Healthcare software testing: what must be taken into account to create a high-quality application
Digital technologies in medicine have already become the norm. IT-solutions help people monitor their health and even consult doctors remotely.
The market for telemedicine applications, electronic maps, health monitoring software and other technologies is growing.
At the same time, the quality of software solutions for healthcare should be impeccable. The fact is that we are talking not only about people’s health, but also about the security of their personal data.
Andersen experts in the development of software solutions for healthcare will tell you what points must be taken into account when testing healthcare software.
Trends in digital medicine development
Patients need individual treatment, because they react differently to the same disease and have different financial and social opportunities. In addition, the spread of the pandemic has accelerated the transition to customer orientation. Today, there are four main trends in digital medicine.
Mobile apps and telemedicine platforms act as an important link between patients and doctors, and treatment is prescribed based on the results of video calls and data exchange through applications.
- Remote monitoring of patients
Wearable IoT devices are used to remotely collect patient information and transmit it to healthcare institutions. This is especially true for people with chronic diseases. Thanks to round-the-clock monitoring, doctors receive more detailed data on disease development and correct treatment in a timely manner. In turn, scientists receive important information for scientific research.
- Predictive analytics
Big data, machine learning and artificial intelligence work for the benefit of medicine. AI technologies help scientists discover new ways of treatment. Algorithms analyze the attendance and staffing of hospitals. This is how managers learn when to hire temporary employees to relieve permanent staff, and how to distribute patients across wards.
- Electronic medical records and hospital management systems
The number of medical organizations that switch to EHR and use hospital management systems is growing all over the world. These programs store large amounts of patient data from medical history to electronic prescriptions. According to Statista forecasts, the digital medicine market in 2021 amounted to $ 268 billion, and by 2025 this number should grow 2.5 times.
The importance of testing digital medical solutions
The quality and accuracy of digital medical solutions depends on whether the patient will be diagnosed correctly, whether he/she will receive the right treatment and whether their personal information will not be compromised.
The patient’s life sometimes depends on how well the medical software is developed. For example, this happened to people who were treated with a computerized Therac-25 radiation therapy device. Six patients received a lethal dose of radiation. Several people were killed, the rest were seriously injured. The main cause of the tragedy was called inefficient methods of development and violations of software security rules. That is, the developer of a low-quality program was to blame for the tragedy.
According to Bitglass calculations, the number of cyberattacks within the healthcare industry has increased by more than half in recent times. Therefore, it is important to thoroughly test medical programs and implement reliable protection tools.
Any electronic medical system must be created according to the laws of security and confidentiality in accordance with international quality certificates. For Europe, this is GDPR, for the USA — HIPAA and COPPA. Testing the software for compliance with the requirements set out in these standards will ensure product safety and avoid penalties.
Problems related to healthcare software development
Companies providing software testing services note the following frequent problems with medical applications:
- It is difficult to get permission from the FDA.
Medical devices are checked by a separate body – the Food and Drug Administration (FDA). The FDA puts forward regulatory requirements for products. According to the Code of Federal Regulations, the product must pass
- validation (are we creating the right product?);
- verification (are we creating the product correctly?);
- reliability check (how well the program performs tasks?);
- security check (is the software vulnerable to attacks?).
To create the best medical software, the project team must take into account a strict development methodology and a comprehensive quality assurance program.
- UI/UX-design and accessibility
Usability and efficiency are the two main criteria determining the success of a healthcare application. Therefore, before releasing the software to the market, it is worth making sure that it is easy for users to work with it.
Medical software is used more often than other programs by people with disabilities. It is necessary to take this into account by adapting the application to different patients and including testing of usability and accessibility of the program in quality assurance services.
- Incompatibility with other systems
Usually, a medical application does not function in isolation. It communicates via API with third-party systems (EHR, Hospital management system, Medical Practice Management System, etc.) or with wearable IoT devices. Thanks to integration with other applications, patient data is transmitted to medical institutions, important information is stored and other procedures are performed.
The main problems with wearable devices:
- the app does not see the device,
- the app sees the device, but can’t connect to it,
- the device is connected, but cannot transmit data.
In order for the app to not fail and communicate with other systems without problems, integration testing must be carried out within the framework of QA services.
- Small software performance
Productivity is an important characteristic for medical programs. QA specialists should make sure that with the maximum load on the system, there will be no problems with the application.
- Non-compliance with quality standards
To test medical software well, it is worth knowing the quality standards.
The most important ones are:
– HL7. This standard regulates the exchange of clinical, administrative and financial information between healthcare information systems.
– ISO & IEC. These specifications are used to design medical devices. They have subtypes that should also be taken into account when developing and testing software:
ISO 13485 – quality system for the medical equipment industry;
ISO 14971 – risk management for medical devices;
IEC 62304 – SDLC for medical devices;
IEC 62366 – ease of use of medical devices;
IEC 60601-1 – programmable electrical medical devices.
The transfer of medical data must comply with the Health Insurance Portability and Accountability Act (HIPAA). The rules of confidentiality, security, transactions, identifiers and execution must be implemented in medical software. This means that the basic requirements are met for it:
- role-based access control works correctly,
- the application implements a reliable user verification procedure (biometrics, one-time passwords, multi-factor authentication),
- medical data is encrypted regardless of whether it is transmitted within the company, moved outside the organization or saved in storage.,
- data is backed up automatically,
- electronic systems, data and equipment in the company are reliably protected,
- the ICD-9, ICD-10, CDT, HCPCS, CPT-3, CPT-4 and NDC codes are used correctly to ensure the safety and accuracy of medical records,
- patient data is safely deleted from any devices,
- information about the patient is transmitted only through official channels.
With these documents, it is much easier to work on a project, create test cases and test medical software.
If the medical software complies with these regulations, the FDA will allow the release of a medical device or software to the market. Otherwise, any violation of security and privacy standards can lead to serious fines.
QA services in eHealth
Medical IT-solutions bear great responsibility for the reputation, health and life of people, so they need to be thoroughly tested. The type of testing depends on the type of IT-solution and the specifics of the business. Companies providing software QA services are recommended to conduct the following types of checks:
- functional testing — if all the product functions are implemented correctly, it is ready to enter the market,
- non-functional testing — systems are tested for security, usability, availability and performance,
- big data testing — in order for the application to work properly, it must correctly process a large amount of information that is stored in the database. QA specialists check the quality of big data, what is their business logic, whether the storage and databases process SQL queries correctly.
When ordering quality assurance services, owners of a medical application should choose a full cycle of healthcare software testing — a universal measure of quality assurance. The cycle includes all the necessary types of testing that are performed during development at all stages of SDLC. Thus, the business owner will get full confidence in the quality of his/her software and will be able to release it to the market without defects.
Information technology was the beginning of a new era of medical care — contactless, customer-oriented and innovative. If you want to create a high-quality application, contact the Andersen team. Our healthcare software development experts and quality assurance team will help you with the digital transformation of your medical busine