technology is needed under equivalent facilitation.</blockquote>


* configure the system using templates for histology and cytology case types
The full (lengthy) information about the ICT Accessibility 508 Standards and 255 Guidelines is found here: [https://www.access-board.gov/ict/ https://www.access-board.gov/ict/]
* add, view, and link pre-generated organ maps and other diagrams
* add, view, and link custom annotated pathology imaging
* track abnormal results and provide trending reports for monitoring disease populations
* support blocks and slides as specimens, with predefined descriptions
* document grossing examinations
* print slides and cassettes
* provide case management, reporting, and test requisition
* provide specialty workflow for autopsy
* provide specialty workflow for gynecological cytology, including HPV + Pap co-testing for cervical cancer
* provide stain panels and histology worksheets
* support shared management of tissue samples among departments
* support EHR integration
* support PCR workflow and reporting
* support for pathology-specific reflex testing
* provide option to combine same-day anatomical and clinical pathology results and reporting
* flag unusual cases for conference or committee reporting


The specific software requirements that LabLynx will likely need to consider under Section 508 appear to be found in [https://www.access-board.gov/ict/#chapter-5-software Chapter 5: Software] and [https://www.access-board.gov/ict/#chapter-6-support-documentation-and-services Chapter 6: Support Documentation and Services]. (If for some reason LLX is in the hardware domain, they'll want to also consider[https://www.access-board.gov/ict/#chapter-4-hardware Chapter 4: Hardware] If you're curious about the underlying standards, you can find them in [https://www.access-board.gov/ict/#chapter-7-%C2%A0-referenced-standards Chapter 7: Referenced Standards].


'''Forensic pathology lab'''<ref name="AbbotStarlimsForensic20">{{cite web |url=https://www.informatics.abbott/us/en/industries/forensics |title=Starlims Forensic LIMS |publisher=Abbot |date=2020 |accessdate=30 January 2020}}</ref><ref name="LabLynxForensics20">{{cite web |url=https://www.lablynx.com/forensics/ |title=Forensics & Medical Examiner |publisher=LabLynx, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="ThermoFisherLIMSForens20">{{cite web |url=https://www.thermofisher.com/order/catalog/product/INF-12000-FORENSIC#/INF-12000-FORENSIC |title=LIMS Solution for Forensics |publisher=Thermo Fisher Scientific |date=2020 |accessdate=30 January 2020}}</ref><ref name="PorterLeeLab20">{{cite web |url=http://www.porterlee.com/lims.html |title=Laboratory Information Management System |publisher=Porter Lee Corporation |date=2020 |accessdate=30 January 2020}}</ref>:
Finally, the Section 508 government website has a full Design & Develop section that may be applicable to development process: [https://www.section508.gov/develop/ https://www.section508.gov/develop/]


* support pre-logging of evidence
==Additional information==
* allow full documentation of a crime scene
* track storage, movement, and disposal of evidence and property using an ASTM-compliant log
* manage chain-of-custody transfers of evidence and samples
* provide quarantine protocol for samples and evidence
* provide forensic case management, including case status and court testimony
* manage agency interactions and information
* add, view, and link forensic imaging into case files
* manage field scheduling for fingerprinting, homicide casing, and lab work
* provide custom reporting for toxicology and controlled substance analyses
* provide support for DNA profile management
* provide support for convicted offender and other database integration
* support the use of personal identity verification and other forms of hardware-based (i.e., public key infrastructure or PKI) token authentication


1. The Section 508 website and its glossary mention LIMS under "[https://www.section508.gov/art/glossary/#S scientific instrument]," though only secondarily. At the end: "If a scientific instrument is integrated with a computer or a monitor, the computer (and associated operating system) and the monitor would be separate EIT deliverables, requiring their own Government Product Accessibility Templates (GPAT). If the computer included application software, this software would be another EIT deliverable requiring its own GPAT."
2. It appears some software can qualify for "a legally-defined Exception (Back Office)," as found in this example with STARLIMS and the VA: [https://www.oit.va.gov/Services/TRM/ToolPage.aspx?tid=7502 https://www.oit.va.gov/Services/TRM/ToolPage.aspx?tid=7502]


'''Physician office lab''':
3. Some additional posts and guides that may be revealing:
 
* [https://www.levelaccess.com/how-do-i-determine-if-my-web-site-or-application-is-section-508-compliant/ How do I determine if my website or application is Section 508 compliant?]
The [[physician office laboratory]] (POL) is arguably a more simple version of the medical diagnostics lab, often depending on CLIA-waived and CLIA-certified point-of-care instruments for making diagnoses. As such, the data management requirements for a POL may not be as significant as those of a large-scale diagnostic laboratory. That said, a POL employing laboratory informatics will still need much of the same base functionality mentioned prior, and the system will still need to comply with data management and sharing regulations such as those found with HIPAA and CLIA.
* [https://ftp.cdc.gov/pub/Software/RegistryPlus/508%20Compliance/508softwareandos.doc GSA Guide For Making Software Applications and Operating Systems Accessible] (.doc file; NOTE: No date, so not sure if incorporates amended material, so be careful)
 
* [https://www.dhs.gov/publication/dhs-section-508-compliance-test-processes DHS Section 508 Compliance Test Processes]
Any POL performing sufficient volumes of testing to benefit from using a laboratory informatics solution may also want to consider the costs and drawbacks, if any, of interfacing to their EHR system, if they have one. In a case where the POL is in a position to consider both an LIS and an EHR at the same time, examine the features and potential integration of those products, and be sure to consider any future potential of integrating your systems with other external data management systems, including another reference laboratory.
 
In some cases, an EHR with some laboratory management functionality may make a solid alternative. If considering an EHR that includes some LIS functionality, be sure to clearly identify the functional requirements and demo the system thoroughly to ensure test and reporting workflows make sense. Finally, in cases where POL test volumes are low—coming from only one or a few instruments—and an LIS is not required, POL operators may want to simply consider a middleware option that smoothly facilitates the flow of instrument data to the EHR.
 
