Service for the Pseudonymization of Electronic Healthcare Records Based on ISO/EN 13606 for the Secondary Use of Information.

The availability of electronic health data favors scientific advance through the creation of repositories for secondary use. Data anonymization is a mandatory step to comply with current legislation. A service for the pseudonymization of electronic healthcare record (EHR) extracts aimed at facilitating the exchange of clinical information for secondary use in compliance with legislation on data protection is presented. According to ISO/TS 25237, pseudonymization is a particular type of anonymization. This tool performs the anonymizations by maintaining three quasi-identifiers (gender, date of birth, and place of residence) with a degree of specification selected by the user. The developed system is based on the ISO/EN 13606 norm using its characteristics specifically favorable for anonymization. The service is made up of two independent modules: the demographic server and the pseudonymizing module. The demographic server supports the permanent storage of the demographic entities and the management of the identifiers. The pseudonymizing module anonymizes the ISO/EN 13606 extracts. The pseudonymizing process consists of four phases: the storage of the demographic information included in the extract, the substitution of the identifiers, the elimination of the demographic information of the extract, and the elimination of key data in free-text fields. The described pseudonymizing system was used in three telemedicine research projects with satisfactory results. A problem was detected with the type of data in a demographic data field and a proposal for modification was prepared for the group in charge of the drawing up and revision of the ISO/EN 13606 norm.This work was supported inpart by Project PI08/1148, Project PI08/90330, Project PI12/01476, and ProjectPI12/01305 (coord. PI12/00508) from Fondo de Investigaci ́on Sanitaria (FIS)Plan Nacional de I+D+i and by Project CEN-20091043S

Service for the Pseudonymization of Electronic Healthcare Records Based on ISO/EN 13606 for the Secondary Use of Information

The availability of electronic health data favors scientific advance through the creation of repositories for secondary use. Data anonymization is a mandatory step to comply with current legislation. A service for the pseudonymization of electronic healthcare record (EHR) extracts aimed at facilitating the exchange of clinical information for secondary use in compliance with legislation on data protection is presented. According to ISO/TS 25237, pseudonymization is a particular type of anonymization. This tool performs the anonymizations by maintaining three quasi-identifiers (gender, date of birth, and place of residence) with a degree of specification selected by the user. The developed system is based on the ISO/EN 13606 norm using its characteristics specifically favorable for anonymization. The service is made up of two independent modules: the demographic server and the pseudonymizing module. The demographic server supports the permanent storage of the demographic entities and the management of the identifiers. The pseudonymizing module anonymizes the ISO/EN 13606 extracts. The pseudonymizing process consists of four phases: the storage of the demographic information included in the extract, the substitution of the identifiers, the elimination of the demographic information of the extract, and the elimination of key data in free-text fields. The described pseudonymizing system was used in three telemedicine research projects with satisfactory results. A problem was detected with the type of data in a demographic data field and a proposal for modification was prepared for the group in charge of the drawing up and revision of the ISO/EN 13606 norm.This work was supported inpart by Project PI08/1148, Project PI08/90330, Project PI12/01476, and ProjectPI12/01305 (coord. PI12/00508) from Fondo de Investigaci ́on Sanitaria (FIS)Plan Nacional de I+D+i and by Project CEN-20091043S

Manual práctico de interoperabilidad semántica para entornos sanitarios basada en arquetipos / Adolfo Muñoz Carrera...[et al.]. Madrid: ISCIII, 2013

La necesidad de interoperabilidad en los sistemas públicos de salud como soporte a la continuidad asistencial está plenamente establecida desde hace ya algún tiempo y el uso de la normalización se ha situado como la principal estrategia para conseguirla. Este texto pretende ser un manual práctico para dotar a los profesionales de la salud (tanto tecnológicos como sanitarios, pues ambos están involucrados en el proceso) de las herramientas necesarias para comprender y acometer la interoperabilidad, en el más amplio sentido del término, de sus organizaciones. Respondiendo al objetivo de la practicidad, el libro está dividido en dos partes: la primera descriptiva, donde se muestran los diferentes conceptos tratados en orden creciente de complejidad (y de abstracción), y una segunda que comienza con la descripción de una metodología para dotar a las organizaciones de interoperabilidad y donde se aplican los conceptos vistos anteriormente siguiendo el orden propuesto por dicha metodología, definiendo primeramente los más abstractos y terminando por los más concretos. La introducción define los distintos tipos de interoperabilidad: técnica (que soporta la conexión física de los sistemas), sintáctica (que permite que aquellos se transfieran información), semántica (que hace que los sistemas puedan interpretar automáticamente la información recibida y actúen en onsecuencia) y organizativa (que define el contexto necesario para que las organizaciones puedan cooperar). Muestra los niveles de las organizaciones en los que aplicar los diferentes tipos de interoperabilidad y termina proponiendo una serie de normas a utilizar en cada uno de esos niveles y los profesionales que deben encargarse de estas tareas