Template:Laboratory Informatics Buyer's Guide for Medical Diagnostics and Research/Choosing laboratory informatics software for your lab/Evaluation and selection

From LIMSWiki
Jump to navigationJump to search

2. Choosing laboratory informatics software for your lab

IBM 1130 desk-sized computer from the mid-1960s and '70s

Computers in the laboratory are not a recent phenomenon. The mid-1960s saw clinical laboratory computerization become increasingly popular[1][2][3][4][5], though that enthusiasm was often based on the potential of the computers themselves rather than their actual capabilities.[1] Researchers imagined potentials such as automatic specimen label generation, daily log and report management, instrument interfacing and data processing, results comparisons, and time management tools. It would take time for some of those potentials to be realized.[1]

In 1970, Temple University Medical School's Marion Ball, M.A., an assistant professor in the Department of Medical Physics, conducted a survey of pathology directors in clinical laboratories that were using computers. Asking their opinions about the advantages and disadvantages of computerized systems in the lab, she received responses from directors in 15 U.S. states, as well as from three other countries. Responses included[6]:

The ability to rapidly prepare cumulative records and then to inspect them for possible errors through analysis trends has been proven to be of tremendous advantage in a number of laboratories. We can prevent errors in our analytical systems, but we are not prepared to prevent errors in the collecting of the sample, the mislabeling of the sample, or the accidental use of an incorrect sample. Thus, the ability to inspect data trends presents the only real tool that we currently have to pick out these kinds of errors. - Max E. Chilcote, Ph.D, Meyer Memorial Hospital Division

There is little argument about whether an operating computer system can be an advantage in a laboratory, but the most critical time is the installation and transition from a "manual" to a "computer" oriented laboratory. - Robert L. Habig, Duke University Medical Center

The most pressing future need for computerization of the laboratory lies in the area of medical diagnosis and guidance of the therapeutic management. This is where the physician's role for the future in the laboratory lies ... We will be gathering vast amounts of information on the health status of many individuals. We can then take advantage of large data processing computers to analyze this information and come up with patterns of disease states. - Leonard Jarett, M.D., Barnes Hospital

Reading about these potentials and opinions today, some 50 years later, we see both clear similarities and definite advances. For example, Habig's statement about transitioning from manual to more automated processes still rings true today: it can be nerve wracking and critical to get the transition right. Conversely, while the systems of decades past weren't able to "prevent errors in the collecting of the sample, the mislabeling of the sample, or the accidental use of an incorrect sample," modern laboratory informatics systems provide many assurances to sample management in the lab. In many cases, activities such as label generation, reporting, results analysis, workflow control, test ordering, and broad interoperability are commonplace in modern systems.[7] And those systems continue to advance, with machine learning now finding its way into a few laboratory data management and analysis workflows.[8][9]

We've come a long way since the 1960s, to a point where the question is no longer "can a computerized system help my lab?" but rather "how do I choose and implement an informatics system to help my lab?" What follows is information to help you with that question, while considering the technology, features, security, cost, implementation, and vendor guarantees that come with such a system.

2.1 Evaluation and selection

What exactly is a laboratory information system (LIS) or laboratory information management system (LIMS) anyway? Do I need one? What options are available and how do I compare them? What about a request for information (RFI), request for proposal (RFP), or request for quotation (RFQ)? These are questions laboratory professionals typically ponder upon finding themselves charged with the mission of finding software for their lab. For many the task can be a daunting proposition.

You may know the workflow-related needs of your laboratory, but perhaps you don't know much about data management solutions like LIS and LIMS, leaving you intimidated by all the options. You'll first need to gauge your lab's informatics needs in order to determine which products are worth investigating further. Of course your lab's analysis requirements, reporting and data sharing constraints, instrument interfacing needs, barcoding and tracking requirements, quality assurance processes, etc. are very important factors. But these systems vary in numerous ways, and other important factors exist. Price should certainly be considered, although value is ultimately more important than a low price. Other important questions that get asked include:

  • Should we purchase software licenses or "rent" the software via a subscription-based model?
  • Does the software need to be on-site, or is a SaaS hosted option more practical?
  • Is a modular or complete system better for us?
  • What is the best licensing/rental scheme for us? Should we consider site, named user, concurrent user, or workstation licenses?
  • Is the company qualified and trustworthy?
  • What functionality is available to help our lab not only accomplish workflow tasks but also remain regulatory compliant?

These and other questions are addressed in this chapter.

2.1.1 Technology considerations

Your laboratory's workflow, instruments, data management requirements, budget, technological expertise, business goals, and risk tolerances will all play a role in deciding what technology to invest in. The physician office lab (POL), with its easy-to-use point-of-care testing and relatively simplified laboratory procedures, will invest significantly less into analyzers, instruments, and laboratory software than the molecular diagnostics laboratory, for example. As such, look at your laboratory's short- and long-term goals, budget, workflow, and regulatory requirements to gain a better understanding of what technology will be involved.

First, what are the laboratory's goals? Does the laboratory owner envision a small investment, taking in a slow but steady flow of simple clinical tests of human fluids, or expansive growth, expanding into multiple testing domains? If the lab is starting small but is confidently expecting to grow, technological investments early on may want to take into account future technologies that may shape data management and security processes. Second, what kind of work will the lab be doing, and what regulatory responsibilities will guide hardware and software investment at the lab? If your lab will be testing medical cannabis for the state or province's associated program, you'll be considering chromatography and spectroscopy instruments, as well as regulatory requirements for complete track-and-trace activities, including reporting. The public health laboratory will likely have many more instruments to cover all its testing needs, and its data management system will likely need to be able to use the Centers for Disease Control and Prevention's PHIN Messaging System. Third, your laboratory's budget is ever important. Does the budget allow for on-site hardware and software systems, with the personnel to maintain them? Is it easier to pay up-front or find a vendor willing to work with you on leasing or rental terms? (We talk about other cost considerations a bit later.)