 
'''Integrative medicine lab''':
 
If an integrative medicine laboratory is using a laboratory informatics solution, their requirements will be nearly identical to a standard medical diagnostic laboratory, meaning the base functionality mentioned prior will likely be suitable. If there is a major difference or required piece of additional functionality, it will have to do with a more extensive list of available tests and billing codes for them. This usually consists of expansions into nutritional, metabolic, and toxicity test types, as well as support for diagnostic imaging.<ref name="BralleyBasic">{{cite book |url=https://books.google.com/books?id=CpXVAwgOv7sC&pg=PT11 |chapter=Chapter 1: Basic Concepts |title=Laboratory Evaluations for Integrative and Functional Medicine |author=Bralley, J.A.; Lord, R.S. |publisher=MetaMetrix Institute |edition=2nd |pages=1–16 |year=2008 |isbn=0967394945}}</ref>
 
'''Public health lab'''<ref name="APHLLab19" /><ref name="LabWarePublic20">{{cite web |url=https://www.labware.com/en/p/Industries/Healthcare/Public-Health |title=Public Health |publisher=LabWare, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="OrchardPublic20">{{cite web |url=https://www.orchardsoft.com/public-health-labs.html |title=Public Health Laboratories |publisher=Orchard Software Corporation |date=2020 |accessdate=30 January 2020}}</ref><ref name="CommonCentsApollo20">{{cite web |url=https://www.apollolims.com/lab-expertise/public-health/ |title=ApolloLIMS for Public Health Labs |publisher=Common Cents Systems, Inc |date=2020 |accessdate=30 January 2020}}</ref>:
 
* provide specialty workflow for newborn screening
* provide surge capacity for high-priority analyses
* provide workflow and tools for managing microorganisms and toxins of elevated risk
* support most medical test protocols and specimen types
* support ELISA, DNA extraction, sequencing, and other molecular workflows
* support for a robust set of decision support rules for reflex testing
* support the Center for Disease Control and Prevention's PHIN Messaging System
* support other electronic data exchange standards for critical community partners
 
 
'''Toxicology lab'''<ref name="APEasyFeatures20">{{cite web |url=https://easytoxicology.com/features/ |title=Easytox: Features |publisher=AP Easy Software Solutions |date=2020 |accessdate=30 January 2020}}</ref><ref name="DataUnlimitedLIMSSol20">{{cite web |url=http://www.duii.com/products/starfruit-toxicology/ |title=Starfruit Toxicology |publisher=Data Unlimited International, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="LabLynxToxicology20">{{cite web |url=https://lablynx.com/toxicology/ |title=Toxicology LIMS |publisher=LabLynx, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="DTPMOnlineData20">{{cite web |url=https://www.dtpm.com/online-data-management/ |title=Online Data Management |publisher=DTPM, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="OrchardPain20">{{cite web |url=https://www.orchardsoft.com/pain-management-toxicology-support.html |title=Pain Management & Toxicology Laboratories |publisher=Orchard Software Corporation |date=2020 |accessdate=30 January 2020}}</ref>:
 
* support customizable drug panels and tests
* support for reference labs
* track prescribed medicines and associated history
* provide management for compounds and compound grouping
* provide medication-based compliance monitoring and interpretive reporting on it
* provide decision-support rules for pain management and toxicology
* provide toxicology-specific reporting formats
* manage drug court cases associated with testing
 
 
'''Blood bank and transfusion lab'''<ref name="SunquestBloodBank20">{{cite web |url=https://www.sunquestinfo.com/software-and-services/blood-bank-management/ |title=Sunquest Blood Bank |publisher=Sunquest Information Systems, Inc |date=2020 |accessdate=30 January 2020}}</ref><ref name="SCCBlood20">{{cite web |url=https://www.softcomputer.com/products-services/blood-services/ |title=Sunquest Blood Bank |publisher=SCC Soft Computer |date=2020 |accessdate=30 January 2020}}</ref><ref name="HemasoftHome20">{{cite web |url=http://www.hemasoft.com/ |title=Hemasoft: We Care |publisher=Hemasoft Software SL |date=2020 |accessdate=30 January 2020}}</ref><ref name="TDMS_TDBloodBank20">{{cite web |url=https://www.technidata-web.com/en-gb/solutions/disciplines/blood-banking |title=TD BloodBank Livextens |publisher=Technidata SAS |date=2020 |accessdate=30 January 2020}}</ref>:
 
* manage inventory across multiple facilities
* manage donor and harvested tissues
* support positive patient identification (PPID)
* support the ISBT 128 standard for medical products of human origin
* support for both autologous and directed medical product management
* allow for emergency release of inventory
* allow for electronic crossmatch of a human-based medical products
* manage medical product recall and documentation
* manage donor demographics, notification, scheduling, and history
* manage donation drives and other campaigns
* track bag and supply lot numbers
* track quality control testing
* monitor access to and environmental conditions of supply fridges
* provide workflow management for non-standard patients
* support antibody screening processes
 
 
'''Central and contract research lab''':
 
https://www.eurofins.com/biopharma-services/central-lab/support-services/data-management/
 
https://www.informatics.abbott/us/en/industries/clinical-research
 
https://www.labware.com/en/p/Industries/Biobanking-and-Clinical-Research/Clinical-Research
 
https://www.medpace.com/capabilities/technology/laboratory-information-management/
 
* production and tracking management of clinical trial kits
* manage multi-site logistics of specimens
* provide a reservation function for specimens
* manage clinical trials and their various functions, including recruitment, study protocols, treatment groups, metadata, multi-site master scheduling, consent checks, and other required reporting
* provide special access privileges to sponsors, monitors, and investigators
* support a wide variety of data transfer formats, including CDISC, ASCII, SAS, and XML
* provide patient management, including demographics, consent forms, clinical notation, and test results
* provide highly configurable "blinding" features for reports and the user interface
* track contracts, budgets, and other financials
* develop exclusion rules and monitor exclusions
* support testing for a wide variety of disciplines
* provide study-specific monitoring and alerts
* provide granular cumulative reporting
* provide study-specific project portals that allow review of documents, data visualizations, training material, and other study information
 
