420 research outputs found
Information technologies for pain management
Millions of people around the world suffer from pain, acute or chronic and this raises the
importance of its screening, assessment and treatment. The importance of pain is attested by
the fact that it is considered the fifth vital sign for indicating basic bodily functions, health
and quality of life, together with the four other vital signs: blood pressure, body
temperature, pulse rate and respiratory rate. However, while these four signals represent an
objective physical parameter, the occurrence of pain expresses an emotional status that
happens inside the mind of each individual and therefore, is highly subjective that makes
difficult its management and evaluation. For this reason, the self-report of pain is considered
the most accurate pain assessment method wherein patients should be asked to periodically
rate their pain severity and related symptoms. Thus, in the last years computerised systems
based on mobile and web technologies are becoming increasingly used to enable patients to
report their pain which lead to the development of electronic pain diaries (ED). This approach
may provide to health care professionals (HCP) and patients the ability to interact with the
system anywhere and at anytime thoroughly changes the coordinates of time and place and
offers invaluable opportunities to the healthcare delivery. However, most of these systems
were designed to interact directly to patients without presence of a healthcare professional
or without evidence of reliability and accuracy. In fact, the observation of the existing
systems revealed lack of integration with mobile devices, limited use of web-based interfaces
and reduced interaction with patients in terms of obtaining and viewing information. In
addition, the reliability and accuracy of computerised systems for pain management are
rarely proved or their effects on HCP and patients outcomes remain understudied.
This thesis is focused on technology for pain management and aims to propose a monitoring
system which includes ubiquitous interfaces specifically oriented to either patients or HCP
using mobile devices and Internet so as to allow decisions based on the knowledge obtained
from the analysis of the collected data. With the interoperability and cloud computing
technologies in mind this system uses web services (WS) to manage data which are stored in a
Personal Health Record (PHR).
A Randomised Controlled Trial (RCT) was implemented so as to determine the effectiveness
of the proposed computerised monitoring system. The six weeks RCT evidenced the
advantages provided by the ubiquitous access to HCP and patients so as to they were able to
interact with the system anywhere and at anytime using WS to send and receive data. In
addition, the collected data were stored in a PHR which offers integrity and security as well
as permanent on line accessibility to both patients and HCP. The study evidenced not only
that the majority of participants recommend the system, but also that they recognize it
suitability for pain management without the requirement of advanced skills or experienced users. Furthermore, the system enabled the definition and management of patient-oriented
treatments with reduced therapist time. The study also revealed that the guidance of HCP at
the beginning of the monitoring is crucial to patients' satisfaction and experience stemming
from the usage of the system as evidenced by the high correlation between the
recommendation of the application, and it suitability to improve pain management and to
provide medical information. There were no significant differences regarding to
improvements in the quality of pain treatment between intervention group and control group.
Based on the data collected during the RCT a clinical decision support system (CDSS) was
developed so as to offer capabilities of tailored alarms, reports, and clinical guidance. This
CDSS, called Patient Oriented Method of Pain Evaluation System (POMPES), is based on the
combination of several statistical models (one-way ANOVA, Kruskal-Wallis and Tukey-Kramer)
with an imputation model based on linear regression. This system resulted in fully accuracy
related to decisions suggested by the system compared with the medical diagnosis, and
therefore, revealed it suitability to manage the pain. At last, based on the aerospace systems
capability to deal with different complex data sources with varied complexities and
accuracies, an innovative model was proposed. This model is characterized by a qualitative
analysis stemming from the data fusion method combined with a quantitative model based on
the comparison of the standard deviation together with the values of mathematical
expectations. This model aimed to compare the effects of technological and pen-and-paper
systems when applied to different dimension of pain, such as: pain intensity, anxiety,
catastrophizing, depression, disability and interference. It was observed that pen-and-paper
and technology produced equivalent effects in anxiety, depression, interference and pain
intensity. On the contrary, technology evidenced favourable effects in terms of
catastrophizing and disability. The proposed method revealed to be suitable, intelligible, easy
to implement and low time and resources consuming. Further work is needed to evaluate the
proposed system to follow up participants for longer periods of time which includes a
complementary RCT encompassing patients with chronic pain symptoms. Finally, additional
studies should be addressed to determine the economic effects not only to patients but also
to the healthcare system
Transactions of the First International Conference on Health Information Technology Advancement vol. 1, no. 1
Full proceedings of The First International Conference on Health Information Technology Advancement held at Western Michigan University in Kalamazoo, Michigan on October 28, 2011.