Finally, will the lab have someone on-site or on-call to resolve technology issues, including set-up and maintenance of software systems? If your lab will have little in the way of available tech help locally, you'll want to consider the distribution model you want to use for any installed software, i.e., you may want to consider software as a service. An increasing number of software services are hosted using cloud computing, which when done well is an increasingly reliable option.[10] Having someone else host the software for you typically means the hosting provider will carry a non-trivial portion of responsibility for technology maintenance and security. Speaking of security, you'll also want to consider the cybersecurity (addressed later) of not only your software solution but also your overall laboratory operations. Does your laboratory have a cybersecurity plan already in place, or has the decision to make one been postponed? What extra investment is required to ensure your sensitive data is secure? Remember that how you rank your cybersecurity preparedness and implement a cybersecurity plan will also guide your technology investment decisions.[11]

2.1.1.1 Laboratory informatics options

Icos Laboratories.JPG

Keeping the above in mind, what are the common software solutions used within a medical diagnostic or research laboratory? One of the more commonly discussed options is the LIS or LIMS. In the past, the term "laboratory information system" or "LIS" was used for solutions designed for medical labs, whereas "laboratory information management system" or "LIMS" was commonly used for non-medical functionality. Over the years, some software vendors have blurred these distinctions, with "LIMS" being used interchangeably with "LIS" in vendor marketing. Today, you'll see both terms being used to reference a laboratory informatics solution designed to assist medical laboratories manage testing workflows, data, and other aspects of their operations.

A December 2019 survey by Medical Laboratory Observer, consisting of 273 respondents, is somewhat revealing in what a LIS or LIMS is being used for by a medical laboratory. Ninety-five percent of respondents indicated they use it to streamline their electronic order entry and result management, with medical data connectivity being the second most popular use. Automation tools, customer relationship management, scheduling, inventory management, revenue management, quality management, and reporting were all also mentioned as important to users.[12] When asked to select from five choices (or provide some other reason) in regard to what their top priority was in selecting a LIS or LIMS, respondents indicated that their most important priority was providing data analysis mechanisms for all types of pathology. See Table 1 below for all responses.

Table 1. MLO survey responses to what the top priority was when acquiring a LIS or LIMS[12]
Top acquisition priority for LIS or LIMS based on a survey; n = 273 Percentage of
respondents
Analytic solutions for clinical/anatomical/molecular pathology 36%
Multi-lab networking/connectivity 25%
Integration with electronic medical records (EMRs) 21%
Flexible management capabilities 8%
Real-time and/or automated inventory management 6%
Other (e.g., cost, patient safety needs, and training management) 4%

These responses help paint a picture of what a LIS or LIMS can do, but there's definitely more to it. (See the next subsection on features and functions.) And other systems are also being used in medical laboratories. The previously mentioned MLO survey indicated that 68 percent of respondents came from a hospital laboratory, highlighting their importance in the medical diagnostic laboratory demographic. As such, we'd be remiss to not mention the hospital information system (HIS), a hospital-level information management system that often incorporates modular functionality similar to that of a LIS or LIMS. However, some such labs will often have their own laboratory data management solution independent of the HIS.

The survey also made reference the the EMR. This software, along with the electronic health record (EHR), is most prevalent among health care systems and other ambulatory providers, including physicians. (As of 2019, approximately 89.9 percent of U.S. physicians have adopted EMRs or EHRs.[13]) These systems act as portable, longitudinal collections of patient and population data and a convenient tool for documenting, monitoring, and managing health care delivery. Medical diagnostic laboratory workflow typically sees test data from a LIS get transferred to the respective patient's record in the EHR.[14]

Finally, you may also see electronic laboratory notebooks (ELN) in medical research labs.[15][16] This software acts as an electronic substitute for the traditional laboratory notebook, assisting researchers with direct recording of experiment data, linking records, and protecting proprietary information. They can typically be integrated with other software systems as well.

Choosing the right software will largely depend on your laboratory type and what you wish to accomplish. We next review the base features of offerings like an LIS and LIMS, as well as the features required by sub-specialties of medical science.

2.1.2 Features and functions

Base features

A LIS or LIMS can have an extravagant list of features, or it may have minimal functionality. Software developers with competent and experienced personnel usually do well with a collection of the required base features, plus any industry-specific features a laboratory may need. But not all developers get it right.

What follows is a list of system functionality that is considered by a variety of experts to be vital to almost any medical diagnostic or research laboratory.[17][18][19][20] Without this functionality, end users may at best grumble about additional workloads or more complicated procedures, and at worse be setting themselves up for major liability issues by not complying with regulations. Arguably, a few items such as mobile device support, voice recognition, and multilingual support may be negotiable, but if the system you are evaluating doesn't contain most of the below bullet-pointed functionality, you may want to look elsewhere.


