103 research outputs found
Non-invasive lightweight integration engine for building EHR from autonomous distributed systems
[EN] In this paper we describe Pangea-LE, a message-oriented lightweight data integration engine that allows homogeneous and concurrent access to clinical information from disperse and heterogeneous data sources. The engine extracts the information and passes it to the requesting client applications in a flexible XML format. The XML response message can be formatted on demand by appropriate Extensible Stylesheet Language (XSL) transformations in order to meet the needs of client applications. We also present a real deployment in a hospital where Pangea-LE collects and generates an XML view of all the available patient clinical information. The information is presented to healthcare professionals in an Electronic Health Record (EHR) viewer Web application with patient search and EHR browsing capabilities. Implantation in a real setting has been a success due to the non-invasive nature of Pangea-LE which respects the existing information systems.This work was partially funded by the Spanish Ministry of Science and Technology (MEC-TSI2004-06475-102-01) and the
Spanish Ministry of Health (PI052245)Angulo Fernández, C.; Crespo Molina, PM.; Maldonado Segura, JA.; Moner Cano, D.; Perez Cuesta, D.; Abad, I.; Mandingorra Gimenez, J.... (2007). Non-invasive lightweight integration engine for building EHR from autonomous distributed systems. International Journal of Medical Informatics. 76(Supplement 3):417-424. https://doi.org/10.1016/j.ijmedinf.2007.05.002S41742476Supplement
Uma arquitectura segura e colaborativa para registos de saúde eletrónicos com suporte a mobilidade
Since their early adoption Electronic Health Records (EHR) have been evolving
to cope with increasing requirements from institutions, professionals
and, more recently, from patients. Citizens became more involved demanding
successively more control over their records and an active role on their
content. Mobility brought also new requirements, data become scattered
over heterogeneous systems and formats, with increasing di culties on data
sharing between distinct providers.
To cope with these challenges several solutions appeared, mostly based on
service level agreements between entities, regions and countries. They usually
required de ning complex federated scenarios and left the patient outside
the process. More recent approaches, such as personal health records
(PHR), enable patient control although raises clinical integrity doubts to
other actors, such as physicians. Also, information security risk increase as
data travels outside controlled networks and systems. To overcome this,
new solutions are needed to facilitate trustable collaboration between the
diverse actors and systems.
In this thesis we present a solution that enables a secure and open collaboration
between all healthcare actors. It is based on a service-oriented architecture
that deals with the clinical data using a closed envelope concept. The
architecture was modeled with minimal functionality and privileges bearing
in mind strong protection of data during transmission, processing and
storing. The access control is made through patient policies and authentication
uses electronic identi cation cards or similar certi cates, enabling
auto-enrollment. All the components require mutual authentication and
uses cyphering mechanisms to assure privacy. We also present a threat
model to verify, through our solution, if possible threats were mitigated or
if further re nement is needed.
The proposed solution solves the problem of patient mobility and data dispersion,
and empowers citizens to manage and collaborate in their personal
healthcare information. It also permits open and secure collaboration, enabling
the patient to have richer and up to date records that can foster new
ways to generate and use clinical or complementary information.Durante as últimas décadas, os registos de saúde electrónicos (EHR) têm evoluído para se adaptar a novos requisitos. O cidadão tem-se envolvido cada vez mais na prestação dos cuidados médicos, sendo mais pró activo e desejando potenciar a utilização do seu registo. A mobilidade do cidadão trouxe mais desafios, a existência de dados dispersos, heterogeneidade de sistemas e formatos e grande dificuldade de partilha e comunicação entre os prestadores de serviços.
Para responder a estes requisitos, diversas soluções apareceram, maioritariamente baseadas em acordos entre instituições, regiões e países. Estas abordagens são usualmente assentes em cenários federativos muito complexos e fora do controlo do paciente. Abordagens mais recentes, como os registos pessoais de saúde (PHR), permitem o controlo do paciente, mas levantam dúvidas da integridade clinica da informação aos profissionais clínicos. Neste cenário os dados saem de redes e sistemas controlados, aumentando o risco de segurança da informação. Assim sendo, são necessárias novas soluções que permitam uma colaboração confiável entre os diversos actores e sistemas.
Esta tese apresenta uma solução que permite a colaboração aberta e segura entre todos os actores envolvidos nos cuidados de saúde. Baseia-se numa arquitectura orientada ao serviço, que lida com a informação clínica usando o conceito de envelope fechado. Foi modelada recorrendo aos princípios de funcionalidade e privilégios mínimos, com o propósito de fornecer protecção dos dados durante a transmissão, processamento e armazenamento. O controlo de acesso é estabelecido por políticas definidas pelo paciente. Cartões de identificação electrónicos, ou certificados similares são utilizados para a autenticação, permitindo uma inscrição automática. Todos os componentes requerem autenticação mútua e fazem uso de algoritmos de cifragem para garantir a privacidade dos dados. Apresenta-se também um modelo de ameaça para a arquitectura, por forma a analisar se as ameaças possíveis foram mitigadas ou se são necessários mais refinamentos.
