Using the eSana Framework in Dermatology to improve the Information Flow between Patients and Doctors

Mobile devices are becoming ubiquitous in every day\u27s life; their time and place independence are reasons for using them in different areas. One such area is electronic health, where patients can install small applications on their mobile devices that help or guide them in the management of their disease. The eSana framework offers a set of tools and approaches that allow the transmission of discrete physiological values electronically in order to evaluate them by medical experts. This paper presents an application scenario in the field of dermatology. It illustrates the information flow between patient and dermatologist including all transformation services. One speciality is the combination of binary image data and structured information about a given condition sent over a mobile network. The main goal is to show a set of necessary components in order to support the relationship between patients and their dermatologists by using medical standards

A rapidly moving target: Conformance with e-health standards for mobile computing

The rapid adoption and evolution of mobile applications in health is posing significant challenges in terms of standards development, standards adoption, patient safety, and patient privacy. This is a complex continuum to navigate. There are many competing demands from the standards development process, to the use by clinicians and patients. In between there are compliance and conformance measures to be defined to ensure patient safety, effective use with integration into clinical workflow, and the protection of data and patient privacy involved in data collection and exchange. The result is a composite and intricate mixture of stakeholders, legislation, and policy together with national and individual perspectives. The challenges for standards development are numerous and include the cross over from traditional medical devices and mobile devices with apps, as well as harmonisation for consistent semantic terminology, and the diverse range of standards required in mobile health solutions. These issues affect the ability of conformance and compliance to be undertaken. Additionally, the need for interoperability in development of safe and secure mHealth software whilst being mindful of the implications for patient safety is vital. Conformance and compliance to established international standards is the first and, at present, the only step in meeting the mobile health challenges

A rapidly moving target: Conformance with e-health standards for mobile computing

The rapid adoption and evolution of mobile applications in health is posing significant challenges in terms of standards development, standards adoption, patient safety, and patient privacy. This is a complex continuum to navigate. There are many competing demands from the standards development process, to the use by clinicians and patients. In between there are compliance and conformance measures to be defined to ensure patient safety, effective use with integration into clinical workflow, and the protection of data and patient privacy involved in data collection and exchange. The result is a composite and intricate mixture of stakeholders, legislation, and policy together with national and individual perspectives. The challenges for standards development are numerous and include the cross over from traditional medical devices and mobile devices with apps, as well as harmonisation for consistent semantic terminology, and the diverse range of standards required in mobile health solutions. These issues affect the ability of conformance and compliance to be undertaken. Additionally, the need for interoperability in development of safe and secure mHealth software whilst being mindful of the implications for patient safety is vital. Conformance and compliance to established international standards is the first and, at present, the only step in meeting the mobile health challenges

Systematic predictive analysis of personalized life expectancy using smart devices

With the emergence of technologies such as electronic health and mobile health (eHealth/mHealth), cloud computing, big data, and the Internet of Things (IoT), health related data are increasing and many applications such as smartphone apps and wearable devices that provide wellness and fitness tracking are entering the market. Some apps provide health related data such as sleep monitoring, heart rate measuring, and calorie expenditure collected and processed by the devices and servers in the cloud. These requirements can be extended to provide a personalized life expectancy (PLE) for the purpose of wellbeing and encouraging lifestyle improvement. No existing works provide this PLE information that is developed and customized for the individual. This article is based on the concurrent models and methodologies to calculate and predict life expectancy (LE) and proposes an idea of using multi-phased approaches to the solution as the project requires an immense and broad range of work to accomplish. As a result, the current prediction of LE, which was found to be up to a maximum of five years could potentially be extended to a lifetime prediction by utilizing generic health data. In this article, the novel idea of the solution proposing a PLE on an individual basis, which can be extended to lifetime is presented in addition to the existing works

