49,891 research outputs found

    Electronic health records

    Get PDF

    Supporting the clinical trial recruitment process through the grid

    Get PDF
    Patient recruitment for clinical trials and studies is a large-scale task. To test a given drug for example, it is desirable that as large a pool of suitable candidates is used as possible to support reliable assessment of often moderate effects of the drugs. To make such a recruitment campaign successful, it is necessary to efficiently target the petitioning of these potential subjects. Because of the necessarily large numbers involved in such campaigns, this is a problem that naturally lends itself to the paradigm of Grid technology. However the accumulation and linkage of data sets across clinical domain boundaries poses challenges due to the sensitivity of the data involved that are atypical of other Grid domains. This includes handling the privacy and integrity of data, and importantly the process by which data can be collected and used, and ensuring for example that patient involvement and consent is dealt with appropriately throughout the clinical trials process. This paper describes a Grid infrastructure developed as part of the MRC funded VOTES project (Virtual Organisations for Trials and Epidemiological Studies) at the National e-Science Centre in Glasgow that supports these processes and the different security requirements specific to this domain

    Audit-based Compliance Control (AC2) for EHR Systems

    Get PDF
    Traditionally, medical data is stored and processed using paper-based files. Recently, medical facilities have started to store, access and exchange medical data in digital form. The drivers for this change are mainly demands for cost reduction, and higher quality of health care. The main concerns when dealing with medical data are availability and confidentiality. Unavailability (even temporary) of medical data is expensive. Physicians may not be able to diagnose patients correctly, or they may have to repeat exams, adding to the overall costs of health care. In extreme cases availability of medical data can even be a matter of life or death. On the other hand, confidentiality of medical data is also important. Legislation requires medical facilities to observe the privacy of the patients, and states that patients have a final say on whether or not their medical data can be processed or not. Moreover, if physicians, or their EHR systems, are not trusted by the patients, for instance because of frequent privacy breaches, then patients may refuse to submit (correct) information, complicating the work of the physicians greatly. \ud \ud In traditional data protection systems, confidentiality and availability are conflicting requirements. The more data protection methods are applied to shield data from outsiders the more likely it becomes that authorized persons will not get access to the data in time. Consider for example, a password verification service that is temporarily not available, an access pass that someone forgot to bring, and so on. In this report we discuss a novel approach to data protection, Audit-based Compliance Control (AC2), and we argue that it is particularly suited for application in EHR systems. In AC2, a-priori access control is minimized to the mere authentication of users and objects, and their basic authorizations. More complex security procedures, such as checking user compliance to policies, are performed a-posteriori by using a formal and automated auditing mechanism. To support our claim we discuss legislation concerning the processing of health records, and we formalize a scenario involving medical personnel and a basic EHR system to show how AC2 can be used in practice. \ud \ud This report is based on previous work (Dekker & Etalle 2006) where we assessed the applicability of a-posteriori access control in a health care scenario. A more technically detailed article about AC2 recently appeared in the IJIS journal, where we focussed however on collaborative work environments (Cederquist, Corin, Dekker, Etalle, & Hartog, 2007). In this report we first provide background and related work before explaining the principal components of the AC2 framework. Moreover we model a detailed EHR case study to show its operation in practice. We conclude by discussing how this framework meets current trends in healthcare and by highlighting the main advantages and drawbacks of using an a-posteriori access control mechanism as opposed to more traditional access control mechanisms

    CamFlow: Managed Data-sharing for Cloud Services

    Full text link
    A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure

    Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography

    Get PDF
    Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patients health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzzy vault which demonstrated a better performance during key reconstruction

    A practical guide to the Freedom of Information Act 2000

    Get PDF
    The Constitution Unit has rewritten the Practical Guide to the Freedom of Information Act 2000. The revised edition differs considerably from the original in format and content. Foremest among the changes are the three case studies (with comments) at the end and the references to recently published, more detailed official advice. The guide is designed for practitioners who are responsible for or otherwise involved in their authority's plans to implement and operate the FoI Act. The guide serves as an introduction to implementation and operation of the FoI Act, focusing specifically on its core principles and features, how public authorities should prepare for implementation and what FoI practitioners should do when they receive requests for information

    Summary care record early adopter programme: an independent evaluation by University College London.