A solução proposta resolve o problema da mobilidade do paciente e a dispersão de dados, capacitando o cidadão a gerir e a colaborar na criação e manutenção da sua informação de saúde. A arquitectura permite uma colaboração aberta e segura, possibilitando que o paciente tenha registos mais ricos, actualizados e permitindo o surgimento de novas formas de criar e usar informação clínica ou complementar.Programa PROTEC, bolsa SFRH/BD/49765/200
Uma arquitectura segura e colaborativa para registos de saúde electrónicos com suporte a mobilidade
Doutoramento em InformáticaDurante as ultimas décadas, os registos de saúde eletrónicos (EHR) têm
evoluído para se adaptar a novos requisitos. O cidadão tem-se envolvido
cada vez mais na prestação dos cuidados médicos, sendo mais pró ativo e
desejando potenciar a utilização do seu registo. A mobilidade do cidadão
trouxe mais desafios, a existência de dados dispersos, heterogeneidade de
sistemas e formatos e grande dificuldade de partilha e comunicação entre
os prestadores de serviços.
Para responder a estes requisitos, diversas soluções apareceram, maioritariamente
baseadas em acordos entre instituições, regiões e países. Estas abordagens
são usualmente assentes em cenários federativos muito complexos e
fora do controlo do paciente. Abordagens mais recentes, como os registos
pessoais de saúde (PHR), permitem o controlo do paciente, mas levantam
duvidas da integridade clinica da informação aos profissionais clínicos.
Neste cenário os dados saem de redes e sistemas controlados, aumentando
o risco de segurança da informação. Assim sendo, são necessárias novas
soluções que permitam uma colaboração confiável entre os diversos atores
e sistemas.
Esta tese apresenta uma solução que permite a colaboração aberta e segura
entre todos os atores envolvidos nos cuidados de saúde. Baseia-se numa
arquitetura orientada ao serviço, que lida com a informação clínica usando
o conceito de envelope fechado. Foi modelada recorrendo aos princípios
de funcionalidade e privilégios mínimos, com o propósito de fornecer proteção dos dados durante a transmissão, processamento e armazenamento.
O controlo de acesso _e estabelecido por políticas definidas pelo paciente.
Cartões de identificação eletrónicos, ou certificados similares são utilizados
para a autenticação, permitindo uma inscrição automática. Todos os
componentes requerem autenticação mútua e fazem uso de algoritmos de
cifragem para garantir a privacidade dos dados. Apresenta-se também um
modelo de ameaça para a arquitetura, por forma a analisar se as ameaças
possíveis foram mitigadas ou se são necessários mais refinamentos.
A solução proposta resolve o problema da mobilidade do paciente e a dispersão de dados, capacitando o cidadão a gerir e a colaborar na criação
e manutenção da sua informação de saúde. A arquitetura permite uma
colaboração aberta e segura, possibilitando que o paciente tenha registos
mais ricos, atualizados e permitindo o surgimento de novas formas de criar
e usar informação clínica ou complementar.Since their early adoption Electronic Health Records (EHR) have been evolving
to cope with increasing requirements from institutions, professionals
and, more recently, from patients. Citizens became more involved demanding
successively more control over their records and an active role on their
content. Mobility brought also new requirements, data become scattered
over heterogeneous systems and formats, with increasing di culties on data
sharing between distinct providers.
To cope with these challenges several solutions appeared, mostly based on
service level agreements between entities, regions and countries. They usually
required de ning complex federated scenarios and left the patient outside
the process. More recent approaches, such as personal health records
(PHR), enable patient control although raises clinical integrity doubts to
other actors, such as physicians. Also, information security risk increase as
data travels outside controlled networks and systems. To overcome this,
new solutions are needed to facilitate trustable collaboration between the
diverse actors and systems.
In this thesis we present a solution that enables a secure and open collaboration
between all healthcare actors. It is based on a service-oriented architecture
that deals with the clinical data using a closed envelope concept. The
architecture was modeled with minimal functionality and privileges bearing
in mind strong protection of data during transmission, processing and
storing. The access control is made through patient policies and authentication
uses electronic identi cation cards or similar certi cates, enabling
auto-enrollment. All the components require mutual authentication and
uses cyphering mechanisms to assure privacy. We also present a threat
model to verify, through our solution, if possible threats were mitigated or
if further re nement is needed.