 
'''Genetic diagnostics and cytogenetics labs''':
 
https://www.sunquestinfo.com/software-and-services/lims/
 
https://www.xifin.com/industry-solutions/laboratory/molecular-diagnostics
 
https://jmd.amjpathol.org/article/S1525-1578(17)30583-4/fulltext
 
https://www.softcomputer.com/products-services/genetics/
 
https://psychesystems.com/enterprise-laboratory-information-software/nucleolis-molecular-lab-testing-software/
 
* management of sample collection kits
* management of informed consent documentation
* provide customized workflows for molecular and NGS testing
* track specimen and aliquot lineage for cell lines, tissues, slides, etc.
* track nucleic acid quantity and quality of specimens
* support a wide array of molecular testing and associated data fields, including biochemical and molecular genetics, carrier screening, immunology, molecular profiling, prenatal and newborn testing, and pharmacogenetics
* provide custom workflows for FISH, PCR, gel eletrophoresis, cytogenetics, DNA sequencing, and more
* support specialty testing reimbursement and other revenue management unique to this lab
* support single sign-on with imaging platforms
* provide color coding for turn-around time and other testing statuses
* provide cleanly formatted rich-text reports customized for molecular diagnostics
 
 
'''Medical cannabis testing lab''':
 
https://www.lablynx.com/cannabis/
 
https://khemia.com/industries/cannabis-testing/
 
https://www.labware.cloud/cannabis
 
https://qbench.net/qbench-lims-cannabis-testing-labs/
 
https://www.labcompare.com/10-Featured-Articles/354722-Selecting-a-LIMS-for-the-Cannabis-Industry/
 
* add, view, and link custom annotated images
* interface with a wide array of chromatography and spectroscopy instruments
* optimize sample login and management for the industry, including clear differentiation between medical and recreational cannabis
* provide compliant test protocols, workflows, labels, and reporting for medical cannabis testing
* provide ability to interface with state-required compliance reporting systems
* support inventory reconciliation
* support disease testing, sexing, and genetic tracking of cannabis
* support stability testing
 
===2.1.3 Cybersecurity considerations===
From law firms<ref name="SobowaleLaw17">{{cite web |url=http://www.abajournal.com/magazine/article/managing_cybersecurity_risk/ |title=Law firms must manage cybersecurity risks |author=Sobowale, J. |work=ABA Journal |publisher=American Bar Association |date=01 March 2017 |accessdate=09 January 2020}}</ref> to automotive manufacturers<ref name="WatneyAddress17">{{cite web |url=https://www.rstreet.org/wp-content/uploads/2018/04/118-1.pdf |format=PDF |title=Addressing new challenges in automotive cybersecurity |author=Watney, C.; Draffin, C. |work=R Street Policy Study No. 118 |publisher=R Street Institute |date=November 2017 |accessdate=09 January 2020}}</ref>, the need to address cybersecurity is increasingly apparent. In 2018, the Center for Strategic & International Studies estimated that cybercrime causes close to $600 billion in damages to the global economy every year<ref name="LewisEcon18">{{cite web |url=https://www.csis.org/analysis/economic-impact-cybercrime |title=Economic Impact of Cybercrime |author=Lewis, J.A. |publisher=Center for Strategic & International Studies |date=21 February 2018 |accessdate=09 January 2020}}</ref>, though due to underreporting of crimes, that number may be much higher. That number also likely doesn't take into account lost business, fines, litigation, and intangible losses<ref name="SBDCC_BlogCost17">{{cite web |url=https://www.virginiasbdc.org/blog-cost-of-cyber-crime-to-small-businesses/ |title=BLOG: Cost of Cyber Crime to Small Businesses |work=Virginia SBDC Blog |publisher=Virginia SBDC |date=30 May 2017 |accessdate=09 January 2020}}</ref> In the end, businesses of all sizes average about $200,000 in losses due to a cybersecurity incident<ref name=HiscoxHiscox19">{{cite web |url=https://www.hiscox.com/documents/2019-Hiscox-Cyber-Readiness-Report.pdf |format=PDF |title=Hiscox Cyber Readiness Report 2019 |publisher=Hiscox Ltd |date=April 2019 |accessdate=09 January 2020}}</ref>, and nearly 60 percent of small and midsize businesses go bankrupt within six months because of it.<ref name="Galvin60_18">{{cite web |url=https://www.inc.com/joe-galvin/60-percent-of-small-businesses-fold-within-6-months-of-a-cyber-attack-heres-how-to-protect-yourself.html |title=60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack. Here's How to Protect Yourself |author=Galvin, J. |work=Inc.com |date=07 May 2018 |accessdate=09 January 2020}}</ref>
 
Medical diagnostic and research laboratories are no exception, regardless of business size. Even tiny labs whose primary digital footprint is a WordPress website advertising their lab are at risk, as hackers could still spread malware, steal user data, add the website to a bot network, hack the site for the learning experience, or even hack it just for fun.<ref name="GrimaTop19">{{cite web |url=https://www.wpwhitesecurity.com/why-malicious-hacker-target-wordpress/ |title=Top reasons why WordPress websites get hacked (and how you can stop it) |author=Grima, M. |publisher=WP White Security |date=14 November 2019 |accessdate=09 January 2020}}</ref><ref name="MoenWhatHack16">{{cite web |url=https://www.wordfence.com/blog/2016/04/hackers-compromised-wordpress-sites/ |title=What Hackers Do With Compromised WordPress Sites |author=Moen, D. |work=Wordfence Blog |publisher=Defiant, Inc |date=19 April 2016 |accessdate=09 January 2020}}</ref><ref name="TalalevWebsite19">{{cite web |url=https://www.webarxsecurity.com/website-hacking-statistics-2018-february/ |title=Website Hacking Statistics (Updated 2019) |author=Talaleve, A. |publisher=WebARX |date=May 2019 |accessdate=09 January 2020}}</ref> Even more importantly are those labs performing digital data management tasks that handle sensitive patient and proprietary data, requiring additional cybersecurity considerations.
 
