Architecture of a consent management suite and integration into IHE-based regional health information networks

<p>Abstract</p> <p>Background</p> <p>The University Hospital Heidelberg is implementing a Regional Health Information Network (RHIN) in the Rhine-Neckar-Region in order to establish a shared-care environment, which is based on established Health IT standards and in particular Integrating the Healthcare Enterprise (IHE). Similar to all other Electronic Health Record (EHR) and Personal Health Record (PHR) approaches the chosen Personal Electronic Health Record (PEHR) architecture relies on the patient's consent in order to share documents and medical data with other care delivery organizations, with the additional requirement that the German legislation explicitly demands a patients' opt-in and does not allow opt-out solutions. This creates two issues: firstly the current IHE consent profile does not address this approach properly and secondly none of the employed intra- and inter-institutional information systems, like almost all systems on the market, offers consent management solutions at all. Hence, the objective of our work is to develop and introduce an extensible architecture for creating, managing and querying patient consents in an IHE-based environment.</p> <p>Methods</p> <p>Based on the features offered by the IHE profile Basic Patient Privacy Consent (BPPC) and literature, the functionalities and components to meet the requirements of a centralized opt-in consent management solution compliant with German legislation have been analyzed. Two services have been developed and integrated into the Heidelberg PEHR.</p> <p>Results</p> <p>The standard-based Consent Management Suite consists of two services. The Consent Management Service is able to receive and store consent documents. It can receive queries concerning a dedicated patient consent, process it and return an answer. It represents a centralized policy enforcement point. The Consent Creator Service allows patients to create their consents electronically. Interfaces to a Master Patient Index (MPI) and a provider index allow to dynamically generate XACML-based policies which are stored in a CDA document to be transferred to the first service. Three workflows have to be considered to integrate the suite into the PEHR: recording the consent, publishing documents and viewing documents.</p> <p>Conclusions</p> <p>Our approach solves the consent issue when using IHE profiles for regional health information networks. It is highly interoperable due to the use of international standards and can hence be used in any other region to leverage consent issues and substantially promote the use of IHE for regional health information networks in general.</p

The Practice of Medicine in the Age of Information Technology

Regarding the practice of medicine, we have to face the chances and challenges of all aspects of e-Health; however, the term “digitalization” is broader and spanning all aspects. However, the digitalization of medicine offers solutions for pressing problem. We know the factors that lead to excellence in medicine. Without the right amount of experiences based on a solid ground of knowledge, no excellence is achievable. The problem, nowadays, is that due to restriction of working hours, to the goals of life (“life-work-balance”) and the restrictions of Generation Y, almost no education in medicine is spanning the needed 10,000 h experiences in practical medicine for excellence. Therefore, we will see the fading of medical excellence, if we could not establish other systems. A solution can be searched in decision-support systems. However, a requirement before is the need of a digitalization of all health data. We surely do not have enough evidences for all aspects of the practice of medicine, the intuition is fading away and therefore, we have to look around for other solutions. Big data generated by the digitalization of all health data could be the problem solver. In combination, IT will help to improve the quality of care

Enhancing GDPR compliance through data sensitivity and data hiding tools

Since the emergence of GDPR, several industries and sectors are setting informatics solutions for fulfilling these rules. The Health sector is considered a critical sector within the Industry 4.0 because it manages sensitive data, and National Health Services are responsible for managing patients’ data. European NHS are converging to a connected system allowing the exchange of sensitive information cross different countries. This paper defines and implements a set of tools for extending the reference architectural model industry 4.0 for the healthcare sector, which are used for enhancing GDPR compliance. These tools are dealing with data sensitivity and data hiding tools A case study illustrates the use of these tools and how they are integrated with the reference architectural model