The proposed solution solves the problem of patient mobility and data dispersion,
and empowers citizens to manage and collaborate in their personal
healthcare information. It also permits open and secure collaboration, enabling
the patient to have richer and up to date records that can foster new
ways to generate and use clinical or complementary information
Incorporating an Element of Negotiation into a Service-Oriented Broker Application
The Software as a Service (SaaS) model is a service-based model in which a desired service is assembled, delivered and consumed on demand. The IBHIS broker is a ‘proof of concept’ demonstration of SaaS which is based on services that deliver data. IBHIS has addressed a number of challenges for several aspects of servicebased software, especially the concept of a ‘broker service’ and service negotiation that is only used in establishing end-user access authorizations.
This thesis investigates and develops an extended form of service-based broker, called CAPTAIN (Care Planning Through Auction-based Information Negotiation). It extends the concepts and role of the broker as used in IBHIS, and in particular, it extends the service negotiation function in order to demonstrate a full range of service characteristics. CAPTAIN uses the idea of the integrated care plan from healthcare to provide a case study. A care planner acting on behalf of a patient uses the broker to negotiate with providers to produce the integrated care plan for the patient with the broker and the providers agreeing on the terms and conditions relating to the supply of the services.
We have developed a ‘proof of concept’ service-oriented broker architecture for CAPTAIN that includes planning, negotiation and service-based software models to provide a flexible care planning system. The CAPTAIN application has been evaluated that focuses on three features: functions, data access and negotiation. The CAPTAIN broker performs as planned, to produce the integrated care plan. The providers’ data sources are accessed to read and write data records during and after service negotiation. The negotiation model permits the broker to interact with the providers to produce an adaptable plan, based on the client’s needs. The primary outcome is an extendable service-oriented broker architecture that can enable more scalable and flexible distributed information management by adding interaction with the data sources
Composite and comprehensive multimedia electronic health care records
Merged with duplicate record 10026.1/845 on 03.04.2017 by CS (TIS)The thesis considers the issue of multimedia data utilisation within modem health care delivery and the
consequent need for an appropriate patient records system. The discussions centre upon the deployment
and utilisation of IT systems, and paper-based patient records within health care establishments (HCEs),
and the resultant problems, such as data duplication, inconsistency, unavailability and loss. Electronic
Health Care Records (EHCRs) are put forward as a means of obviating the problems defined, and
effectively supporting the future development of care provision in a coherent manner.
The thesis identifies the barriers to further development of EHCRs with respect to clinical data entry,
clinical terminiologies, record security and the integration of other information sources. Equally, a number
of EHCR developments are reviewed. This shows that, although elements of EHCRs (such as electronic
prescribing) have been achieved, significant further developments are required to produce composite and
comprehensive EHCRs, capable of capturing and maintaining all patient data (especially multimedia data,
which is being increasingly utilised within care provision).
The thesis defines a new comprehensive and composite Multimedia Electronic Health Care Record
(MEHCR) system to facilitate the following:
• delivery and management of all patient care;
• creation/recording/support and maintenance of patient data (including multimedia
data) to give composite and comprehensive multimedia patient records.
The assistance of a local HCE was utilised throughout the project, enabling a suitable reference
environment to be established and utilised, so that the process of care provision could be defined. The
thesis describes how the requirements of the new MEHCR were identified (via examination of the care
provision process defined), and thus how an appropriate conceptual design was formulated. This describes
the form and capabilities of the required system. The resulting MEHCR is effectively a comprehensive
care provision tool, which aids both process of care delivery and that of data generation and recording.
Thus, the MEHCR concept facilitates patient care provision whilst aiding the seamless creation and
maintenance of multimedia patient records.
To achieve the conceptual design, a design environment was defined to give an intermediate means of
enabling the MEHCR's implementation and further development. Thus, the MEHCR can be achieved, or
implemented, using either a revolutionary or evolutionary approach. Equally, it is a means for enabling the
MEHCR's continued evolution (e.g. the incorporation of new clinical systems etc.), so that it remains
composite and comprehensive over time as care provision changes.