Test, experiment, and patient management

  • specimen log-in and management, with support for unique IDs
  • batching support
  • barcode and RFID support
  • specimen tracking
  • clinical decision support, including test ordering tools and duplicate test checks
  • custom test management
  • event and instrument scheduling
  • templates, forms, and data fields that are configurable
  • analytical tools, including data visualization, trend analysis, and data mining features
  • data import and export
  • robust query tools
  • document and image management
  • project and experiment management
  • workflow management
  • patient management
  • case management
  • physician and supplier management


Quality, security, and compliance

  • quality assurance / quality control mechanisms, including tracking of nonconformance
  • data normalization and validation
  • results review and approval
  • version control
  • user qualification, performance, and training management
  • audit trails and chain of custody support
  • configurable and granular role-based security
  • configurable system access and use (log-in requirements, account usage rules, account locking, etc.)
  • electronic signature support
  • configurable alarms and alerts
  • data encryption and secure communication protocols
  • data archiving and retention support
  • configurable data backups
  • environmental monitoring and control


Operations management and reporting

  • customizable rich-text reporting, with multiple supported output formats
  • synoptic reporting
  • industry-compliant labeling
  • email integration
  • internal messaging system
  • revenue management
  • instrument interfacing and data management
  • instrument calibration and maintenance tracking
  • inventory and reagent management
  • third-party software and database interfacing
  • mobile device support
  • voice recognition capability
  • results portal for external parties
  • integrated (or online) system help
  • configurable language


Specialty-specific functionality

In the following subsections, the subcategories of labs we looked at in the prior chapter are reviewed, specifically for functionality critical to their specialty. This functionality is supported by four to five citations from vendors and other academic sources.


Anatomical and clinical pathology lab[21][22][23][24]:

  • configure the system using templates for histology and cytology case types
  • add, view, and link pre-generated organ maps and other diagrams
  • add, view, and link custom annotated pathology imaging
  • track abnormal results and provide trending reports for monitoring disease populations
  • support blocks and slides as specimens, with predefined descriptions
  • document grossing examinations
  • print slides and cassettes
  • provide case management, reporting, and test requisition
  • provide specialty workflow for autopsy
  • provide specialty workflow for gynecological cytology, including HPV + Pap co-testing for cervical cancer
  • provide stain panels and histology worksheets
  • support shared management of tissue samples among departments
  • support EHR integration
  • support polymerase chain reaction (PCR) workflow and reporting
  • support pathology-specific reflex testing
  • provide option to combine same-day anatomical and clinical pathology results and reporting
  • flag unusual cases for conference or committee reporting


Harsh Vardhan at the inaugural ceremony of the new campus of Centre for DNA Fingerprinting and Diagnostics (CDFD), in Hyderabad.JPG

Forensic pathology lab[25][26][27][28]:

  • support pre-logging of evidence
  • allow full documentation of a crime scene
  • track storage, movement, and disposal of evidence and property using an ASTM-compliant log
  • manage chain-of-custody transfers of evidence and samples
  • provide quarantine protocol for samples and evidence
  • provide forensic case management, including case status and court testimony
  • manage agency interactions and information
  • add, view, and link forensic imaging into case files
  • manage field scheduling for fingerprinting, homicide casing, and lab work
  • provide custom reporting for toxicology and controlled substance analyses
  • provide support for DNA profile management
  • provide support for convicted offender and other database integration
  • support the use of personal identity verification and other forms of hardware-based (i.e., public key infrastructure or PKI) token authentication


Physician office lab:

The physician office laboratory (POL) is arguably a simpler version of the medical diagnostics lab, often depending on CLIA-waived and CLIA-certified point-of-care instruments for making diagnoses. As such, the data management requirements for a POL are typically not as significant as those of a large-scale diagnostic laboratory. That said, a POL employing laboratory informatics will still need much of the same base functionality mentioned prior, and the system will still need to comply with data management and sharing regulations such as those found with HIPAA and CLIA.

Any POL performing sufficient volumes of testing to benefit from using a laboratory informatics solution may also want to consider the costs and drawbacks, if any, of interfacing to their EHR system, if they have one. In a case where the POL is in a position to consider both an LIS and an EHR at the same time, they should examine the features and potential integration of those products, and they should be sure to consider any future potential of integrating their systems with other external data management systems, including another reference laboratory.

In some cases, an EHR with some laboratory management functionality may make a solid alternative. If considering an EHR that includes some LIS functionality, be sure to clearly identify the functional requirements and demo the system thoroughly to ensure test and reporting workflows make sense. Finally, in cases where POL test volumes are low—coming from only one or a few instruments—and an LIS is not required, POL operators may want to simply consider a middleware option that smoothly facilitates the flow of instrument data to the EHR.


Integrative medicine lab:

If an integrative medicine laboratory is using a laboratory informatics solution, their requirements will be nearly identical to a standard medical diagnostic laboratory, meaning the base functionality mentioned prior will likely be suitable. If there is a major difference or required piece of additional functionality, it will have to do with a more extensive list of available tests and billing codes for them. This usually consists of expansions into nutritional, metabolic, and toxicity test types, as well as support for diagnostic imaging.[29]


Public health lab[17][30][31][32]:

  • provide specialty workflow for newborn screening
  • provide surge capacity for high-priority analyses
  • provide workflow and tools for managing microorganisms and toxins of elevated risk
  • support most medical test protocols and specimen types
  • support ELISA, DNA extraction, sequencing, and other molecular workflows
  • support for a robust set of decision support rules for reflex testing
  • support the Centers for Disease Control and Prevention's PHIN Messaging System
  • support other electronic data exchange standards for critical community partners


Toxicology lab[33][34][35][36][37]:

  • support customizable drug panels and tests
  • support reference lab activities
  • track prescribed medicines and associated history
  • provide management for compounds and compound grouping
  • provide medication-based compliance monitoring and interpretive reporting on it
  • provide decision-support rules for pain management and toxicology
  • provide toxicology-specific reporting formats
  • manage drug court cases associated with testing


Blood bank and transfusion lab[38][39][40][41]:

  • manage inventory across multiple facilities
  • manage donor and harvested tissues
  • support positive patient identification (PPID)
  • support the ISBT 128 standard for medical products of human origin
  • support for both autologous and directed medical product management
  • allow for emergency release of inventory
  • allow for electronic crossmatch of human-based medical products
  • manage medical product recall and documentation
  • manage donor demographics, notification, scheduling, and history
  • manage donation drives and other campaigns
  • track bag and supply lot numbers
  • track quality control testing
  • monitor access to and environmental conditions of supply fridges
  • provide workflow management for non-standard patients
  • support antibody screening processes


