Indivo: a personally controlled health record for health information exchange and communication

<p>Abstract</p> <p>Background</p> <p>Personally controlled health records (PCHRs), a subset of personal health records (PHRs), enable a patient to assemble, maintain and manage a secure copy of his or her medical data. Indivo (formerly PING) is an open source, open standards PCHR with an open application programming interface (API).</p> <p>Results</p> <p>We describe how the PCHR platform can provide standard building blocks for networked PHR applications. Indivo allows the ready integration of diverse sources of medical data under a patient's control through the use of standards-based communication protocols and APIs for connecting PCHRs to existing and future health information systems.</p> <p>Conclusion</p> <p>The strict and transparent personal control model is designed to encourage widespread participation by patients, healthcare providers and institutions, thus creating the ecosystem for development of innovative, consumer-focused healthcare applications.</p

Top 10 Blockchain Predictions for the (Near) Future of Healthcare

To review blockchain lessons learned in 2018 and near-future predictions for blockchain in healthcare, Blockchain in Healthcare Today (BHTY) asked the world's blockchain in healthcare experts to share their insights. Here, our internationally-renowned BHTY peer-review board discusses their major predictions. Based on their responses, presented in detail below, ten major themes (Table) for the future of blockchain in healthcare will emerge over the 12 months

Semantically Secure Anonymity: Foundations of Re-encryption

The notion of universal re-encryption is an established primitive used in the design of many anonymity protocols. It allows anyone to randomize a ciphertext without changing its size, without first decrypting it, and without knowing who the receiver is (i.e., not knowing the public key used to create it). By design it prevents the randomized ciphertext from being correlated with the original ciphertext. We revisit and analyze the security foundation of universal re-encryption and show a subtlety in it, namely, that it does not require that the encryption function achieve key anonymity. Recall that the encryption function is different from the re-encryption function. We demonstrate this subtlety by constructing a cryptosystem that satisfies the established definition of a universal cryptosystem but that has an encryption function that does not achieve key anonymity, thereby instantiating the gap in the definition of security of universal re-encryption. We note that the gap in the definition carries over to a set of applications that rely on universal re-encryption, applications in the original paper on universal re-encryption and also follow-on work. This shows that the original definition needs to be corrected and it shows that it had a knock-on effect that negatively impacted security in later work. We then introduce a new definition that includes the properties that are needed for a re-encryption cryptosystem to achieve key anonymity in both the encryption function and the re-encryption function, building on Goldwasser and Micali\u27s semantic security and the original key anonymity notion of Bellare, Boldyreva, Desai, and Pointcheval. Omitting any of the properties in our definition leads to a problem. We also introduce a new generalization of the Decision Diffie-Hellman (DDH) random self-reduction and use it, in turn, to prove that the original ElGamal-based universal cryptosystem of Golle et al is secure under our revised security definition. We apply our new DDH reduction technique to give the first proof in the standard model that ElGamal-based incomparable public keys achieve key anonymity under DDH. We present a novel secure Forward-Anonymous Batch Mix as a new application

Integration of a nationally procured electronic health record system into user work practices

BACKGROUND: Evidence suggests that many small- and medium-scale Electronic Health Record (EHR) implementations encounter problems, these often stemming from users' difficulties in accommodating the new technology into their work practices. There is the possibility that these challenges may be exacerbated in the context of the larger-scale, more standardised, implementation strategies now being pursued as part of major national modernisation initiatives. We sought to understand how England's centrally procured and delivered EHR software was integrated within the work practices of users in selected secondary and specialist care settings. METHODS: We conducted a qualitative longitudinal case study-based investigation drawing on sociotechnical theory in three purposefully selected sites implementing early functionality of a nationally procured EHR system. The complete dataset comprised semi-structured interview data from a total of 66 different participants, 38.5 hours of non-participant observation of use of the software in context, accompanying researcher field notes, and hospital documents (including project initiation and lessons learnt reports). Transcribed data were analysed thematically using a combination of deductive and inductive approaches, and drawing on NVivo8 software to facilitate coding. RESULTS: The nationally led "top-down" implementation and the associated focus on interoperability limited the opportunity to customise software to local needs. Lack of system usability led users to employ a range of workarounds unanticipated by management to compensate for the perceived shortcomings of the system. These had a number of knock-on effects relating to the nature of collaborative work, patterns of communication, the timeliness and availability of records (including paper) and the ability for hospital management to monitor organisational performance. CONCLUSIONS: This work has highlighted the importance of addressing potentially adverse unintended consequences of workarounds associated with the introduction of EHRs. This can be achieved with customisation, which is inevitably somewhat restricted in the context of attempts to implement national solutions. The tensions and potential trade-offs between achieving large-scale interoperability and local requirements is likely to be the subject of continuous debate in England and beyond with no easy answers in sight