Usability and Security in Medication. Administration Applications

The traditional process of filling the medicine trays and dispensing the medicines to the patients in the hospitals is manually done by reading the printed paper medicinechart. This process can be very strenuous and error-prone, given the number of sub-tasksinvolved in the entire workflow and the dynamic nature of the work environment.Therefore, efforts are being made to digitalise the medication dispensation process byintroducing a mobile application called Smart Dosing application. The introduction ofthe Smart Dosing application into hospital workflow raises security concerns and callsfor security requirement analysis. This thesis is written as a part of the smart medication management project at EmbeddedSystems Laboratory, A˚bo Akademi University. The project aims at digitising the medicine dispensation process by integrating information from various health systems, and making them available through the Smart Dosing application. This application is intended to be used on a tablet computer which will be incorporated on the medicine tray. The smart medication management system include the medicine tray, the tablet device, and the medicine cups with the cup holders. Introducing the Smart Dosing application should not interfere with the existing process carried out by the nurses, and it should result in minimum modifications to the tray design and the workflow. The re-designing of the tray would include integrating the device running the application into the tray in a manner that the users find it convenient and make less errors while using it. The main objective of this thesis is to enhance the security of the hospital medicine dispensation process by ensuring the security of the Smart Dosing application at various levels. The methods used for writing this thesis was to analyse how the tray design, and the application user interface design can help prevent errors and what secure technology choices have to be made before starting the development of the next prototype of the Smart Dosing application. The thesis first understands the context of the use of the application, the end-users and their needs, and the errors made in everyday medication dispensation workflow by continuous discussions with the nursing researchers. The thesis then gains insight to the vulnerabilities, threats and risks of using mobile application in hospital medication dispensation process. The resulting list of security requirements was made by analysing the previously built prototype of the Smart Dosing application, continuous interactive discussions with the nursing researchers, and an exhaustive state-of-the-art study on security risks of using mobile applications in hospital context. The thesis also uses Octave Allegro method to make the readers understand the likelihood and impact of threats, and what steps should be taken to prevent or fix them. The security requirements obtained, as a result, are a starting point for the developers of the next iteration of the prototype for the Smart Dosing application.Siirretty Doriast

The development and implementation of e-health services for the Libyan NHS: case studies of hospitals and clinics in both urban and rural areas

This thesis provides an assessment of the readiness levels within both urban and rural hospitals and clinics in Libya for the implementation of E-health systems. This then enabled the construction of a framework for E-health implementation in the Libyan National Health Service (LNHS). The E-health readiness study assessed how medications were prescribed, how patients were referred, how information communication technology (ICT) was utilised in recording patient records, how healthcare staff were trained to use ICT, and how the ways in which consultations were carried out by healthcare staff. The research was done in five rural clinics and five urban medical centres and focused on the E-health readiness levels of the technology, social attitudes, engagement levels and any other needs that were apparent. Collection of the data was carried out using a mixed methods approach with qualitative interviews and quantitative questionnaires. The study indicated that any IT equipment present was not being utilised for clinical purposes and there was no evidence of any E-health technologies being employed. This implies that the maturity level of the healthcare institutions studied was at level zero in the E-health maturity model used in this thesis. In order for the LNHS to raise its maturity levels for the implementation of E-health systems, it needs to persuade LNHS staff and patients to adopt E-health systems. This can be carried out at a local level throughout the LNHS, though this will need to be coordinated at a national level through training, education and programmes to encourage compliance and providing incentives. In order to move E-health technology usage in the participating Libyan healthcare institutions from Level 0 to Level 2 in the E-health Maturity Model levels, an E-health framework was created that is based on the findings of this research study. The primary aim of the LNHS E-Health Framework is the integration of E-health services for improving the delivery of healthcare within the LNHS. To construct the framework and ensure that it was creditable and applicable, work on it was informed directly by the findings from document analysis, literature review, and expert feedback, in conjunction with the primary research findings presented in Chapter Five. When the LNHS E-Health Framework was compiled there were several things taken into consideration, such as: the abilities of healthcare staff, the needs of healthcare institutions and the existing ICT infrastructure that had been recorded in the E-readiness assessment which was carried out in the healthcare institutions (Chapter 5). The framework also provides proposals for E-health systems based on the infrastructure network that will be developed. The processes addressed are electronic health records, E-consultations, E-prescriptions, E-referrals and E-training. The researcher has received very positive, even enthusiastic, feedback from the LNHS and other officals, and that expect the framework to be further developed and implemented by the LNHS in the near future

Contribuciones al establecimiento de una red global de sensores inalámbricos interconectados

Se ha considerado a este trabajo como un aporte al establecimiento de una red global de sensores donde los humanos (agentes inteligentes), y computadoras potentes interactúan con redes piloto de sensores inalámbricos, distinguiendo en la red global 3 subdominios: • Una red superior existente, donde los distintos nodos ejecutan las aplicaciones en potentes computadoras que pueden interconectarse vía Internet u otras redes globales. • Los dispositivos sensores que forman una red piloto y se comunican entre sí por medio inalámbrico. • Un portal de servidores, formado por nodos que controlan las redes piloto, y permiten la interacción entre los nodos de la red superior y los dispositivos de la WSN. Los temas a desarrollar en esta tesis son: •Modelado y simulación: La simulación es utilizada para evaluar sistemas desarrollados y a implementar en redes reales. La utilidad de los datos obtenidos depende puramente del realismo y la precisión de los modelos a implementar. Fundamentalmente se avanzan con simulaciones que simplifican la instalación de las WSNs. •Entorno de desarrollo de aplicaciones: Necesario para la corrida de las simulaciones como también desarrollo de las aplicaciones a ser instaladas en los nodos físicos existentes. •Alternativa de soporte de las WSN: la preexistencia de situaciones donde la prestación de servicios de transmisión de datos es sumamente ineficiente y provisto por una empresa de manera monopólica. Ciertas veces el servicio es inexistente en la locación del proyecto. Por ello se avanzó en la búsqueda de un soporte a la red de WSN no basada en la Red Digital Soporte de la prestadora en la región de desarrollo del trabajo.Facultad de Informátic