Conference Co-Chairs:
Dr. Bernard Han, Director of the Center for HIT Advancement (CHITA) at Western Michigan University
Dr. Sharie Falan, Associate Director of the Center for HIT Advancement (CHITA) at Western Michigan University
Transactions Editor:
Dr. Huei Lee, Professor in the Department of Computer Information Systems at Eastern Michigan Universit
Improving groupware design for loosely coupled groups
Loosely coupled workgroups are common in the real world, and workers in these groups are autonomous and weakly interdependent. They have patterns of work and collaboration that distinguish them from other types of groups, and groupware systems that are designed to support loose coupling must address these differences. However, they have not been studied in detail in Computer-Supported Cooperative Work (CSCW), and the design process for these groups is currently underspecified. This forces designers to start from scratch each time they develop a system for loosely coupled groups, and they must approach new work settings with little information about how work practices are organized.
In this dissertation, I present a design framework to improve the groupware design process for loosely coupled workgroups. The framework has three main parts that add a new layer of support to each of the three stages in the general groupware design process: data collection about the target work setting, analysis of the data, and system design based on the analysis results. The framework was developed to provide designers with support during each of these stages so that they can consider important characteristics of loosely coupled work practice while carrying out design for the target group. The design framework is based on information from CSCW and organizational research, and on real-world design experiences with one type of loosely coupled workgroup—home care treatment teams.
The framework was evaluated using observations, interviews, and field trials that were carried out with multidisciplinary home care treatment teams in Saskatoon Health Region. A series of field observations and interviews were carried out with team members from each of the home care disciplines. The framework was then used to develop Mohoc, a groupware system that supports work in home care. Two field trials were carried out where the system was used by teams to support their daily activities. Results were analyzed to determine how well each part of the design framework performed in the design process. The results suggest that the framework was able to fill its role in specializing the general CSCW design process for loosely coupled groups by adding consideration for work and collaboration patterns that are seen in loosely coupled settings. However, further research is needed to determine whether these findings generalize to other loosely coupled workgroups
Clinical foundations and information architecture for the implementation of a federated health record service
Clinical care increasingly requires healthcare professionals to access patient record information that
may be distributed across multiple sites, held in a variety of paper and electronic formats, and
represented as mixtures of narrative, structured, coded and multi-media entries. A longitudinal
person-centred electronic health record (EHR) is a much-anticipated solution to this problem, but
its realisation is proving to be a long and complex journey.
This Thesis explores the history and evolution of clinical information systems, and establishes a set
of clinical and ethico-legal requirements for a generic EHR server. A federation approach (FHR) to
harmonising distributed heterogeneous electronic clinical databases is advocated as the basis for
meeting these requirements.
A set of information models and middleware services, needed to implement a Federated Health
Record server, are then described, thereby supporting access by clinical applications to a distributed
set of feeder systems holding patient record information. The overall information architecture thus
defined provides a generic means of combining such feeder system data to create a virtual
electronic health record. Active collaboration in a wide range of clinical contexts, across the whole
of Europe, has been central to the evolution of the approach taken.
A federated health record server based on this architecture has been implemented by the author
and colleagues and deployed in a live clinical environment in the Department of Cardiovascular
Medicine at the Whittington Hospital in North London. This implementation experience has fed
back into the conceptual development of the approach and has provided "proof-of-concept"
verification of its completeness and practical utility.
This research has benefited from collaboration with a wide range of healthcare sites, informatics
organisations and industry across Europe though several EU Health Telematics projects: GEHR,
Synapses, EHCR-SupA, SynEx, Medicate and 6WINIT.
The information models published here have been placed in the public domain and have
substantially contributed to two generations of CEN health informatics standards, including CEN
TC/251 ENV 13606
Performance evaluation of cooperation strategies for m-health services and applications
Health telematics are becoming a major improvement for patients’ lives, especially for
disabled, elderly, and chronically ill people. Information and communication technologies have
rapidly grown along with the mobile Internet concept of anywhere and anytime connection.