Nonlinear Systems in Healthcare towards Intelligent Disease Prediction

Healthcare is one of the key fields that works quite strongly with advanced analytical techniques for prediction of diseases and risks. Data being the most important asset in recent times, a huge amount of health data is being collected, thanks to the recent advancements of IoT, smart healthcare, etc. But the focal objective lies in making sense of that data and to obtain knowledge, using intelligent analytics. Nonlinear systems find use specifically in this field, working closely with health data. Using advanced methods of machine learning and computational intelligence, nonlinear analysis performs a key role in analyzing the enormous amount of data, aimed at finding important patterns and predicting diseases. Especially in the field of smart healthcare, this chapter explores some aspects of nonlinear systems in predictive analytics, providing a holistic view of the field as well as some examples to illustrate such intelligent systems toward disease prediction

An application of the Privacy Management Reference Model & Methodology (PMRM) to HL7 consent directive use cases

1 online resource (iii, 39, [6], 32 p.) : col. ill.Includes abstract and appendix.Includes bibliographical references (p. [40-45]).The importance and sensitivity of personal health information has led to an increased focus on privacy protection measures as personal health records are digitized. Systems and legislation are rapidly adapting to meet both technology and consumer concerns. An application of the Privacy Management Reference Model & Methodology (PMRM) to assess HL7 Consent Directive Use Cases will provide policy makers, health care providers, and consenters alike the ability to assess the effectiveness of current practices when it comes to the interoperability and the protection of Individually Identifiable Health Information. A solid foundation will be provided to recommend how all stakeholders can work together to improve the consent processes, and ultimately improve the effectiveness of privacy protection measures as they relate to personal health information

A Consent Framework for the Internet of Things in the GDPR Era

The Internet of Things (IoT) is an environment of connected physical devices and objects that communicate amongst themselves over the internet. The IoT is based on the notion of always-connected customers, which allows businesses to collect large volumes of customer data to give them a competitive edge. Most of the data collected by these IoT devices include personal information, preferences, and behaviors. However, constant connectivity and sharing of data create security and privacy concerns. Laws and regulations like the General Data Protection Regulation (GDPR) of 2016 ensure that customers are protected by providing privacy and security guidelines to businesses. Data subjects (users) should be informed on what information is being collected about them and if they consent or not. This dissertation proposes a consent framework that consists of data collection, consent collection, consent management, consent enforcement, and consent auditing. In the framework, there are GDPR requirements embedded in different components of the framework. The consent framework can help organizations to be GDPR consent compliant. In our evaluation of the solution, the results show that our solution has coverage over GDPR consent based on our use case. Our main contributions are the consent framework, consent manager, and the consent auditing tool

Nonlinear Systems

The editors of this book have incorporated contributions from a diverse group of leading researchers in the field of nonlinear systems. To enrich the scope of the content, this book contains a valuable selection of works on fractional differential equations.The book aims to provide an overview of the current knowledge on nonlinear systems and some aspects of fractional calculus. The main subject areas are divided into two theoretical and applied sections. Nonlinear systems are useful for researchers in mathematics, applied mathematics, and physics, as well as graduate students who are studying these systems with reference to their theory and application. This book is also an ideal complement to the specific literature on engineering, biology, health science, and other applied science areas. The opportunity given by IntechOpen to offer this book under the open access system contributes to disseminating the field of nonlinear systems to a wide range of researchers

Patient portals

Patient portals can give patients access to a personal health record and enable interaction with the health care system. Patient portals are creating unprecedented opportunities for using health IT to deliver care to patients, paving the way for benefits to patients, providers and the organizations that implement the portals. The objective of this dissertation has been to explore the role of the organizational context by identifying and describing factors affecting portals in different types of health service systems. We have let the following four questions guide the research. 1. What outcomes have been achieved through patient portals and how are these outcomes achieved? 2. How does the health service system context, in particular health service system integration or fragmentation, impact patient portal development and ability to achieve beneficial outcomes? 3. With focus on fragmented health service systems, how can patient portal development and achievement of beneficial outcomes be improved? 4. How can the existing evidence base inform patient portal development across health service systems and how can this evidence base be advanced? In answering these questions, we studied portals in integrated and fragmented health service systems in the United States and in the Netherlands. We relied on multiple qualitative methods, including literature review, document analysis, and interviews