Use of electronic personal health record systems to encourage HIV screening: an exploratory study of patient and provider perspectives

<p>Abstract</p> <p>Background</p> <p>When detected, HIV can be effectively treated with antiretroviral therapy. Nevertheless in the U.S. approximately 25% of those who are HIV-infected do not know it. Much remains unknown about how to increase HIV testing rates. New Internet outreach methods have the potential to increase disease awareness and screening among patients, especially as electronic personal health records (PHRs) become more widely available. In the US Department of Veterans' Affairs medical care system, 900,000 veterans have indicated an interest in receiving electronic health-related communications through the PHR. Therefore we sought to evaluate the optimal circumstances and conditions for outreach about HIV screening. In an exploratory, qualitative research study we examined patient and provider perceptions of Internet-based outreach to increase HIV screening among veterans who use the Veterans Health Administration (VHA) health care system.</p> <p>Findings</p> <p>We conducted two rounds of focus groups with veterans and healthcare providers at VHA medical centers. The study's first phase elicited general perceptions of an electronic outreach program to increase screening for HIV, diabetes, and high cholesterol. Using phase 1 results, outreach message texts were drafted and then presented to participants in the second phase. Analysis followed modified grounded theory.</p> <p>Patients and providers indicated that electronic outreach through a PHR would provide useful information and would motivate patients to be screened for HIV. Patients believed that electronic information would be more convenient and understandable than information provided verbally. Patients saw little difference between messages about HIV versus about diabetes and cholesterol. Providers, however, felt patients would disapprove of HIV-related messages due to stigma. Providers expected increased workload from the electronic outreach, and thus suggested adding primary care resources and devising methods to smooth the flow of patients getting screened. When provided a choice between unsecured emails versus PHRs as the delivery mechanism for disease screening messages, both patients and providers preferred PHRs.</p> <p>Conclusions</p> <p>There is considerable potential to use PHR systems for electronic outreach and social marketing to communicate to patients about, and increase rates of, disease screening, including for HIV. Planning for direct-to-patient communications through PHRs should include providers and address provider reservations, especially about workload increases.</p

Reviewing the integration of patient data: how systems are evolving in practice to meet patient needs

<p>Abstract</p> <p>Background</p> <p>The integration of Information Systems (IS) is essential to support shared care and to provide consistent care to individuals – patient-centred care. This paper identifies, appraises and summarises studies examining different approaches to integrate patient data from heterogeneous IS.</p> <p>Methods</p> <p>The literature was systematically reviewed between 1995–2005 to identify articles mentioning patient records, computers and data integration or sharing.</p> <p>Results</p> <p>Of 3124 articles, 84 were included describing 56 distinct projects. Most of the projects were on a regional scale. Integration was most commonly accomplished by messaging with pre-defined templates and middleware solutions. HL7 was the most widely used messaging standard. Direct database access and web services were the most common communication methods. The user interface for most systems was a Web browser. Regarding the type of medical data shared, 77% of projects integrated diagnosis and problems, 67% medical images and 65% lab results. More recently significantly more IS are extending to primary care and integrating referral letters.</p> <p>Conclusion</p> <p>It is clear that Information Systems are evolving to meet people's needs by implementing regional networks, allowing patient access and integration of ever more items of patient data. Many distinct technological solutions coexist to integrate patient data, using differing standards and data architectures which may difficult further interoperability.</p