Medical Examination of a Clinical Trial Volunteer (45116548811).jpg

Central and contract research lab[42][43][44][45]:

  • manage and track clinical trial kits
  • manage multi-site logistics of specimens
  • provide a reservation function for specimens
  • manage clinical trials and their various functions, including recruitment, study protocols, treatment groups, metadata, multi-site master scheduling, consent checks, and other required reporting
  • provide special access privileges to sponsors, monitors, and investigators
  • support a wide variety of data transfer formats, including CDISC, ASCII, SAS, and XML
  • provide patient management, including demographics, consent forms, clinical notation, and test results
  • provide highly configurable "blinding" features for reports and the user interface
  • track contracts, budgets, and other financials
  • develop exclusion rules and monitor exclusions
  • support testing for a wide variety of disciplines
  • provide study-specific monitoring and alerts
  • provide granular cumulative reporting
  • provide study-specific project portals that allow review of documents, data visualizations, training material, and other study information


Genetic diagnostics and cytogenetics labs[46][47][48][49]:

  • manage sample collection kits
  • manage informed consent documentation
  • provide customized workflows for molecular and next-generation sequencing (NGS) testing
  • track specimen and aliquot lineage for cell lines, tissues, slides, etc.
  • track nucleic acid quantity and quality of specimens
  • support a wide array of molecular testing and associated data fields, including biochemical and molecular genetics, carrier screening, immunology, molecular profiling, prenatal and newborn testing, and pharmacogenetics
  • provide custom workflows for FISH, PCR, gel electrophoresis, cytogenetics, DNA sequencing, and more
  • support specialty testing reimbursement and other revenue management unique to this lab type
  • support single sign-on with imaging platforms
  • provide color coding for turn-around time and other testing statuses
  • provide cleanly formatted rich-text reports customized for molecular diagnostics


Medical cannabis testing lab[50][51][52][53][54]:

  • add, view, and link custom annotated images
  • interface with a wide array of chromatography and spectroscopy instruments
  • optimize sample login and management for the industry, including clear differentiation between medical and recreational cannabis
  • provide compliant test protocols, workflows, labels, and reporting for medical cannabis testing
  • provide ability to interface with state-required compliance reporting systems
  • support inventory reconciliation
  • support disease testing, sexing, and genetic tracking of cannabis
  • support stability testing

2.1.3 Cybersecurity considerations

From law firms[55] to automotive manufacturers[56], the need to address cybersecurity is increasingly apparent. In 2018, the Center for Strategic & International Studies estimated that cybercrime causes close to $600 billion in damages to the global economy every year[57], though due to underreporting of crimes, that number may be much higher. That number also likely doesn't take into account lost business, fines, litigation, and intangible losses[58] In the end, businesses of all sizes average about $200,000 in losses due to a cybersecurity incident[59], and nearly 60 percent of small and midsize businesses go bankrupt within six months because of it.[60]

Medical diagnostic and research laboratories are no exception, regardless of business size. Even tiny labs whose primary digital footprint is a WordPress website advertising their lab are at risk, as hackers could still spread malware, steal user data, add the website to a bot network, hack the site for the learning experience, or even hack it just for fun.[61][62][63] Even more importantly are those labs performing digital data management tasks that handle sensitive patient and proprietary data, requiring additional cybersecurity considerations.

A laboratory can integrate cybersecurity thinking into its laboratory informatics product selection in several ways. First, the lab should have a cybersecurity plan in place, or if not, it should be on the radar. This is a good resource to tap into in regards to deciding what cybersecurity considerations should be made for the software. Can the software help your lab meet your cybersecurity goals? What regulatory requirements for your lab are or are not covered by the software?[11] Another tool to consider—which may have been used in any prior cybersecurity planning efforts—is a cybersecurity framework. Many, but not all, cybersecurity frameworks include a catalog of security controls. Each control is "a safeguard or countermeasure prescribed for an information system or an organization designed to protect the confidentiality, integrity, and availability of its information and to meet a set of defined security requirements."[64] These controls give the implementing organization a concrete set of configurable goals to apply to their overall cybersecurity strategy. Other frameworks may be less oriented to security controls and more program-based or risk-based. Choosing the best frameworks will likely depend on multiple factors, including the organization's industry type, the amount of technical expertise within the organization, the budget, the organizational goals, the amount of buy-in from key organizational stakeholders, and those stakeholders' preferred approach.[11]

Finally, having a cybersecurity plan that incorporates one or more cybersecurity frameworks gives the laboratory ample opportunity to apply stated goals and chosen security controls to the evaluation and selection process. In particular, a user requirements specification (URS) that incorporates cybersecurity considerations will certainly help a laboratory with meeting regulatory requirements while also protecting its data systems. A USR that is pre-built with cybersecurity controls in mind—such as LIMSpec, discussed later—makes the evaluation process even easier.

2.1.4 Regulatory compliance considerations

Without a doubt, it's vital that medical diagnostic and research laboratories operate within the bounds of a regulatory atmosphere, not only to better ensure the best patient outcomes but also to ensure the quality of test results, the privacy of patient information, and the safety of personnel. Maintaining regulatory compliance requires deliberate approaches to developing and enforcing processes and procedures, quality training, consistent communication, and knowledgeable personnel. It also requires a top-down appreciation and commitment to a culture of quality. From the Clinical Laboratory Improvement Amendments (CLIA) and Health Insurance Portability and Accountability Act (HIPAA) to 21 CFR Part 11 and the General Data Protection Regulation, laboratories have much to consider in regards to what regulations impact them.