A laboratory can integrate cybersecurity thinking into its laboratory informatics product selection in several ways. First, the lab should have a cybersecurity plan in place, or if not, it should be on the radar. This is a good resource to tap into in regards to deciding what cybersecurity considerations should be made for the software. Can the software help your lab meet your cybersecurity goals? What regulatory requirements for your lab are or are not covered by the software? Another tool to consider—which may have been used in any prior cybersecurity planning efforts—is a cybersecurity framework. Many, but not all, cybersecurity frameworks include a catalog of security controls. Each control is "a safeguard or countermeasure prescribed for an information system or an organization designed to protect the confidentiality, integrity, and availability of its information and to meet a set of defined security requirements."<ref name="NISTSecurity19">{{cite web |url=https://csrc.nist.gov/glossary/term/security-control |title=security control |work=Computer Security Resource Center |publisher=National Institute of Standards and Technology |date=2019 |accessdate=10 January 2020}}</ref> These controls give the implementing organization a concrete set of configurable goals to apply to their overall cybersecurity strategy. Other frameworks may be less oriented to security controls and more program-based or risk-based. Choosing the best frameworks will likely depend on multiple factors, including the organization's industry type, the amount of technical expertise within the organization, the budget, the organizational goals, the amount of buy-in from key organizational stakeholders, and those stakeholders' preferred approach.
 
Finally, having a cybersecurity plan that incorporates one or more cybersecurity frameworks gives the laboratory ample opportunity to apply stated goals and chosen security controls to the evaluation and selection process. In particular, a user requirements specification (URS) that incorporates cybersecurity considerations will certainly help a laboratory with meeting regulatory requirements while also protecting its data systems. A USR that is pre-built with cybersecurity controls in mind—such as [[Book:LIMSpec 2019 R1|LIMSpec]], discussed later—makes the evaluation process even easier.
 
===2.1.4 Regulatory compliance considerations===
Without a doubt, it's vital that medical diagnostic and research laboratories operate within the bounds of a regulatory atmosphere, not only to better ensure the best patient outcomes but also to ensure the quality of test results, the privacy of patient information, and the safety of personnel. Maintaining regulatory compliance requires deliberate approaches to developing and enforcing processes and procedures, quality training, consistent communication, and knowledgeable personnel. It also requires a top-down appreciation and commitment to a culture of quality. From the [[Clinical Laboratory Improvement Amendments]] (CLIA) and [[Health Insurance Portability and Accountability Act]] (HIPAA) to [[21 CFR Part 11]] and the [[General Data Protection Regulation]], laboratories have much to consider in regards to what regulations impact them.
 
That said, consider approaching the question of regulatory compliance from the standpoint of adopting standards. Consider first that the risks and consequences of performing a task poorly drives regulation and, more preferably<ref name="CiocoiuTheRole10">{{cite book |chapter=Chapter 1. The Role of Standardization in Improving the Effectiveness of Integrated Risk Management |title=Advances in Risk Management |author=Ciocoui, C.N.; Dobrea, R.C. |editor=Nota, G. |publisher=IntechOpen |year=2010 |isbn=9789535159469 |doi=10.5772/9893}}</ref><ref name="JPMorganData18">{{cite web |url=https://www.jpmorganchase.com/corporate/news/document/call-to-action.pdf |format=PDF |title=Data Standardization: A Call to Action |publisher=JPMorgan Chase & Co |date=May 2018 |accessdate=14 December 2019}}</ref>, standardization, which in turn moves the "goalposts" of quality and security among organizations. In the case of regulations, those organization that get caught not conforming to the necessary regulations tend to suffer negative consequences, providing some incentive for them to improve organizational processes and procedures.
 
One of the downsides of regulations is that they can at times be "imprecise" or "disconnected"<ref name="JPMorganData18" /> from what actually occurs within the organization and its information systems. Rather than focusing heavily to regulatory conformance, well-designed standards may, when adopted, provide a clearer path of opportunity for organizations to improve their operational culture and outcomes, particularly since standards are usually developed with a broader consensus of interested individuals with expertise in a given field.<ref name="CiocoiuTheRole10" /> In turn, the organizations that adopt well-designed standards likely have a better chance of conforming to the regulations they must, and they'll likely have more interest in maintaining and improving the goalposts of quality and security in the lab.
 
Additionally, reputable software developers of laboratory informatics software will not only adopt their own industry standards for software development but also understand the standards and regulations that affect laboratories and research centers. In turn, the developed software should meet regulations and standards, help the laboratory comply with its regulations and standards, and be of reliably good quality.
 
If you're a potential buyer of a laboratory informatics solution, it may be that you know a bit about your laboratory's workflow and a few of the regulations and standards that influence how that workflow is conducted, but you're not entirely informed about all the regulations and standards that affect your lab. Turning to a URS such as LIMSpec—which was developed around laboratory regulations and standards—and reviewing the various statements contained within may be necessary to help further inform you. Additionally, as you investigate various informatics options, you can then use the requirements in the URS as a base for your laboratory's own requirements list. Using the categories and their subdivisions, you can then add those requirements that are unique to your laboratory and industry that are not sufficiently covered by the base URS. As you review the various options available to you and narrow down your search, your own list of requirements can be used as both as a personal checklist and as a requirements list you hand over to the vendor you query. And since your URS is based off the standards and regulations affecting your lab, you can feel more confident in your acquisition and its integration into your laboratory workflow.
 
===2.1.5 Cost considerations===
First, you'll want to be clear on what will be included in the sales agreement. Whether through an estimate or statement of work (SOW), it is important it includes exactly what is expected, being as specific as possible, since this will be the entire contractual obligation for both you the buyer and them the vendor. Note that line items may differ slightly from system to system, according to what features and functions are included by default with each vendor's LIMS and which, if any, are additional. Also keep in mind that any hourly amount in the the estimate or SOW is usually a best estimate; however, if sufficient attention to detailed requirements has been given, then it should be quite accurate, and in fact the final cost may even be below the quoted cost if you prioritize your own obligations so that the vendor's hours are used sparingly and efficiently.
 
The estimate or SOW should optimally include:
 
* licensing or subscription rates;
* required core items to meet federal, state, and local regulations;
* additional optional items and totals; and
* required services (implementation, maintenance and support, optional add-ons).
 