In this context, Mobile Health (m-Health) proposes healthcare services delivering, overcoming
geographical, temporal and even organizational barriers. Pervasive and m-Health services aim
to respond several emerging problems in health services, including the increasing number of
chronic diseases related to lifestyle, high costs in existing national health services, the need
to empower patients and families to self-care and manage their own healthcare, and the need
to provide direct access to health services, regardless the time and place. Mobile Health (m-
Health) systems include the use of mobile devices and applications that interact with patients
and caretakers. However, mobile devices have several constraints (such as, processor, energy,
and storage resource limitations), affecting the quality of service and user experience. Architectures
based on mobile devices and wireless communications presents several challenged issues
and constraints, such as, battery and storage capacity, broadcast constraints, interferences, disconnections,
noises, limited bandwidths, and network delays. In this sense, cooperation-based
approaches are presented as a solution to solve such limitations, focusing on increasing network
connectivity, communication rates, and reliability. Cooperation is an important research topic
that has been growing in recent years. With the advent of wireless networks, several recent
studies present cooperation mechanisms and algorithms as a solution to improve wireless networks
performance. In the absence of a stable network infrastructure, mobile nodes cooperate
with each other performing all networking functionalities. For example, it can support intermediate
nodes forwarding packets between two distant nodes.
This Thesis proposes a novel cooperation strategy for m-Health services and applications.
This reputation-based scheme uses a Web-service to handle all the nodes reputation and networking
permissions. Its main goal is to provide Internet services to mobile devices without
network connectivity through cooperation with neighbor devices. Therefore resolving the above
mentioned network problems and resulting in a major improvement for m-Health network architectures
performances. A performance evaluation of this proposal through a real network
scenario demonstrating and validating this cooperative scheme using a real m-Health application
is presented. A cryptography solution for m-Health applications under cooperative environments,
called DE4MHA, is also proposed and evaluated using the same real network scenario and
the same m-Health application. Finally, this work proposes, a generalized cooperative application
framework, called MobiCoop, that extends the incentive-based cooperative scheme for
m-Health applications for all mobile applications. Its performance evaluation is also presented
through a real network scenario demonstrating and validating MobiCoop using different mobile
applications
Perception gaps and the adoption of information technology in the clinical healthcare environment
Implementation of information systems has lagged in many areas of clinical healthcare for a variety of reasons. Economics, data complexity and resistance are among the often quoted roadblocks. Research suggests that physicians play a major part in the adoption, use and diffusion of information technology (IT) in clinical settings. There are also other healthcare professionals, clinical and non-clinical, who play important roles in making decisions about the acquisition of information technology. In addition to these groups there are information technology professionals providing the services required within the healthcare field. Finally within this group are those IT professionals who have sufficient cross training to understand specific needs. Each member of these groups brings a different perspective to both needs assessments as well as implementation of clinical systems. This study considers the idea that there are preconceived differences of opinion of the information needs of clinical healthcare by the clinical community and the information technology professionals. Are these differences significant enough to create a barrier to implementation?
A questionnaire was developed from preliminary data to assess multiple parameters which could impact implementation of a clinical information technology solution. A Web of System Performance (WOSP) model was created to map each of the following eight areas of concern: functionality, usability, extendibility, connectivity, flexibility, reliability, privacy and security. Responses to the questions were related to professional roles, age and experience.
There were no differences seen in the perceived need for secure systems by either healthcare workers or IT professionals. The variance of perceived need was greatest among the various non-physician healthcare workers when compared to physicians or information technology professions. This was a consistent pattern for the otherparameters with the exception of the usability of the electronic health record. In this area all groups disagreed significantly. The study, though limited by its small sample, still suggests that the resistance by healthcare professionals is not a significant barrier to successful information technology implementation
Identity Management and Authorization Infrastructure in Secure Mobile Access to Electronic Health Records
We live in an age of the mobile paradigm of anytime/anywhere access, as the mobile device
is the most ubiquitous device that people now hold. Due to their portability, availability, easy
of use, communication, access and sharing of information within various domains and areas of
our daily lives, the acceptance and adoption of these devices is still growing. However, due to
their potential and raising numbers, mobile devices are a growing target for attackers and, like
other technologies, mobile applications are still vulnerable.