That said, consider approaching the question of regulatory compliance from the standpoint of adopting standards. Consider first that the risks and consequences of performing a task poorly drives regulation and, more preferably[65][66], standardization, which in turn moves the "goalposts" of quality and security among organizations. In the case of regulations, those organization that get caught not conforming to the necessary regulations tend to suffer negative consequences, providing some incentive for them to improve organizational processes and procedures.

One of the downsides of regulations is that they can at times be "imprecise" or "disconnected"[66] from what actually occurs within the organization and its information systems. Rather than focusing heavily on regulatory conformance, well-designed standards may, when adopted, provide a clearer path of opportunity for organizations to improve their operational culture and outcomes, particularly since standards are usually developed with a broader consensus of interested individuals with expertise in a given field.[65] In turn, the organizations that adopt well-designed standards likely have a better chance of conforming to the regulations they must, and they'll likely have more interest in maintaining and improving the goalposts of quality and security in the lab.

Additionally, reputable software developers of laboratory informatics software will not only adopt their own industry standards for software development but also understand the standards and regulations that affect laboratories and research centers. In turn, the developed software should meet regulations and standards, help the laboratory comply with its regulations and standards, and be of reliably good quality.

If you're a potential buyer of a laboratory informatics solution, it may be that you know a bit about your laboratory's workflow and a few of the regulations and standards that influence how that workflow is conducted, but you're not entirely informed about all the regulations and standards that affect your lab. Turning to a URS such as LIMSpec—which was developed around laboratory regulations and standards—and reviewing the various statements contained within may be necessary to help further inform you. Additionally, as you investigate various informatics options, you can then use the requirements in the URS as a base for your laboratory's own requirements list. Using the categories and their subdivisions, you can then add those requirements that are unique to your laboratory and industry that are not sufficiently covered by the base URS. As you review the various options available to you and narrow down your search, your own list of requirements can be used as both as a personal checklist and as a requirements list you hand over to the vendor you query. And since your URS is based off the standards and regulations affecting your lab, you can feel more confident in your acquisition and its integration into your laboratory workflow.

2.1.5 System flexibility

Before selecting a solution, your laboratory should also have internal discussions about how diversified its offered services are, as well as what the future may bring to the lab. If, for example, your lab is currently configured for toxicology testing, does your existing laboratory informatics system—or the ones you may be considering—have the flexibility to add other types of clinical testing, protocols, and workflows? Will you be doing the footwork to add them, or will the vendor of your system support you in that effort? If you're a start-up, will your lab be focusing solely on a specific type of clinical testing and expand into other markets later, or will your test menu need to be much broader right from the start? In most of these cases, you'll desire a LIMS that is flexible enough to allow for not only running the specific tests you need now, but also sufficiently expandable for any future testing services your lab may conduct in the mid- and long-term. Having the ability to create and customize specimen registration screens, test protocols, labels, reports, specification limit sets, measurement units, and substrates/matrices while being able to interface with practically most any instrument and software system required will go a long way towards making your expanding test menu and workflows integrates as smoothly as possible.

Such a system will typically be marketed as being highly user-configurable, giving labs a relatively painless means to adapt to rapid changes in test volume and type over time. However, once you've internally addressed current and anticipated future growth, your lab will want to learn what explicitly makes any given vendor's system user-configurable. How easy is it to configure the system to new tests? Add custom reports? What knowledge or skills will be required of your lab in order to make the necessary changes, i.e., will your staff require programming skills, or are the administrator and advanced user functions robust enough to make changes without hard-coding? These and other such questions should be fully addressed by the vendor in order to set your mind at ease towards a system's stated flexibility. Ultimately, you want the system to be flexible enough to change with the laboratory itself, while minimizing overall costs and reducing the time required to make any necessary modifications.

2.1.6 Cost considerations

First, you'll want to be clear on what will be included in the sales agreement. Whether through an estimate or statement of work (SOW), it is important it includes exactly what is expected, being as specific as possible, since this will be the entire contractual obligation for both you the buyer and them the vendor. Note that line items may differ slightly from system to system, according to what features and functions are included by default with each vendor's solution and which, if any, are additional. Also keep in mind that any hourly amount in the the estimate or SOW is usually a best estimate; however, if sufficient attention to detailed requirements has been given, then it should be quite accurate, and in fact the final cost may even be below the quoted cost if you prioritize your own obligations so that the vendor's hours are used sparingly and efficiently.

The estimate or SOW should optimally include:

  • licensing or subscription rates;
  • required core items to meet federal, state, and local regulations;
  • additional optional items and totals; and
  • required services (implementation, maintenance and support, optional add-ons).

There are two primary ways to price a laboratory informatics solution: a one-time license fee or a subscription rate (cloud-hosted software as a service [SaaS]). If you have your own dedicated IT department and staff, you may prefer the former (although many system administrators are just as happy to let it be hosted elsewhere rather than add to their workload). Otherwise, a SaaS subscription may well be the better and more cost-effective way to go (since the primary IT cost is simply internet access). This item will be part of your up-front cost and, in the case of subscription, it will also figure into your first year and ongoing costs; otherwise only associated maintenance, support, and warranty (MSW) will figure in. Typically, your first year's subscription costs will be due at signing. More often, the vendor may require three months or even the first year up front, so be prepared to factor that into up-front costs. However, it still is almost always less expensive at the outset (and over time, if you factor in IT costs and annual MSW) than paying for a license fee.

In addition to the two types of software pricing, there are also sub-types. Generally these are based on the number of users (or, in some cases, "nodes," which are simply any entities that access the informatics system, including other systems, instruments, etc.). How these are counted can vary.