There are two primary ways to price a laboratory informatics solution: a one-time license fee or a subscription rate ([[Cloud computing|cloud-hosted]] [[software as a service]] [SaaS]). If you have your own dedicated IT department and staff, you may prefer the former (although many system administrators are just as happy to let it be hosted elsewhere rather than add to their workload). Otherwise, SaaS subscription may well be the better and more cost-effective way to go (since the primary IT cost is simply internet access). This item will be part of your up-front cost and, in the case of subscription, it will also figure into your first year and ongoing costs; otherwise only associated maintenance, support, and warranty (MSW) will figure in. Typically, your first year's subscription costs will be due at signing. More often, the vendor may require three months or even the first year up front, so be prepared to factor that into up-front costs. However, it still is almost always less expensive at the outset (and over time, if you factor in IT costs and annual MSW) than paying for a license fee.
 
In addition to the two types of software pricing, there are also sub-types. Generally these are based on the number of users (or, in some cases, "nodes," which are simply any entities that access the informatics system, including other systems, instruments, etc.). How these are counted can vary.
 
* Named users: This method bases pricing on the actual individual users of the system, even if they only log in sporadically. Users may not use each other's logins (this is a no-no regardless of pricing structure, for good laboratory practice and other regulatory reasons).
* Concurrent users: This bases pricing on the maximum number of users who will be logged in at any given time. You can define an unlimited number of named users in the system, each with their own login credentials. However, only the number of concurrent users specified in the license or subscription may be logged in at any one time. For example, you may have 10 staff, but due to work processes, shifts, etc., only up to six might ever be logged in simultaneously. Whereas this would require a named user license for 10, it would only require a concurrent user license for six.
* Unlimited users: In the case of very large labs (typically 30 to 50 and up), the license or subscription may simply be a flat fee that allows any number of users.
 
The line items in the estimate or SOW should reflect these nuances, as well as whether the listed costs are monthly or annual (for subscription services), hourly (typically for support and training), or a fixed one-time cost. Additionally, be cautious with fixed costs, as they typically represent one of two possible scenarios:
 
#Final fixed cost: In this case, the cost has been figured by the vendor so as to cover their worst-case hourly labor total. If a line item (e.g., an interface) is not "worst case," then you are overpaying.
#"Expandable" fixed cost: This is as bad as final fixed cost, and maybe even worse because it's almost a case of "bait-and-switch," popping up as a surprise. The initial "fixed cost" number is low, and additional hourly services are needed to actually deliver the item. This will have been provided for somewhere in the small print.
 
The bottom line is that everything in a laboratory informatics solution is really either licensing or hourly services. Just be careful if they are portrayed as anything else.
 
It is important to be clear which category each line item falls under when figuring costs: up-front (due upon signing), annual, or ongoing (e.g., SaaS subscription). It is useful to clearly lay out each and compute initial costs, as well as first-year and subsequent years' costings. For example, your initial obligation may be as little as your first year's subscription plus the first 40 hours of services. Different vendors have different policies, however, and you may be required to pay for your first full year's subscription and all services, or some other combination. Normally, though, any instrument interface or other service charges aren't due until the they are implemented, which may be a few weeks or even a month down the road. This may depend on your budget, complexity of the SOW, and urgency. Your first year's expenses will include everything, including initial license fees; all setup and training; any interfaces and additional configurations or customization; and first annual MSW. (If this isn't included in the SaaS subscription, then it usually commences on full system delivery). Afterwards, your subscription and MSW will be the only ongoing expenses (included as one in this example), unless you choose to have additional interfaces or other services performed at any time.
 
==2.2 Implementation==
If you've ever worked through a system implementation process with a vendor, it was hopefully a smooth process. However, there are plenty of horror stories out there, highlighting the need of the laboratory to discuss in detail how a potential vendor will handle installation, validation, and training for the informatics solution. Does the vendor truly understand the industry and your needs? Does the vendor assign a project manager who will work with you from planning to go-live and beyond? Can they offer you references of other labs who have gone through implementation so you can compare notes with the those labs? How much attention does the potential vendor give to related issues such as data integrity of migrated data? Do they have the means to properly handle your legacy data? And are they able to work with your schedule, even if it means implementing software at off-peak work hourse?<ref name="Wagner7Soft19">{{cite web |url=https://blog.walkme.com/7-software-implementation-challenges/ |title=7 Software Implementation Challenges and How to Solve Them |author=Wagner, M. |work=WalkMe Blog |publisher=WalkMe Ltd |date=10 October 2019 |accessdate=10 January 2020}}</ref><ref name="MuraBullet18">{{cite web |url=https://blog.userlane.com/software-implementation-plan/ |title=Bullet-Proof Software Implementation Plan: Challenges and Tactics |author=Mura, A. |work=Userlane Digital Adoption Blog |publisher=Userlane GmbH |date=12 July 2018 |accessdate=10 January 2020}}</ref>
 
As you finally get down to the ultimate decision on which vendor to work with, you may wish to start setting up an implementation checklist as part of your early project planning. Do you receive a help desk account as part of the implementation process, and if so, what information is included? If not, you'll need to keep track of specific details such as business associate agreement (BAA), sales agreement, scope documents, welcome letters, documentation, and approved staff who can utilize the vendor's support. You'll likely need to pass on other configuration details to the vendor, including timezone requirements, DNS and URL requirements, uptime monitors, and administrative account requirements. Finally, you'll want to ensure you and the vendor are on the same page concerning any additional customization, integration, and system validation requirements, ensuring the roll-out period is pain-free and efficient.
 
===2.2.1 Internal and external integrations===
Laboratories acquire data management software for many reasons, including improving accuracy, saving time, increasing productivity, and adding capabilities. One way of doing all of those activities is to integrate or interface your systems, databases, and instruments so that human error is greatly reduced or eliminated, workflows are automated and sped up, and each component's capabilities are brought into play in the most efficient and effective ways possible. As such, you'll want to inquire with the vendor about its solution's hardware and software integration capabilities. Is it designed to interface with every laboratory instrument or software that can output any readable electronic file? Or are integrations limited to certain instruments and systems? How does it connect, i.e., what protocols does the software depend on to connect with other systems? Does the system allow a user to map their own file imports and exports? Can system processes be set to detect new instances of file outputs at regular intervals? Ask these and other questions to make sure the vendor clearly describes what internal and external integrations are supported with their application.
 