    Get PDF
    Benefits The main potential benefit of the SCR is considered to be in emergency and unscheduled care settings, especially for people who are unconscious, confused, unsure of their medical details, or unable to communicate effectively in English. Other benefits may include improved efficiency of care and avoidance of hospital admission, but it is too early for potential benefits to be verified or quantified. Progress As of end April 2008, the SCR of 153,188 patients in the first two Early Adopter sites (Bolton and Bury) had been created. A total of 614,052 patients in four Early Adopter sites had been sent a letter informing them of the programme and their choices for opting out of having a SCR. Staff attitudes and usage The evaluation found that many NHS staff in Early Adopter sites (which had been selected partly for their keenness to innovate in ICT) were enthusiastic about the SCR and keen to see it up and running, but a significant minority of GPs had chosen not to participate in the programme and others had deferred participation until data quality improvement work was completed. Whilst 80 per cent of patients interviewed were either positive about the idea of having a SCR or ?did not mind?, others were strongly opposed ?on principle?. Staff who had attempted to use the SCR when caring for patients felt that the current version was technically immature (describing it as ?clunky? and ?complicated?), and were looking forward to a more definitive version of the technology. A comparable technology (the Emergency Care Summary) introduced in Scotland two years ago is now working well, and over a million records have been accessed in emergency and out-of-hours care. Patient attitudes and awareness Having a SCR is optional (people may opt out if they wish, though fewer than one per cent of people in Early Adopter sites have done so) and technical security is said to be high via a system of password protection and strict access controls. Nevertheless, the evaluation showed that recent stories about data loss by government and NHS organisations had raised concerns amongst both staff and patients that human fallibility could potentially jeopardise the operational security of the system. Despite an extensive information programme to inform the public in Early Adopter sites about the SCR, many patients interviewed by the UCL team were not aware of the programme at all. This raises important questions about the ethics of an ?implied consent? model for creating the SCR. The evaluation recommended that the developers of the SCR should consider a model in which the patient is asked for ?consent to view? whenever a member of staff wishes to access their record. Not a single patient interviewed in the evaluation was confident that the SCR would be 100 per cent secure, but they were philosophical about the risks of security breaches. Typically, people said that the potential benefit of a doctor having access to key medical details in an emergency outweighed the small but real risk of data loss due to human or technical error. Even patients whose medical record contained potentially sensitive data such as mental health problems, HIV or drug use were often (though not always) keen to have a SCR and generally trusted NHS staff to treat sensitive data appropriately. However, they and many other NHS patients wanted to be able to control which staff members were allowed to access their record at the point of care. Some doctors, nurses and receptionists, it seems, are trusted to view a person?s SCR, whereas others are not, and this is a decision which patients would like to make in real time

    Redescribing Health Privacy: The Importance of Health Policy

    Get PDF
    Current conversations about health information policy often tend to be based on three broad assumptions. First, many perceive a tension between regulation and innovation. We often hear that privacy regulations are keeping researchers, companies, and providers from aggregating the data they need to promote innovation. Second, aggregation of fragmented data is seen as a threat to its proper regulation, creating the risk of breaches and other misuse. Third, a prime directive for technicians and policymakers is to give patients ever more granular methods of control over data. This article questions and complicates those assumptions, which I deem (respectively) the Privacy Threat to Research, the Aggregation Threat to Privacy, and the Control Solution. This article is also intended to enrich our concepts of “fragmentation” and “integration” in health care. There is a good deal of sloganeering around “firewalls” and “vertical integration” as idealized implementations of “fragmentation” and “integration” (respective). The problem, though, is that terms like these (as well as “disruption”) are insufficiently normative to guide large-scale health system change. They describe, but they do not adequately prescribe. By examining those instances where: a) regulation promotes innovation, and b) increasing (some kinds of) availability of data actually enhances security, confidentiality, and privacy protections, this article attempts to give a richer account of the ethics of fragmentation and integration in the U.S. health care system. But, it also has a darker side, highlighting the inevitable conflicts of values created in a “reputation society” driven by stigmatizing social sorting systems. Personal data control may exacerbate social inequalities. Data aggregation may increase both our powers of research and our vulnerability to breach. The health data policymaking landscape of the next decade will feature a series of intractable conflicts between these important social values

    Consolidated List of Requirements

    Get PDF
    This document is a consolidated catalogue of requirements for the Electronic Health Care Record (EHCR) and Electronic Health Care Record Architecture (EHCRA), gleaned largely from work done in the EU Framework III and IV programmes and CEN, but also including input from other sources including world-wide standardisation initiatives. The document brings together the relevant work done into a classified inventory of requirements to inform the on-going standardisation process as well as act as a guide to future implementation of EHCRA-based systems. It is meant as a contribution both to understanding of the standard and to the work that is being considered to improve the standard. Major features include the classification into issues affecting the Health Care Record, the EHCR, EHCR processing, EHCR interchange and the sharing of health care information and EHCR systems. The principal information sources are described briefly. It is offered as documentation that is complementary to the four documents of the ENV 13606 Parts I-IV produced by CEN Pts 26,27,28,29. The requirements identified and classified in this deliverable are referenced in other deliverables
    • …
    corecore