  • Named users: This method bases pricing on the actual individual users of the system, even if they only log in sporadically. Users may not use each other's logins (this is a no-no regardless of pricing structure, for good laboratory practice and other regulatory reasons).
  • Concurrent users: This bases pricing on the maximum number of users who will be logged in at any given time. You can define an unlimited number of named users in the system, each with their own login credentials. However, only the number of concurrent users specified in the license or subscription may be logged in at any one time. For example, you may have 10 staff, but due to work processes, shifts, etc., only up to six might ever be logged in simultaneously. Whereas this would require a named user license for 10, it would only require a concurrent user license for six.
  • Unlimited users: In the case of very large labs (typically 30 to 50 and up), the license or subscription may simply be a flat fee that allows any number of users.

The line items in the estimate or SOW should reflect these nuances, as well as whether the listed costs are monthly or annual (for subscription services), hourly (typically for support and training), or a fixed one-time cost. Additionally, be cautious with fixed costs, as they typically represent one of two possible scenarios:

  1. Final fixed cost: In this case, the cost has been figured by the vendor so as to cover their worst-case hourly labor total. If a line item (e.g., an interface) is not "worst case," then you are overpaying.
  2. "Expandable" fixed cost: This is as bad as final fixed cost, and maybe even worse because it's almost a case of "bait-and-switch," popping up as a surprise. The initial "fixed cost" number is low, and additional hourly services are needed to actually deliver the item. This will have been provided for somewhere in the small print.

The bottom line is that everything in a laboratory informatics solution is really either licensing or hourly services. Just be careful if they are portrayed as anything else.

It is important to be clear which category each line item falls under when figuring costs: up-front (due upon signing), annual, or ongoing (e.g., SaaS subscription). It is useful to clearly lay out each and compute initial costs, as well as first-year and subsequent years' costings. For example, your initial obligation may be as little as your first year's subscription plus the first 40 hours of services. Different vendors have different policies, however, and you may be required to pay for your first full year's subscription and all services, or some other combination. Normally, though, any instrument interface or other service charges aren't due until the they are implemented, which may be a few weeks or even a month down the road. This may depend on your budget, complexity of the SOW, and urgency. Your first year's expenses will include everything, including initial license fees; all setup and training; any interfaces and additional configurations or customization; and first annual MSW. (If this isn't included in the SaaS subscription, then it usually commences on full system delivery). Afterwards, your subscription and MSW will be the only ongoing expenses (included as one in this example), unless you choose to have additional interfaces or other services performed at any time.