Health information systems are composed with tools and software to collect, manage, analyze
and process medical information (such as electronic health records and personal health records).
Therefore, such systems can empower the performance and maintenance of health services,
promoting availability, readability, accessibility and data sharing of vital information about a
patients overall medical history, between geographic fragmented health services. Quick access
to information presents a great importance in the health sector, as it accelerates work processes,
resulting in better time utilization. Additionally, it may increase the quality of care.
However health information systems store and manage highly sensitive data, which raises serious
concerns regarding patients privacy and safety, and may explain the still increasing number
of malicious incidents reports within the health domain.
Data related to health information systems are highly sensitive and subject to severe legal
and regulatory restrictions, that aim to protect the individual rights and privacy of patients.
Along side with these legislations, security requirements must be analyzed and measures implemented.
Within the necessary security requirements to access health data, secure authentication,
identity management and access control are essential to provide adequate means to
protect data from unauthorized accesses. However, besides the use of simple authentication
models, traditional access control models are commonly based on predefined access policies
and roles, and are inflexible. This results in uniform access control decisions through people,
different type of devices, environments and situational conditions, and across enterprises, location
and time.
Although already existent models allow to ensure the needs of the health care systems, they still
lack components for dynamicity and privacy protection, which leads to not have desire levels
of security and to the patient not to have a full and easy control of his privacy. Within this
master thesis, after a deep research and review of the stat of art, was published a novel dynamic
access control model, Socio-Technical Risk-Adaptable Access Control modEl (SoTRAACE),
which can model the inherent differences and security requirements that are present in this
thesis. To do this, SoTRAACE aggregates attributes from various domains to help performing
a risk assessment at the moment of the request. The assessment of the risk factors identified
in this work is based in a Delphi Study. A set of security experts from various domains were
selected, to classify the impact in the risk assessment of each attribute that SoTRAACE aggregates.
SoTRAACE was integrated in an architecture with requirements well-founded, and based
in the best recommendations and standards (OWASP, NIST 800-53, NIST 800-57), as well based in
deep review of the state-of-art. The architecture is further targeted with the essential security
analysis and the threat model. As proof of concept, the proposed access control model was implemented within the user-centric
architecture, with two mobile prototypes for several types of accesses by patients and healthcare
professionals, as well the web servers that handles the access requests, authentication and
identity management.
The proof of concept shows that the model works as expected, with transparency, assuring privacy
and data control to the user without impact for user experience and interaction. It is clear
that the model can be extended to other industry domains, and new levels of risks or attributes
can be added because it is modular. The architecture also works as expected, assuring secure
authentication with multifactor, and secure data share/access based in SoTRAACE decisions.
The communication channel that SoTRAACE uses was also protected with a digital certificate.
At last, the architecture was tested within different Android versions, tested with static and
dynamic analysis and with tests with security tools.
Future work includes the integration of health data standards and evaluating the proposed system
by collecting users’ opinion after releasing the system to real world.Hoje em dia vivemos em um paradigma móvel de acesso em qualquer lugar/hora, sendo que
os dispositivos móveis são a tecnologia mais presente no dia a dia da sociedade. Devido à sua
portabilidade, disponibilidade, fácil manuseamento, poder de comunicação, acesso e partilha
de informação referentes a várias áreas e domínios das nossas vidas, a aceitação e integração
destes dispositivos é cada vez maior. No entanto, devido ao seu potencial e aumento do número
de utilizadores, os dispositivos móveis são cada vez mais alvos de ataques, e tal como outras
tecnologias, aplicações móveis continuam a ser vulneráveis.