The thesis also describes an evaluation of the ideas defined, based upon the development of a prototype
system simulating the form and operations of the MEHCR conceptual design. The prototype system was
demonstrated to a number of parties and an evaluation conducted. The results obtained were very positive
as to the nature, structure and capabilities of the system as given by the conceptual design. The design
environment was also commended as both a practical means of achieving the MEHCR (especially as it
enables retaining of existing system where appropriate), and for its future development as care provision
advances.Plymouth Hospitals NHS Trus
Recommended from our members
Grid-based semantic integration of heterogeneous data resources: Implementation on a HealthGrid
This thesis was submitted for the degree of Doctor of Philosophy and was awarded by Brunel University.The semantic integration of geographically distributed and heterogeneous data
resources still remains a key challenge in Grid infrastructures. Today's
mainstream Grid technologies hold the promise to meet this challenge in a
systematic manner, making data applications more scalable and manageable. The
thesis conducts a thorough investigation of the problem, the state of the art, and
the related technologies, and proposes an Architecture for Semantic Integration of
Data Sources (ASIDS) addressing the semantic heterogeneity issue. It defines a
simple mechanism for the interoperability of heterogeneous data sources in order
to extract or discover information regardless of their different semantics. The
constituent technologies of this architecture include Globus Toolkit (GT4) and
OGSA-DAI (Open Grid Service Architecture Data Integration and Access)
alongside other web services technologies such as XML (Extensive Markup
Language). To show this, the ASIDS architecture was implemented and tested in a
realistic setting by building an exemplar application prototype on a HealthGrid
(pilot implementation).
The study followed an empirical research methodology and was informed by
extensive literature surveys and a critical analysis of the relevant technologies and
their synergies. The two literature reviews, together with the analysis of the
technology background, have provided a good overview of the current Grid and
HealthGrid landscape, produced some valuable taxonomies, explored new paths
by integrating technologies, and more importantly illuminated the problem and
guided the research process towards a promising solution. Yet the primary
contribution of this research is an approach that uses contemporary Grid
technologies for integrating heterogeneous data resources that have semantically
different. data fields (attributes). It has been practically demonstrated (using a
prototype HealthGrid) that discovery in semantically integrated distributed data
sources can be feasible by using mainstream Grid technologies, which have been
shown to have some Significant advantages over non-Grid based approaches
Clinical foundations and information architecture for the implementation of a federated health record service
Clinical care increasingly requires healthcare professionals to access patient record information that
may be distributed across multiple sites, held in a variety of paper and electronic formats, and
represented as mixtures of narrative, structured, coded and multi-media entries. A longitudinal
person-centred electronic health record (EHR) is a much-anticipated solution to this problem, but
its realisation is proving to be a long and complex journey.
This Thesis explores the history and evolution of clinical information systems, and establishes a set
of clinical and ethico-legal requirements for a generic EHR server. A federation approach (FHR) to
harmonising distributed heterogeneous electronic clinical databases is advocated as the basis for
meeting these requirements.
A set of information models and middleware services, needed to implement a Federated Health
Record server, are then described, thereby supporting access by clinical applications to a distributed
set of feeder systems holding patient record information. The overall information architecture thus
defined provides a generic means of combining such feeder system data to create a virtual
electronic health record. Active collaboration in a wide range of clinical contexts, across the whole
of Europe, has been central to the evolution of the approach taken.
A federated health record server based on this architecture has been implemented by the author
and colleagues and deployed in a live clinical environment in the Department of Cardiovascular
Medicine at the Whittington Hospital in North London. This implementation experience has fed
back into the conceptual development of the approach and has provided "proof-of-concept"
verification of its completeness and practical utility.
This research has benefited from collaboration with a wide range of healthcare sites, informatics
organisations and industry across Europe though several EU Health Telematics projects: GEHR,
Synapses, EHCR-SupA, SynEx, Medicate and 6WINIT.
The information models published here have been placed in the public domain and have
substantially contributed to two generations of CEN health informatics standards, including CEN
TC/251 ENV 13606
A standards-based security model for health information systems
In the healthcare environment, various types of patient information are stored in electronic format. This prevents the re-entering of information that was captured previously. In the past this information was stored on paper and kept in large filing cabinets. However, with the technology advancements that have occurred over the years, the idea of storing patient information in electronic systems arose. This led to a number of electronic health information systems being created, which in turn led to an increase in possible security risks. Any organization that stores information of a sensitive nature must apply information security principles in order to ensure that the stored information is kept secure. At a basic level, this entails ensuring the confidentiality, integrity and availability of the information, which is not an easy feat in today’s distributed and networked environments. This paved the way for organized standardization activities in the areas of information security and information security management. Throughout history, there have been practices that were created to help “standardize” industries of all areas, to the extent that there are professional organizations whose main objective it is to create such standards to help connect industries all over the world. This applies equally to the healthcare environment, where standardization took off in the late eighties. Healthcare organizations must follow standardized security measures to ensure that patient information stored in health information systems is kept secure. However, the proliferation in standards makes it difficult to understand, adopt and deploy these standards in a coherent manner. This research, therefore, proposes a standards-based security model for health information systems to ensure that such standards are applied in a manner that contributes to securing the healthcare environment as a whole, rather than in a piecemeal fashion
- …