A Flexible Solution for Privilege Management and Access Control in EHR Systems

Background: Inter-organizational healthcare businesses are ruled by a huge set of policies: legal policies, organizational policies, medical policies, ethical policies, etc., which are quite static, patients policy and process, social and environmental conditions, which are highly dynamic. In the context of a business case, those different policies must be harmonized to enable privilege management and access control decisions. Objectives: The authors offer a methodology to achieve interoperability through policies harmonization in a privilege management and access control solution for EHR systems, to be later on implemented in a cancer care network using HL7 specifications. Methods: To meet the objective, the authors make use of a system-theoretical, architecture-centric, ontology-based approach to formally representing the aforementioned polices for harmonization. Results: Because of its flexibility and generality, a policy-driven RBAC model is used to formally represent all the other access control models such as MAC, DAC, RBAC, ABAC, HL7 Data Segmentation and Labeling Services. All the policies deployed in the context of an inter-organizational collaboration for cancer care can be formalized and then harmonized. Conclusions: The authors provide an implementation-independent methodology to enable policies harmonization in EHR systems. The methodology described in the paper is independent on the maturity of organizations\u2019 privilege management and access control system. Furthermore, it does not hamper organizations progressing to more advanced solutions over the time. Even dynamic policies can be harmonized at run time, allowing an advancement towards a patient-centered care

A NLP Pipeline for the Automatic Extraction of a Complete Microorganism’s Picture from Microbiological Notes

The Italian “Istituto Superiore di Sanità” (ISS) identifies hospital-acquired infections (HAIs) as the most frequent and serious complications in healthcare. HAIs constitute a real health emergency and, therefore, require decisive action from both local and national health organizations. Information about the causative microorganisms of HAIs is obtained from the results of microbiological cultures of specimens collected from infected body sites, but microorganisms’ names are sometimes reported only in the notes field of the culture reports. The objective of our work was to build a NLP-based pipeline for the automatic information extraction from the notes of microbiological culture reports. We analyzed a sample composed of 499 texts of notes extracted from 1 month of anonymized laboratory referral. First, our system filtered texts in order to remove nonmeaningful sentences. Thereafter, it correctly extracted all the microorganisms’ names according to the expert’s labels and linked them to a set of very important metadata such as the translations into national/international vocabularies and standard definitions. As the major result of our pipeline, the system extracts a complete picture of the microorganism

A standardized SOA based solution to guarantee the secure access to EHR

Continued advances in science and technology and general improvements in environmental and social conditions is extending the population\u2019s life expectancy with the consequence that a person can undergo many episodes of healthcare during lifetime. In this context, the Electronic Health Record (EHR) represents a fundamental tool to support treatment continuity, education and research. The economic restrictions in healthcare and the need to increase efficiency in term of cost/effectiveness ration could lead institutional organizations to choose cloud solutions to host the EHR. In this paper, a cloud infrastructure architecture, focus on the EHR and based on SOA (Service Oriented Architecture) paradigm, which is able both to completely support technical, semantic and process interoperability, and to guarantee security, is proposed. In order to achieve this goal, the indications and the standards proposed by Healthcare Services Specification Project (HSSP) was adopted. Different situations can be managed by the proposed architecture and are described: the user access to an encrypted resource in EHR, the availability of EHR content for external Decision Support Systems, the update of EHR content, the management of semantic of clinical data exchanged among distributed healthcare organizations. Finally, the authors propose a discussion on the proposed solutio

Access Control Models – A Systematic Review

Within a healthcare environment, organizational, legal, functional, social, ethical, and technical requirements must be met. In that context, security and safety are important challenges, which highly influence user acceptance. In such a complex scenario, privilege management and access control are critical for data security and patients' privacy. On the other end, the appropriate use of care data should not be prevented by data protection measures. In order to enable an adequate use of data, all the policies ruling the care process must be harmonized. In order to pursue this aim, the health system's architecture must be formally described at the required level of granularity using a system theory based architectural model. The resulting representation can be used as a mean to compare the different access control models governing the different parts of the distributed environment and to perform policy harmonization

A NLP pipeline for the automatic extraction of microorganisms names from microbiological notes

According to the 'Istituto Superiore di Sanita (ISS), hospital infections are the most frequent and serious complication of health care. This constitutes a real health emergency which requires incisive and joint action at all levels of the local and national health organization. Most of the valuable information related to the presence of a specific microorganism in the blood are written into the notes field of the laboratory exams results. The main objective of this work is to build a Natural Language Processing (NLP) pipeline for the automatic extraction of the names of microorganisms present in the clinical texts. A sample of 499 microbiological notes have been analysed with the developed system and all the microorganisms names have been extracted correctly, according to the labels given by the expert

FINSTIX: A Cyber-Physical Data Model for Financial Critical Infrastructures

Cyber-physical security of financial institutions is a critical and sensitive topic. In this context, the FINSEC project aims to design and build a reference architecture for the integrated physical and cyber security of financial institutions. To make feasible, the interactions among the different services of the FINSEC platform, a proper data model defining the exchanged information semantic is fundamental. One of the objectives of the FINSEC project is to integrate cyber and physical security measures in the financial services industry. To do so, the data model must consider both cyber and physical systems. In this paper, the authors present FINSTIX, namely the data model adopted in the FINSEC platform. In particular, they extended the Structured Threat Information eXpression (STIX) standard creating custom objects to describe the financial organization\u2019s infrastructure and then to integrate cyber and physical security measures. The paper also reports an example of the use of FINSTIX in a relevant use case scenario

The journey : a service-based adaptive serious game on probability

Serious Games (SGs) have a lot of potential in education, possibly making learning more engaging and satisfying. Adaptive Games strive to keep the challenges presented by the game balanced with the player’s abilities, as to keep the player in the "flow" state. We have used a Service-Oriented Architecture (SOA) approach to develop a simple adaptive SG for teaching basic elements of probability to high school and entry-level university students, called The Journey. The game performs continuously the updating of a user model with the competences of the student and presents the new challenges according to the student’s current level. This paper presents details of the educational aspects of the game, as well as of its implementation. It also presents a preliminary validation study and discusses future work

A Standard Interface for Data Reuse in Infectious Diseases

Nowadays, many healthcare providers archive and manage patients\u2019 data in an electronic format. The reuse of such clinical information is essential from both a scientific and financial perspective; and for the integration of primary care and clinical research, which has become a main goal. The objective of the proposed solution is the integration of data between a web platform, developed for research purposes, and HIS. Information is shared through a bidirectional standard interface, based on healthcare ontologies (LOINC, ICD and SNOMED) and standard messaging (HL7 CDA V3 R2) for data exchange. Such an interface allows data import from HIS to a web platform and vice versa. Currently, this project is implemented in the Infectious Diseases context. A complete data integration and semantic interoperability has been obtained between the \u201cLigurian HIV Clinical Network\u201d and the Infectious Diseases wards of different hospitals throughout the region