In many cases, a vendor's solution will have integration capability built into the software, but occasionally such interfaces are separate from the main software. Today's interfaces are generally built on standardized communication tools, including messaging formats like [[Health Level 7]] (HL7).<ref name="Sinard06">{{cite book |url=http://www.springer.com/medicine/pathology/book/978-0-387-28057-8 |title=Practical pathology informatics: Demystifying informatics for the practicing anatomic pathologist |author=Sinard, J. |publisher=Springer Science+Business Media |year=2006 |isbn=9780387280585}}</ref><ref name="MLOStaffInterfacing12">{{cite web |url=https://www.mlo-online.com/home/article/13004490/interfacing-the-lis |title=Interfacing the LIS |author=MLO Staff |work=Medical Laboratory Observer |publisher=Endeavor Business Media, LLC |date=01 August 2012 |accessdate=10 January 2020}}</ref> The HL7 messaging standards are particularly important to laboratory data management because they define how information is packaged and communicated from one party to another. Such standards set the language, structure, and data types required for seamless integration of various systems and instruments.<ref name="KimCreating05">{{cite web |url=http://www.kathykim.com/sitebuildercontent/sitebuilderfiles/ClinicalDataStandardsInHealthCare.pdf |archiveurl=https://web.archive.org/web/20170114055221/http://www.kathykim.com/sitebuildercontent/sitebuilderfiles/ClinicalDataStandardsInHealthCare.pdf |format=PDF |title=Creating Clinical Data Standards in Health Care: Five Case Studies |author=Kim, Katherine |publisher=California HealthCare Foundation |date=July 2005 |archivedate=14 January 2017 |accessdate=10 January 2020}}</ref> Health Level 7 describes the types of information communicated between such systems in the clinical environment as including "process control and status information for each device or analyzer, [as well as] each specimen, specimen container, and container carrier; information and detailed data related to patients, orders, and results; and information related to specimen flow algorithms and automated decision making."<ref name="HL711">{{cite web |url=http://www.hl7.org/implement/standards/product_brief.cfm?product_id=203 |title=HL7 version 2.7 standard: Chapter 13 - Clinical laboratory automation |author=Health Level Seven International |date=2011 |accessdate=10 January 2020}}</ref>
 
You may also want your laboratory informatics solution to be able to communicate with other software and databases. This is often done using [[application programming interface]]s (APIs) using web services implementation protocols such as REST and SOAP.<ref name="MonusSOAP19">{{cite web |url=https://raygun.com/blog/soap-vs-rest-vs-json/ |title=SOAP vs REST vs JSON comparison [2019] |author=Monus, A. |work=Raygun |date=January 2019 |accessdate=10 January 2020}}</ref><ref name="LVAQuick18">{{cite web |url=https://www.labvantage.com/a-quick-guide-to-lims-web-services/ |title=A Quick Guide to LIMS Web Services |author=LabVantage Solutions |publisher=LabVantage Solutions, Inc |date=07 January 2018 |accessdate=10 January 2020}}</ref><ref name="GrandOneTool19">{{cite journal |title=One tool to find them all: A case of data integration and querying in a distributed LIMS platform |journal=Database |author=Grand, A.; Geda, E.; Mignone, A. et al. |volume=2019 |page=baz004 |year=2019 |doi=10.1093/database/baz004}}</ref> These messaging protocols actually allow for the creation of an API that receives communication requests and sends responses between two software systems. A more practical example is wanting your laboratory informatics solution to communicate with an [[enterprise resource planning]] (ERP) application. Perhaps the ERP system needs to create sample batches within the informatics solution, and when testing is done, have the results returned to the ERP. APIs and communication protocols make this happen.<ref name="LVAQuick18" />
 
==2.3 MSW, updates, and other contracted services==
The maintenance, support, and warranty (MSW) offered with the vendor's solution is almost as important as the solution itself. The laboratory informatics solution you acquire is more than than the software you operate: it's mission-critical and deserves having a reliable and responsive team with the necessary resources to ensure it remains operational. Downtime can negatively affect both immediate customer satisfaction and your reputation. As such, it's imperative you ask the vendor about the details of its MSW, making sure you understand what is and isn't covered, as well as how much it will cost. Cost-wise, industry norms are anywhere from 15% to 25% of either the license fee or total contract, levied annually to provide this coverage.<ref name="ScavoHigh05">{{cite web |url=https://www.computereconomics.com/article.cfm?id=1033 |title=High Software Maintenance Fees and What to Do About Them |author=Scavo, F. |work=Computer Economics |date=08 February 2005 |accessdate=10 January 2020}}</ref> Alternatively, it may simply be included with your subscription. The MSW will include a specified number of support and maintenance hours or guarantees. The actual warranty should be unlimited for as long as the MSW or subscription is kept current.
 
Maintenance includes any and all work necessary to keep your system working as designed. It should include updates, patches, or fixes, and most if not all upgrades. (Note, however, a major upgrade to a totally new edition may not be covered, but it may come at a negotiable, significantly lower cost.<ref name="Gordon-ByrneMaint14">{{cite web |url=http://www.ittoday.info/ITPerformanceImprovement/Articles/2014-08GordonByrne2.html |title=Maintenance in the Digital World |author=Gordon-Byrne, G. |work=IT Performance Improvement |publisher=Taylor & Francis, LLC |date=2014 |accessdate=10 January 2020}}</ref>) The support aspect of MSW generally consists of a specified number of hours dedicated more to helping you with the operation of the system rather than "fixing" anything. Support includes guidance on training, password or login support, and more. Finally, with any professional application you also expect to have a warranty. The warranty should cover anything that doesn't work that otherwise should for the designated period of time.<ref name="Gordon-ByrneMaint14" /> That includes any standard features and functions, as well as any additional ones that were delivered and signed off on, and any other work performed by the vendor or its representatives. However, a typical warranty does not cover anything that was working fine, but upon being manipulated in a way beyond normal operation the functionality ceased. In these cases, you'll probably have to pay to get it fixed.
 