AMAN-DA : Une approche basée sur la réutilisation de la connaissance pour l'ingénierie des exigences de sécurité

In recent years, security in Information Systems (IS) has become an important issue that needs to be taken into account in all stages of IS development, including the early phase of Requirement Engineering (RE). Considering security during early stages of IS development allows IS developers to envisage threats, their consequences and countermeasures before a system is in place. Security requirements are known to be “the most difficult of requirements types”, and potentially the ones causing the greatest risk if they are not correct. Moreover, requirements engineers are not primarily interested in, or knowledgeable about, security. Their tacit knowledge about security and their primitive knowledge about the domain for which they elicit security requirements make the resulting security requirements poor and too generic.This thesis explores the approach of eliciting requirements based on the reuse of explicit knowledge. First, the thesis proposes an extensive systematic mapping study of the literature on the reuse of knowledge in security requirements engineering identifying the diferent knowledge forms. This is followed by a review and classification of security ontologies as the main reuse form.In the second part, AMAN-DA is presented. AMAN-DA is the method developed in this thesis. It allows the elicitation of domain-specific security requirements of an information system by reusing knowledge encapsulated in domain and security ontologies. Besides that, the thesis presents the different elements of AMANDA: (i) a core security ontology, (ii) a multi-level domain ontology, (iii) security goals and requirements’s syntactic models, (iv) a set of rules and mechanisms necessary to explore and reuse the encapsulated knowledge of the ontologies and produce security requirements specifications.The last part reports the evaluation of the method. AMAN-DA was implemented in a prototype tool. Its feasibility was evaluated and applied in case studies of three different domains (maritime, web applications, and sales). The ease of use and the usability of the method and its tool were also evaluated in a controlled experiment. The experiment revealed that the method is beneficial for the elicitation of domain specific security requirements, and that the tool is friendly and easy to use.Au cours de ces dernières années, la sécurité des Systèmes d'Information (SI) est devenue une préoccupation importante, qui doit être prise en compte dans toutes les phases du développement du SI, y compris dans la phase initiale de l'ingénierie des exigences (IE). Prendre en considération la sécurité durant les premieres phases du dévelopment des SI permet aux développeurs d'envisager les menaces, leurs conséquences et les contre-mesures avant qu'un système soit mis en place. Les exigences de sécurité sont connues pour être "les plus difficiles des types d’exigences", et potentiellement celles qui causent le plus de risque si elles ne sont pas correctes. De plus, les ingénieurs en exigences ne sont pas principalement intéressés à, ou formés sur la sécurité. Leur connaissance tacite de la sécurité et leur connaissance primitive sur le domaine pour lequel ils élucident des exigences de sécurité rendent les exigences de sécurité résultantes pauvres et trop génériques.Cette thèse explore l'approche de l’élucidation des exigences fondée sur la réutilisation de connaissances explicites. Tout d'abord, la thèse propose une étude cartographique systématique et exhaustive de la littérature sur la réutilisation des connaissances dans l'ingénierie des exigences de sécurité identifiant les diférentes formes de connaissances. Suivi par un examen et une classification des ontologies de sécurité comme étant la principale forme de réutilisation.Dans la deuxième partie, AMAN-DA est présentée. AMAN-DA est la méthode développée dans cette thèse. Elle permet l’élucidation des exigences de sécurité d'un système d'information spécifique à un domaine particulier en réutilisant des connaissances encapsulées dans des ontologies de domaine et de sécurité. En outre, la thèse présente les différents éléments d'AMAN-DA : (i) une ontologie de sécurité noyau, (ii) une ontologie de domaine multi-niveau, (iii) des modèles syntaxique de buts et d’exigences de sécurité, (iv) un ensemble de règles et de mécanismes nécessaires d'explorer et de réutiliser la connaissance encapsulée dans les ontologies et de produire des spécifications d’exigences de sécurité.La dernière partie rapporte l'évaluation de la méthode. AMAN-DA a été implémenté dans un prototype d'outil. Sa faisabilité a été évaluée et appliquée dans les études de cas de trois domaines différents (maritimes, applications web, et de vente). La facilité d'utilisation et l’utilisabilité de la méthode et de son outil ont également été évaluées dans une expérience contrôlée. L'expérience a révélé que la méthode est bénéfique pour l’élucidation des exigences de sécurité spécifiques aux domaines, et l'outil convivial et facile à utiliser