  1. 1.0 1.1 1.2 Krieg, A.F. (1974). "Chapter 30: Clinical Laboratory Computerization". In Davidsohn, I.; Henry, J.B.. Clinical Diagnosis by Laboratory Methods. W.B. Saunders Company. pp. 1340–58. ISBN 0721629229. 
  2. Flynn, F.V. (1965). "Computer-assisted processing of bio-chemical test data". In Atkins, H.J.B.. Progress in Medical Computing. Blackwell Science Ltd. p. 46. ISBN 0632001801. 
  3. Williams, G.Z. (1964). "The Use of Data Processing and Automation in Clinical Pathology". Military Medicine 129 (6): 502–9. doi:10.1093/milmed/129.6.502. 
  4. Hicks, G.P.; Gieschen, M.M.; Slack, W.V. et al. (1966). "Routine Use of a Small Digital Computer in the Clinical Laboratory". JAMA 196 (11): 973–78. doi:10.1001/jama.1966.03100240107021. 
  5. Straumfjord, J.V.; Spraberry, M.N.; Biggs, H.G.; Noto, T.A. (1967). "Electronic Data Processing System for Clinical Laboratories: A System Used for All Laboratory Sections". American Journal of Clinical Pathology 47 (5_ts): 661–76. doi:10.1093/ajcp/47.5_ts.661. 
  6. Ball, M.J. (1970). "A Survey of Field Experience in Clinical Laboratory Computerization". Laboratory Medicine 1 (11): 25–27, 49–51. doi:10.1093/labmed/1.11.25. 
  7. Jones, R.G.; Johnson, O.A.; Batstone, G. (2014). "Informatics and the Clinical Laboratory". The Clinical Biochemist Reviews 35 (3): 177–92. PMC PMC4204239. PMID 25336763. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4204239. 
  8. Burton, R. (19 July 2018). "NHS Laboratories Need Data Science". Towards Data Science. https://towardsdatascience.com/nhs-laboratories-need-data-science-c93f7983302c. Retrieved 18 November 2021. 
  9. Cuff, J. (18 June 2018). "Augmenting Pathology Labs with Big Data and Machine Learning". The Next Platform. https://www.nextplatform.com/2018/06/19/augmenting-pathology-labs-with-big-data-and-machine-learning/. Retrieved 18 November 2021. 
  10. Izrailevsky, Y.; Bell, C. (2018). "Cloud Reliability". IEEE Cloud Computing 5 (3): 39–44. doi:10.1109/MCC.2018.032591615. 
  11. 11.0 11.1 11.2 Douglas, S.E. (July 2020). "Comprehensive Guide to Developing and Implementing a Cybersecurity Plan". LIMSwiki. 
  12. 12.0 12.1 Silva, B. (19 December 2019). "IT solutions in the clinical lab". Medical Laboratory Observer. https://www.mlo-online.com/information-technology/article/21117759/it-solutions-in-the-clinical-lab. Retrieved 18 November 2021. 
  13. "Electronic Medical Records/Electronic Health Records (EMRs/EHRs)". Centers for Disease Control and Prevention. 14 October 2021. https://www.cdc.gov/nchs/fastats/electronic-medical-records.htm. Retrieved 18 November 2021. 
  14. Perrotta, P.L.; Karcher, D.S. (2016). "Validating Laboratory Results in Electronic Health Records: A College of American Pathologists Q-Probes Study". Archives of Pathology and Laboratory Medicine 140 (9): 926–31. doi:10.5858/arpa.2015-0320-CP. PMC PMC5513146. PMID 27575266. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5513146. 
  15. Menzel, J.; Weil, P.; Bittihn, P. et al. (2013). "Requirement analysis for an electronic laboratory notebook for sustainable data management in biomedical research". Studies in Health Technologies and Informatics 192: 1108. doi:10.3233/978-1-61499-289-9-1108. PMID 23920882. 
  16. Guerrero, S.; Dujardin, G.; Cabrera-Andrade, A. et al. (2016). "Analysis and Implementation of an Electronic Laboratory Notebook in a Biomedical Research Institute". PLoS One 11 (8): e0160428. doi:10.1371/journal.pone.0160428. PMC PMC4968837. PMID 27479083. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4968837. 
  17. 17.0 17.1 Association of Public Health Laboratories (May 2019). "Laboratory Information Systems Project Management: A Guidebook for International Implementations" (PDF). APHL. https://www.aphl.org/aboutAPHL/publications/Documents/GH-2019May-LIS-Guidebook-web.pdf. Retrieved 18 November 2021. 
  18. Kyobe, S.; Musinguzi, H.; Lwanga, N. et al. (2017). "Selecting a Laboratory Information Management System for Biorepositories in Low- and Middle-Income Countries: The H3Africa Experience and Lessons Learned". Biopreservation and Biobanking 15 (2): 111–15. doi:10.1089/bio.2017.0006. PMC PMC5397240. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5397240. 
  19. List, M.; Schmidt, S.; Trojnar, J. et al. (2014). "Efficient sample tracking with OpenLabFramework". Scientific Reports 4: 4278. doi:10.1038/srep04278. PMC PMC3940979. PMID 24589879. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3940979. 
  20. Splitz, A.R.; Balis, U.J.; Friedman, B.A. et al. (20 September 2013). "LIS Functionality Assessment Toolkit". Association for Pathology Informatics. https://www.pathologyinformatics.org/toolkit.php. Retrieved 18 November 2021. 
  21. "Anatomic Pathology". LabWare, Inc. 2021. https://www.labware.com/industries/healthcare#anatomic. Retrieved 18 November 2021. 
  22. "Sunquest CoPathPlus". Sunquest Information Systems, Inc. 2021. https://www.sunquestinfo.com/software-and-services/copathplus/. Retrieved 18 November 2021. 
  23. "NovoPath: Redefining Laboratory Information Systems". NovoPath, Inc. 2021. https://www.novopath.com/. Retrieved 18 November 2021. 
  24. "TD HistoCyto". Technidata SAS. 2021. https://www.technidata-web.com/en-gb/solutions-services/solutions/histopathology. Retrieved 18 November 2021. 
  25. "Starlims Forensic LIMS". Abbot. 2021. https://www.starlims.com/us/en/industries/forensics. Retrieved 18 November 2021. 
  26. "Forensics & Medical Examiner". LabLynx, Inc. 2021. https://www.lablynx.com/forensics/. Retrieved 18 November 2021. 
  27. "LIMS Solution for Forensics". Thermo Fisher Scientific. 2017. Archived from the original on 12 December 2017. https://web.archive.org/web/20171212065803/https://www.thermofisher.com/order/catalog/product/INF-12000-FORENSIC. Retrieved 18 November 2021. 
  28. "Laboratory Information Management System". Porter Lee Corporation. 2021. http://www.porterlee.com/lims.html. Retrieved 18 November 2021. 
  29. Bralley, J.A.; Lord, R.S. (2008). "Chapter 1: Basic Concepts". Laboratory Evaluations for Integrative and Functional Medicine (2nd ed.). MetaMetrix Institute. pp. 1–16. ISBN 0967394945. https://books.google.com/books?id=CpXVAwgOv7sC&pg=PT11. 
  30. "Public Health". LabWare, Inc. 2021. https://www.labware.com/industries/healthcare#publichealth. Retrieved 18 November 2021. 
  31. "Public Health Laboratories". Orchard Software Corporation. 2021. https://www.orchardsoft.com/solutions/public-health-labs/. Retrieved 18 November 2021. 