Beyond the MSW, additional updates and services related to the system may also be required. No matter how well it is pre-configured, any professional laboratory informatics solution will require some amount of standard setup to reflect your particular lab. This includes adding lab branding and demographics for reports and certificates; entering users, their roles, and access permissions; adding and/or modifying tests and workflows; renaming fields; adding or hiding fields; setting up a web portal; and implementing interfaces. Equally indispensable is proper training for both users and administrators. And of course you may later find that you would like additional features or functions. These and other services may prove particularly useful to the laboratory with little in the way of IT and systems expertise. As such, the vendor may provide one or more of the following as a billable service for the laboratory:
 
* initial implementation meeting (e.g., initial planning, identify delta, set schedule)
* project management
* requirements gathering and documentation
* initial setup
* user and administrator training
* configuration and customization
* interface development and implementation
* custom screen and field development
* custom functionality development
* custom reports and labels
* custom triggers and alerts
* validation or acceptance testing (to a third-party standard or certification, or to agreed manufacturer specs)
 
==2.4 How a user requirements specification fits into the entire process==
Merriam-Webster defines a "specification" as "a detailed precise presentation of something or of a plan or proposal for something."<ref name="MWSpec">{{cite web |url=https://www.merriam-webster.com/dictionary/specification  |title=specification |work=Merriam-Webster |publisher=Merriam-Webster, Inc |accessdate=09 January 2020}}</ref> In other words, an existing or theoretical product, concept, or idea is presented in detail for a particular audience. In a broad sense, detailing the specifics about a project, concept, or idea to others is just common sense. This applies just as well to the world of software development, where a software requirements specification is essential for preventing the second most commonly cited reason for project failure: poor requirements management.<ref name="BiegRequire14">{{cite web |url=https://www.pmi.org/-/media/pmi/documents/public/pdf/learning/thought-leadership/pulse/requirements-management.pdf |format=PDF |title=Introduction |work=Requirements Management: A Core Competency for Project and Program Success |author=Bieg, D.P. |publisher=Project Management Institute |page=3 |date=August 2014 |accessdate=09 January 2020}}</ref>
 
In fact, the ISO/IEC/IEEE 29148:2018 standard (a conglomeration of what was formerly IEEE 830 and other standards) is in place to help specify "the required processes implemented in the engineering activities that result in requirements for systems and software products" and provide guidelines for how to apply those requirements.<ref name="ISO29148">{{cite web |url=https://www.iso.org/standard/72089.html |title=ISO/IEC/IEEE 29148:2018 |publisher=International Organization for Standardization |date=November 2018 |accessdate=09 January 2020}}</ref> The standard describes the characteristics that make up quality software requirement development, including aspects such as<ref name="SeibertHowDoYou11">{{cite web |url=https://hubtechinsider.wordpress.com/2011/07/28/how-do-you-write-software-requirements-what-are-software-requirements-what-is-a-software-requirement/ |title=How do you write software requirements? What are software requirements? What is a software requirement? |work=HubTechInsider |author=Seibert, P. |date=28 July 2011 |accessdate=09 January 2020}}</ref>:
 
* correctly describing system behavior;
* effectively removing ambiguity from the language used;
* completely covering the system behavior and features;
* accurately prioritizing and ranking the requirements; and
* unequivocally ensuring the requirements are testable, modifiable, and traceable.
 
A requirement typically comes in the form of a statement that begins with "the system/user/vendor shall/should ..." and focuses on a provided service, reaction to input, or expected behavior in a given situation. The statement may be abstract (high-level) or specific and detailed to a precise function. The statement may also be of a functional nature, describing functionality or services in detail, or of a non-functional nature, describing the constraints of a given functionality or service and how it's rendered. An example of a functional software requirement could be "the user shall be able to query either all of the initial set of databases or select a subset from it." This statement describes specific functionality the system should have. On the other hand, a non-functional requirement, for example, may state "the system's query tool shall conform to the ABC 123-2014 standard." The statement describes a constraint placed upon the system's query functionality.
 
This is where a requirements specification shines, not only for the software developer but also for those acquiring the software. A set of development requirements, compiled in the form of a software requirements specification, can serve to strengthen the software development process. For those acquiring the software, a set of user requirements, compiled in the form of a user requirements specification (URS), can be used for the selection and acquisition of software or a service.<ref name="MemonSoftware10">{{cite web |url=https://www.cs.umd.edu/~atif/Teaching/Spring2010/Slides/3.pdf |format=PDF |title=Software Requirements: Descriptions and specifications of a system |author=Memon, A. |publisher=University of Maryland |date=Spring 2010 |accessdate=09 January 2020}}</ref><ref name="SchmittUser18">{{cite journal |title=User Requirements Specifications–How Difficult Can It Be? |journal=Pharmaceutical Technology |author=Schmitt, S. |volume=42 |issue=11 |page=58 |year=2018 |url=http://www.pharmtech.com/user-requirements-specifications-how-difficult-can-it-be-0 |accessdate=09 January 2020}}</ref> In the case of the URS, the acquiring business can approach this several ways. The simple way would be to essentially take the vendor at the word in regards to what they say their system can and can't do, agreeing formally to their description and taking responsibility that it will cover all the applicable regulations required by your business. However, this method isn't comprehensive and leaves the business open to not being able to fully meet its goals.<ref name="SchmittUser18" />
 
The other method has the URS be specific to your business' needs. The process is more work but leaves less to chance.<ref name="SchmittUser18" /> Developing your own URS isn't always straightforward. Often times, the developed document turns into a mix of "wishlist" requirements from potential and active clients, as well as regulation-mandated requirements. The wishlist items aren't necessarily ignored by developers, but the URS should in fact clearly prioritize requirements as "nice to have" or "essential to system operation," or something in between.<ref name="AasemAnalysis10">{{cite journal |title=Analysis and optimization of software requirements prioritization techniques |author=Aasem, M.; Ramzan, M.; Jaffar, A. |journal=Proceedings from the 2010 International Conference on Information and Emerging Technologies |pages=1–6 |year=2010 |doi=10.1109/ICIET.2010.5625687}}</ref><ref name="Hirsch10Steps13">{{cite web |url=https://www.phase2technology.com/blog/successful-requirements-gathering |title=10 Steps To Successful Requirements Gathering |author=Hirsch, J. |publisher=Phase2 Technology, LLC |date=22 November 2013 |accessdate=09 January 2020}}</ref><ref name="BurrissSoftware07">{{cite web |url=http://sce2.umkc.edu/BIT/burrise/pl/requirements/ |title=Requirements Specification |work=CS451R, University of Missouri–Kansas City |author=Burris, E. |publisher=University of Missouri–Kansas City |date=2007 |accessdate=09 January 2020}}</ref> Whatever the URS looks like in the end, it's ultimately up to the vendor to be able to demonstrate how the software does and does not meet its requirements.
 