Sistemas de informação de saúde são compostos por ferramentas e softwares que permitem
recolher, administrar, analisar e processar informação médica (tais como documentos de saúde
eletrónicos). Portanto, tais sistemas podem potencializar a performance e a manutenção dos
serviços de saúde, promovendo assim a disponibilidade, acessibilidade e a partilha de dados
vitais referentes ao registro médico geral dos pacientes, entre serviços e instituições que estão
geograficamente fragmentadas. O rápido acesso a informações médicas apresenta uma grande
importância para o setor da saúde, dado que acelera os processos de trabalho, resultando assim
numa melhor eficiência na utilização do tempo e recursos. Consequentemente haverá uma
melhor qualidade de tratamento. Porém os sistemas de informação de saúde armazenam e
manuseiam dados bastantes sensíveis, o que levanta sérias preocupações referentes à privacidade
e segurança do paciente. Assim se explica o aumento de incidentes maliciosos dentro do
domínio da saúde.
Os dados de saúde são altamente sensíveis e são sujeitos a severas leis e restrições regulamentares,
que pretendem assegurar a proteção dos direitos e privacidade dos pacientes, salvaguardando
os seus dados de saúde. Juntamente com estas legislações, requerimentos de segurança
devem ser analisados e medidas implementadas. Dentro dos requerimentos necessários
para aceder aos dados de saúde, uma autenticação segura, gestão de identidade e controlos de
acesso são essenciais para fornecer meios adequados para a proteção de dados contra acessos
não autorizados. No entanto, além do uso de modelos simples de autenticação, os modelos
tradicionais de controlo de acesso são normalmente baseados em políticas de acesso e cargos
pré-definidos, e são inflexíveis. Isto resulta em decisões de controlo de acesso uniformes para
diferentes pessoas, tipos de dispositivo, ambientes e condições situacionais, empresas, localizações
e diferentes alturas no tempo. Apesar dos modelos existentes permitirem assegurar
algumas necessidades dos sistemas de saúde, ainda há escassez de componentes para accesso
dinâmico e proteção de privacidade , o que resultam em níveis de segurança não satisfatórios e
em o paciente não ter controlo directo e total sobre a sua privacidade e documentos de saúde.
Dentro desta tese de mestrado, depois da investigação e revisão intensiva do estado da arte,
foi publicado um modelo inovador de controlo de acesso, chamado SoTRAACE, que molda as
diferenças de acesso inerentes e requerimentos de segurança presentes nesta tese. Para isto,
o SoTRAACE agrega atributos de vários ambientes e domínios que ajudam a executar uma avaliação
de riscos, no momento em que os dados são requisitados. A avaliação dos fatores de risco
identificados neste trabalho são baseados num estudo de Delphi. Um conjunto de peritos de
segurança de vários domínios industriais foram selecionados, para classificar o impacto de cada
atributo que o SoTRAACE agrega. O SoTRAACE foi integrado numa arquitectura para acesso a
dados médicos, com requerimentos bem fundados, baseados nas melhores normas e recomendações (OWASP, NIST 800-53, NIST 800-57), e em revisões intensivas do estado da arte. Esta
arquitectura é posteriormente alvo de uma análise de segurança e modelos de ataque.
Como prova deste conceito, o modelo de controlo de acesso proposto é implementado juntamente
com uma arquitetura focada no utilizador, com dois protótipos para aplicações móveis,
que providênciam vários tipos de acesso de pacientes e profissionais de saúde. A arquitetura é
constituída também por servidores web que tratam da gestão de dados, controlo de acesso e
autenticação e gestão de identidade. O resultado final mostra que o modelo funciona como esperado,
com transparência, assegurando a privacidade e o controlo de dados para o utilizador,
sem ter impacto na sua interação e experiência. Consequentemente este modelo pode-se extender
para outros setores industriais, e novos níveis de risco ou atributos podem ser adicionados
a este mesmo, por ser modular. A arquitetura também funciona como esperado, assegurando
uma autenticação segura com multi-fator, acesso e partilha de dados segura baseado em decisões
do SoTRAACE. O canal de comunicação que o SoTRAACE usa foi também protegido com
um certificado digital.
A arquitectura foi testada em diferentes versões de Android, e foi alvo de análise estática,
dinâmica e testes com ferramentas de segurança.
Para trabalho futuro está planeado a integração de normas de dados de saúde e a avaliação do
sistema proposto, através da recolha de opiniões de utilizadores no mundo real
- …