  32. "ApolloLIMS for Public Health Labs". Common Cents Systems, Inc. 2021. https://www.apollolims.com/lab-expertise/public-health/. Retrieved 18 November 2021. 
  33. "Easytox: Features". AP Easy Software Solutions. 2020. Archived from the original on 28 October 2020. https://web.archive.org/web/20201028074209/https://easytoxicology.com/features/. Retrieved 18 November 2021. 
  34. "Starfruit Toxicology". Data Unlimited International, Inc. 2021. http://www.duii.com/products/starfruit-toxicology/. Retrieved 18 November 2021. 
  35. "Toxicology LIMS". LabLynx, Inc. 2021. https://lablynx.com/toxicology/. Retrieved 18 November 2021. 
  36. "Online Data Management". DTPM, Inc. 2021. https://www.dtpm.com/online-data-management/. Retrieved 18 November 2021. 
  37. "Pain Management & Toxicology Labs". Orchard Software Corporation. 2021. https://www.orchardsoft.com/solutions/pain-management-toxicology-labs/. Retrieved 18 November 2021. 
  38. "Sunquest Blood Bank". Sunquest Information Systems, Inc. 2021. https://www.sunquestinfo.com/software-and-services/blood-bank-management/. Retrieved 18 November 2021. 
  39. "SCC's Blood Services Information Systems Suite". SCC Soft Computer. 2021. https://www.softcomputer.com/products-services/blood-services/. Retrieved 18 November 2021. 
  40. "Hemasoft". Hemasoft Software SL. 2021. http://www.hemasoft.com/. Retrieved 18 November 2021. 
  41. "TD BloodBank". Technidata SAS. 2021. https://www.technidata-web.com/en-gb/solutions-services/solutions/blood-banking. Retrieved 18 November 2021. 
  42. "Supporting Services - Data management". Eurofins Scientific. 2021. https://www.eurofins.com/biopharma-services/central-lab-old/support-services/data-management/. Retrieved 18 November 2021. 
  43. "Starlims Clinical Research LIMS". Abbot. 2021. https://www.starlims.com/us/en/industries/clinical-research. Retrieved 18 November 2021. 
  44. "Clinical Research". LabWare, Inc. 2021. https://www.labware.com/industries/biobanking-clinical#clinical. Retrieved 18 November 2021. 
  45. "ClinTrak Lab". Medpace, Inc. 2021. https://www.medpace.com/capabilities/technology/laboratory-information-management/. Retrieved 18 November 2021. 
  46. "Sunquest Mitogen LIMS". Sunquest Information Systems, Inc. 2021. https://www.sunquestinfo.com/software-and-services/lims/. Retrieved 18 November 2021. 
  47. "Molecular Diagnostics". XIFIN, Inc. 2021. https://www.xifin.com/industry-solutions/laboratory/molecular-diagnostics. Retrieved 18 November 2021. 
  48. "NucleoLIS - Flexible & Modern LIS". Psyche Systems. 2021. https://psychesystems.com/enterprise-laboratory-information-software/nucleolis-molecular-lab-testing-software/. Retrieved 18 November 2021. 
  49. Myers, C.; Swadley, M.; Carter, A.B. (2018). "Laboratory Information Systems and Instrument Software Lack Basic Functionality for Molecular Laboratories". Journal of Molecular Diagnostics 20 (5): 591–99. doi:10.1016/j.jmoldx.2018.05.011. 
  50. "Cannabis LIMS for QA and Medical Research". LabLynx, Inc. 2021. https://www.lablynx.com/cannabis/. Retrieved 18 November 2021. 
  51. "Cannabis Testing". Khemia Software, Inc. 2021. https://khemia.com/industries/cannabis-testing/. Retrieved 18 November 2021. 
  52. "LabWare GROW". LabWare, Inc. 2021. https://www.labware.com/lims/saas/grow. Retrieved 18 November 2021. 
  53. "LIMS for Cannabis & Hemp Analysis Labs". Junction Concepts. 2021. https://qbench.net/qbench-lims-cannabis-testing-labs/. Retrieved 18 November 2021. 
  54. "Selecting a LIMS for the Cannabis Industry". LabCompare. CompareNetworks, Inc. 27 November 2018. https://www.labcompare.com/10-Featured-Articles/354722-Selecting-a-LIMS-for-the-Cannabis-Industry/. Retrieved 21 November 2021. 
  55. Sobowale, J. (1 March 2017). "Law firms must manage cybersecurity risks". ABA Journal. American Bar Association. http://www.abajournal.com/magazine/article/managing_cybersecurity_risk/. Retrieved 18 November 2021. 
  56. Watney, C.; Draffin, C. (November 2017). "Addressing new challenges in automotive cybersecurity" (PDF). R Street Policy Study No. 118. R Street Institute. https://www.rstreet.org/wp-content/uploads/2018/04/118-1.pdf. Retrieved 18 November 2021. 
  57. Lewis, J.A. (21 February 2018). "Economic Impact of Cybercrime". Center for Strategic & International Studies. https://www.csis.org/analysis/economic-impact-cybercrime. Retrieved 18 November 2021. 
  58. "BLOG: Cost of Cyber Crime to Small Businesses". Virginia SBDC Blog. Virginia SBDC. 30 May 2017. Archived from the original on 05 July 2020. https://web.archive.org/web/20200705061737/https://www.virginiasbdc.org/blog-cost-of-cyber-crime-to-small-businesses/. Retrieved 18 November 2021. 
  59. "Hiscox Cyber Readiness Report 2019" (PDF). Hiscox Ltd. April 2019. https://www.hiscox.com/documents/2019-Hiscox-Cyber-Readiness-Report.pdf. Retrieved 18 November 2021. 
  60. Galvin, J. (7 May 2018). "60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack. Here's How to Protect Yourself". Inc.com. https://www.inc.com/joe-galvin/60-percent-of-small-businesses-fold-within-6-months-of-a-cyber-attack-heres-how-to-protect-yourself.html. Retrieved 18 November 2021. 
  61. Grima, M. (14 November 2019). "Top reasons why WordPress websites get hacked (and how you can stop it)". WP White Security. https://www.wpwhitesecurity.com/why-malicious-hacker-target-wordpress/. Retrieved 18 November 2021. 
  62. Moen, D. (19 April 2016). "What Hackers Do With Compromised WordPress Sites". Wordfence Blog. Defiant, Inc. https://www.wordfence.com/blog/2016/04/hackers-compromised-wordpress-sites/. Retrieved 18 November 2021. 
  63. Talaleve, A. (22 February 2021). "Website Hacking Statistics You Should Know in 2021". Patchstack. https://patchstack.com/website-hacking-statistics/. Retrieved 18 November 2021. 
  64. "security control". Computer Security Resource Center. National Institute of Standards and Technology. 2019. https://csrc.nist.gov/glossary/term/security_control. Retrieved 18 November 2021. 
  65. 65.0 65.1 Ciocoui, C.N.; Dobrea, R.C. (2010). "Chapter 1. The Role of Standardization in Improving the Effectiveness of Integrated Risk Management". In Nota, G.. Advances in Risk Management. IntechOpen. doi:10.5772/9893. ISBN 9789535159469. 
  66. 66.0 66.1 "Data Standardization: A Call to Action" (PDF). JPMorgan Chase & Co. May 2018. https://www.jpmorganchase.com/content/dam/jpmc/jpmorgan-chase-and-co/documents/call-to-action.pdf. Retrieved 18 November 2021.