According to Deloitte, the healthcare IT sector is expected to reach $280.25 billion by 2021, with an annual growth rate of 15.9%. As a result, the market for medical software, including electronic health records (EHR), healthcare CRM, and mobile apps for medical staff and patients, will continue to grow.
Given strict and specific quality requirements in healthcare, medical software needs a special approach to testing, which makes QA vendors expand their offer with software testing services tailored specifically to the healthcare industry needs.
Based on the experience gained in medical application testing projects, we share an optimal approach to testing in healthcare software projects.
How to Manage Software Testing in a Healthcare Project
Healthcare software should provide for reliable data exchange, save health professionals’ time and effort on routine procedures, show stable performance, and securely deal with sensitive data. Therefore, such software should be validated from the perspectives of interoperability, usability, performance, and compliance with industry regulations.
Different types of healthcare software should interoperate and reliably exchange data. The major standards for data transfer in the healthcare industry are Health Level Seven (HL7), Fast Healthcare Interoperability Resources (FHIR) and Digital Imaging and Communications in Medicine (DICOM). Here’s what they imply for QA teams.
HL7 is a set of standards for the exchange, integration, and retrieval of electronic health information. HL7 ensures global medical data interoperability and provides the possibility to access and use relevant health data securely.
Thus, software testing for compliance with HL7 should feature the following activities:
- Automated validation testing to make sure that messages are sent, received and parsed by the system under test correctly. This type of testing can be performed with such tools as NIST Message Validator, Message Workbench, MQF Validation Tool, etc.
- Integration testing employing relevant user stories to ensure that data flows correctly. For one of our projects, for instance, we developed and employed a custom tool to generate Continuity of Care Documents (CCD) and Admission, Discharge, Transfer (ADT) messages, and checked whether they were exchanged correctly between an application server and a database.
FHIR is a standard developed by HL7 for a simpler and faster exchange of electronic health records. Testing healthcare software for FHIR compliance, test teams concentrate on the following activities:
- Validation of the exchanged resources (blocks of information) to ensure that they are structurally correct and comply with the FHIR implementation guide. For that, the FHIR community provides validating resources.
- Validation of a FHIR server using the TestScript resource to determine whether a given FHIR server adheres to the FHIR specification and check whether two or more FHIR servers are compatible and interoperable.
DICOM is an international standard enabling safe medical image view, analysis and sharing across professional communities. Such automated testing tools as DICOMScope Visualization Tools can ensure compliance with this standard.
Comprehensive usability testing is performed based on relevant user scenarios for each user role with regard to rules and regulations provided by industry standards.
For instance, in EHR testing, user stories cover every procedure a healthcare professional performs during a patient’s visit, including:
- Filling in an admission form and signing a consent form.
- Recording a patient’s vitals.
- Examining, diagnosing, and treating a patient.
- Scheduling the next visit.
And the more diverse user stories are, the better.
As healthcare software offers complex functionality and multiple user roles, tracking dependencies among test cases is important. It is advisable to run a detailed test case management system to preserve and develop the test procedure and track requirements to healthcare functionality and dependencies among test cases as well as expected and unexpected test results.
Healthcare software should ensure consistent performance, especially when immediate actions are to be taken, for instance, a patient’s allergies need to be looked up right away. Therefore, healthcare software should become subject to comprehensive load and performance testing. QA specialists are required to check the behavior and response time of the software under the expected and stress load.
During 2019, one-fifth of US healthcare organizations experienced cyberattacks, and in 2020, the rate of attacks on healthcare facilities is predicted to grow further. To secure and ensure proper handling of personal health information, healthcare software should be verified for HIPAA compliance.
Performing HIPAA-compliance testing requires a thorough understanding of the HIPAA Security Rule to ensure that test cases fully cover all parts of the regulations applicable to the product. HIPAA compliance testing focuses on the following areas:
- Authentication and user authorization.
- Audit log.
- Data transfers.
- Information on correct/incorrect data use.
To learn the advanced aspects of testing for HIPAA compliance, check out our guide to HIPAA compliance testing for web applications.
For testing vendors, a continuous increase in health IT investments signals the necessity to go for healthcare software testing, the scope of which should comprise such aspects as:
- Ensuring reliable and secure medical data exchange (compliance with HL7, FHIR, DICOM).
- Usability (detailed usability testing involving multiple user roles).
- Stability (comprehensive load and performance testing).
- Compliance with HIPAA regulations.