In the latter half of this guide, you'll be given an opportunity to see an example of a URS for the medical diagnostic and research industries in the form of LIMSpec, an evolving set of software requirements specifications for laboratory informatics systems. Built from requirements found in [[ASTM E1578|ASTM E1578-18]] ''Standard Guide for Laboratory Informatics'', as well as dozens of other standards and regulations, the LIMSpec examples we provide will demonstrate how a URS is put to use, while also showing you how an informatics system can help you laboratory better meet regulatory requirements.
 
==References==
{{Reflist|colwidth=30em}}

Latest revision as of 21:23, 28 February 2022

The laws themselves

1. Federal Telecommunications Act of 1996, Section 255 (47 U.S.C. § 255 - Access by persons with disabilities)

(b) Manufacturing

A manufacturer of telecommunications equipment or customer premises equipment shall ensure that the equipment is designed, developed, and fabricated to be accessible to and usable by individuals with disabilities, if readily achievable.

(c) Telecommunications services

A provider of telecommunications service shall ensure that the service is accessible to and usable by individuals with disabilities, if readily achievable.

(d) Compatibility

Whenever the requirements of subsections (b) and (c) are not readily achievable, such a manufacturer or provider shall ensure that the equipment or service is compatible with existing peripheral devices or specialized customer premises equipment commonly used by individuals with disabilities to achieve access, if readily achievable.

The term disability is defined here. You can read the full entry, but the basics are:

(1) Disability The term “disability” means, with respect to an individual—

(A) a physical or mental impairment that substantially limits one or more major life activities of such individual;
(B) a record of such an impairment; or
(C) being regarded as having such an impairment (as described in paragraph (3)).

The term readily achievable is defined here. It is defines as:

(9) Readily achievable The term “readily achievable” means easily accomplishable and able to be carried out without much difficulty or expense. In determining whether an action is readily achievable, factors to be considered include—

(A) the nature and cost of the action needed under this chapter;
(B) the overall financial resources of the facility or facilities involved in the action; the number of persons employed at such facility; the effect on expenses and resources, or the impact otherwise of such action upon the operation of the facility;
(C) the overall financial resources of the covered entity; the overall size of the business of a covered entity with respect to the number of its employees; the number, type, and location of its facilities; and
(D) the type of operation or operations of the covered entity, including the composition, structure, and functions of the workforce of such entity; the geographic separateness, administrative or fiscal relationship of the facility or facilities in question to the covered entity.

2. Rehabilitation Act of 1973, Section 508, amended (29 U.S.C. 794d - Electronic and information technology)

There's a government website dedicated to Section 508: https://www.section508.gov/ The related laws and polices can be found here. The intro states (italics emphasis mine):

In 1998, Congress amended the Rehabilitation Act of 1973 to require Federal agencies to make their electronic and information technology (EIT) accessible to people with disabilities. The law (29 U.S.C § 794 (d)) applies to all Federal agencies when they develop, procure, maintain, or use electronic and information technology. Under Section 508, agencies must give disabled employees and members of the public access to information comparable to the access available to others.

The U.S. Access Board is responsible for developing Information and Communication Technology (ICT) accessibility standards to incorporate into regulations that govern Federal procurement practices. On January 18, 2017, the Access Board issued a final rule that updated accessibility requirements covered by Section 508, and refreshed guidelines for telecommunications equipment subject to Section 255 of the Communications Act. The final rule went into effect on January 18, 2018.

The rule updated and reorganized the Section 508 Standards and Section 255 Guidelines in response to market trends and innovations in technology. The refresh also harmonized these requirements with other guidelines and standards both in the U.S. and abroad, including standards issued by the European Commission, and with the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines (WCAG 2.0), a globally recognized voluntary consensus standard for web content and ICT.

In discussing ICT, the U.S. Access Board summarized the key provisions as such:

The Revised 508 Standards and 255 Guidelines replace the current product-based regulatory approach with an approach based on ICT functions. The revised technical requirements, which are organized along the lines of ICT functionality, provide requirements to ensure that covered hardware, software, electronic content, and support documentation and services are accessible to people with disabilities. In addition, the revised requirements include functional performance criteria, which are outcome-based provisions that apply in two limited instances: when the technical requirements do not address one or more features of ICT or when evaluation of an alternative design or technology is needed under equivalent facilitation.

The full (lengthy) information about the ICT Accessibility 508 Standards and 255 Guidelines is found here: https://www.access-board.gov/ict/

The specific software requirements that LabLynx will likely need to consider under Section 508 appear to be found in Chapter 5: Software and Chapter 6: Support Documentation and Services. (If for some reason LLX is in the hardware domain, they'll want to also considerChapter 4: Hardware If you're curious about the underlying standards, you can find them in Chapter 7: Referenced Standards.

Finally, the Section 508 government website has a full Design & Develop section that may be applicable to development process: https://www.section508.gov/develop/

Additional information

1. The Section 508 website and its glossary mention LIMS under "scientific instrument," though only secondarily. At the end: "If a scientific instrument is integrated with a computer or a monitor, the computer (and associated operating system) and the monitor would be separate EIT deliverables, requiring their own Government Product Accessibility Templates (GPAT). If the computer included application software, this software would be another EIT deliverable requiring its own GPAT."

2. It appears some software can qualify for "a legally-defined Exception (Back Office)," as found in this example with STARLIMS and the VA: https://www.oit.va.gov/Services/TRM/ToolPage.aspx?tid=7502

3. Some additional posts and guides that may be revealing: