Enhancing GDPR compliance through data sensitivity and data hiding tools

Since the emergence of GDPR, several industries and sectors are setting informatics solutions for fulfilling these rules. The Health sector is considered a critical sector within the Industry 4.0 because it manages sensitive data, and National Health Services are responsible for managing patients’ data. European NHS are converging to a connected system allowing the exchange of sensitive information cross different countries. This paper defines and implements a set of tools for extending the reference architectural model industry 4.0 for the healthcare sector, which are used for enhancing GDPR compliance. These tools are dealing with data sensitivity and data hiding tools A case study illustrates the use of these tools and how they are integrated with the reference architectural model

Information Systems and Healthcare XXX: Charting a Strategic Path for Health Information Technology

Despite both the slow diffusion of information technology (IT) throughout health organizations and the high cost of implementation, organizations must focus on key strategic applications that deliver high quality care at lower costs. Identifying the strategic applications that support important healthcare processes is challenging. In this article we propose a framework for developing this high level perspective of strategic health information technology (HIT) applications. We then classify into the components of the framework numerous HIT applications and initiatives reported in the media. Based on an existing framework, we identify two critical dimensions that capture two important characteristics of a healthcare delivery process, namely, the degree of mediation and the degree of collaboration. A healthcare process with a high degree of mediation involves a large series of activities in a sequential manner. Processes with a low degree of mediation “understand” that most participants in care delivery contribute directly, often simultaneously, to the final result. The underlying principle for this dimension is the level of functionality of the application. The degree of collaboration refers to the extent to which information is exchanged among the participants in a process. Depending on the degree of exchange, one can identify processes as having higher or lower degrees of collaboration. The underlying principle for this dimension is the degree of interoperability among the applications. Strategic HIT applications lie on a continuum path from a low-high degree of mediation to a low-high degree of collaboration. Our examples show that healthcare delivery organizations evolve their HIT from ad-hoc isolated systems to interoperable, integrated digital health systems. The strategic framework provides a high level perspective of HIT while assisting in the evaluation of potential HIT candidates for implementation

Service-Oriented Framework for Developing Interoperable e-Health Systems in a Low-Income Country

e-Health solutions in low-income countries are fragmented, address institution-specific needs, and do little to address the strategic need for inter-institutional exchange of health data. Although various e-health interoperability frameworks exist, contextual factors often hinder their effective adoption in low-income countries. This underlines the need to investigate such factors and to use findings to adapt existing e-health interoperability models. Following a design science approach, this research involved conducting an exploratory survey among 90 medical and Information Technology personnel from 67 health facilities in Uganda. Findings were used to derive requirements for e-health interoperability, and to orchestrate elements of a service oriented framework for developing interoperable e-health systems in a low-income country (SOFIEH). A service-oriented approach yields reusable, flexible, robust, and interoperable services that support communication through well-defined interfaces. SOFIEH was evaluated using structured walkthroughs, and findings indicate that it scored well regarding applicability, usability, and understandability

Comparative study of healthcare messaging standards for interoperability in ehealth systems

Advances in the information and communication technology have created the field of "health informatics," which amalgamates healthcare, information technology and business. The use of information systems in healthcare organisations dates back to 1960s, however the use of technology for healthcare records, referred to as Electronic Medical Records (EMR), management has surged since 1990’s (Net-Health, 2017) due to advancements the internet and web technologies. Electronic Medical Records (EMR) and sometimes referred to as Personal Health Record (PHR) contains the patient’s medical history, allergy information, immunisation status, medication, radiology images and other medically related billing information that is relevant. There are a number of benefits for healthcare industry when sharing these data recorded in EMR and PHR systems between medical institutions (AbuKhousa et al., 2012). These benefits include convenience for patients and clinicians, cost-effective healthcare solutions, high quality of care, resolving the resource shortage and collecting a large volume of data for research and educational needs. My Health Record (MyHR) is a major project funded by the Australian government, which aims to have all data relating to health of the Australian population stored in digital format, allowing clinicians to have access to patient data at the point of care. Prior to 2015, MyHR was known as Personally Controlled Electronic Health Record (PCEHR). Though the Australian government took consistent initiatives there is a significant delay (Pearce and Haikerwal, 2010) in implementing eHealth projects and related services. While this delay is caused by many factors, interoperability is identified as the main problem (Benson and Grieve, 2016c) which is resisting this project delivery. To discover the current interoperability challenges in the Australian healthcare industry, this comparative study is conducted on Health Level 7 (HL7) messaging models such as HL7 V2, V3 and FHIR (Fast Healthcare Interoperability Resources). In this study, interoperability, security and privacy are main elements compared. In addition, a case study conducted in the NSW Hospitals to understand the popularity in usage of health messaging standards was utilised to understand the extent of use of messaging standards in healthcare sector. Predominantly, the project used the comparative study method on different HL7 (Health Level Seven) messages and derived the right messaging standard which is suitable to cover the interoperability, security and privacy requirements of electronic health record. The issues related to practical implementations, change over and training requirements for healthcare professionals are also discussed

Project Fiasco: An Analysis of Ontario's Electronic Health Record Project

Policy failure is a recurring theme in large government technology projects. The Ontario Electronic Health Record (EHR) project is one of the most recent, and high profile, Canadian examples. The EHR project had two main phases – the design phase (in which the architecture of the system was determined) and an implementation phase (in which the operation of the system was carried out). This study has two objectives: first, to develop a set of frameworks that can be used to understand the design phase and the implementation phases; and second, to use these frameworks to describe and to understand why the EHR initiative was so unsuccessful. To facilitate an understanding of the implementation phase of a project, a game theoretic framework is employed that classifies technology solutions as either independent or interdependent. When solutions are interdependent, the framework suggests that, in order to obtain the greatest value, the government should exert its authority to ensure the coordination and cooperation of the actors in the system. To understand the design phase of a project, a framework is developed that links together the nature of the problem with the type of organization best suited to solving the problem. I argue that the complexity, or decomposability, of a problem directly affects the optimal method of a search for solutions, and the optimal means of organizing that search. These two frameworks are then applied to Ontario’s EHR project to analyze why the EHR project was so unsuccessful. I conclude that decision makers failed to consider the interdependent nature of EHR solutions; instead, they encouraged independent actors to develop their own ehealth solutions, effectively undermining the provincial goal of an interoperable system. I also conclude that decision makers misdiagnosed the nature of the EHR problem, resulting in an ineffective search procedure to locate an EHR solution. These two errors resulted in a policy fiasco that was manifested in almost total project failure and a resulting high degree of public outrage. We also speculate on why these errors were made

Design and implementation of a secure and user-friendly broker platform supporting the end-to-end provisioning of e-homecare services

We designed a broker platform for e-homecare services using web service technology. The broker allows efficient data communication and guarantees quality requirements such as security, availability and cost-efficiency by dynamic selection of services, minimizing user interactions and simplifying authentication through a single user sign-on. A prototype was implemented, with several e-homecare services (alarm, telemonitoring, audio diary and video-chat). It was evaluated by patients with diabetes and multiple sclerosis. The patients found that the start-up time and overhead imposed by the platform was satisfactory. Having all e-homecare services integrated into a single application, which required only one login, resulted in a high quality of experience for the patients

Data Segmentation in Electronic Health Information Exchange: Policy Considerations and Analysis

The issue of whether and, if so, to what extent patients should have control over the sharing or withholding of their health information represents one of the foremost policy challenges related to electronic health information exchange. It is widely acknowledged that patients\u27 health information should flow where and when it is needed to support the provision of appropriate and high-quality care. Equally significant, however, is the notion that patients want their needs and preferences to be considered in the determination of what information is shared with other parties, for what purposes, and under what conditions. Some patients may prefer to withhold or sequester certain elements of health information, often when it is deemed by them (or on their behalf) to be sensitive, whereas others may feel strongly that all of their health information should be shared under any circumstance. This discussion raises the issue of data segmentation, which we define for the purposes of this paper as the process of sequestering from capture, access or view certain data elements that are perceived by a legal entity, institution, organization, or individual as being undesirable to share. This whitepaper explores key components of data segmentation, circumstances for its use, associated benefits and challenges, various applied approaches, and the current legal environment shaping these endeavors