Update on the Development of the Computerised Infectious Disease Reporting (CIDR) System

Transcription

1 Update on the Development of the Computerised Infectious Disease Reporting (CIDR) System J. Brazil, G. Cullen, J. Foy, C. Grogan, M. Houlden, D. Igoe and L. O Connor. National Disease Surveillance Centre, Middle Gardiner Street, Dublin 1.

2 CIDR One national database of information on infectious diseases and Anti-Microbial Resistance Combines and links clinical epidemiological and laboratory based information Uses web technology for access Needs to be flexible and scaleable Needs to be secure

3 CIDR Partners Food Safety Promotion Board D epartm ent of Health and Children Food Safety Authority Public Internet / G overnm ent VPN CIDR Database National Disease Surveillance Centre Department of Public Health C linical Laboratory Community Care Office Health Board

4 CIDR Timescales 2002 Design 2003 Development and User Acceptance Testing 2004 Pilot implementation in NEHB and 4 Reference Laboratories (Meningococcal Reference Laboratory Temple Street Hospital, MRSA Reference Laboratory St James s Hospital, National Virus Reference Laboratory UCD, Salmonella Reference Laboratory University College Hospital Galway) January to March 2004 Available for national implementation

5 CIDR Technologies The core CIDR system has been developed on a Microsoft platform Windows 2000 IIS SQL 2000.Net Browser-based clients

6 CIDR Technical Architecture n tier Architecture User Services Directory Services Business Façade Business Rules Data Access Data Persistence Presentation Sub-system Business Sub-system Data Sub-system CIDR Core System User Services Layer Directory Services Layer Business Façade Layer Business Rules Layer Data Access Layer Data Persistence Layer Technology Infrastructure Web Server Directory Server Application Server Database Server

7 CIDR Technologies RSA authentication To confirm that the user is who they purport to be Active Directory Services To manage user access to data and functionality through the CIDR application XML To manage CIDR masterfiles and to enable the transformation and translation of data exported from Laboratory Information Systems

8 Local Requirements Modern PC running Internet Explorer 6 Network connection to Government Virtual Private Network

9

10

11 Partner Connectivity Issues Availability Bandwidth Cost Security

12 Government Virtual Private Network Managed 3640/3725 router egovernment Network WAN link to eircom BIP 10Mb Ethernet connections for "egov- Services", "egov- InterAgency", "egov- Dialin" and Agency Private VPNs 10Mb Ethernet connection carrying "egov-hosting" VPN Ethernet connection to Agency's private network Agency Network Agency's Firewall

13 Government VPN Configurations Hosting Services Inter-agency

14 Technical Challenges No unique health identifier Very limited or non-existent national coding standards for e.g. GPs or their practices, hospitals, etc LIMS populated with local codes, data unstructured or semi-structured,other sites not computerised Relationships between data items not defined or enforced

15 Data Protection CIDR will contain personally-identifiable health information Some of this information may be highly sensitive There is a clear statutory obligation under the Data Protection (Amendment) Act, 2003 to ensure that this information is secured to a degree commensurate with the potential for harm to the data subject

16 Information Governance Appropriate data sharing Defined access rights Policies and procedures Audit IS Information Security Management

17 CIDR User Access Rights Defined by Role e.g. Public Health Specialist Area Medical Officer Surveillance Scientist Medical Scientist Defined by Location e.g. Health Board Hospital Laboratory Health Agency Defined by Disease e.g. Anti-Microbial Resistance Sexually Transmitted Infections

18 User Access to CIDR Application Who you are Username What you know Password What you have RSA token

19 RSA Token Management

20

21 Application Access Rights Managed by Active Directory Services

22 Allocation of User Rights by Location

23 Management of Access to Differing Areas of Functionality

24 Report Writer Allows data in a complex relational database to be viewed in a more userfriendly manner Allows complex reports to be created relatively easily Ensures that the integrity of the underlying data is preserved

25 Reporting Framework Data Capture and Use Query, Reporting, and Analysis Operational Systems Informational Systems Operational View CIDR Application Operational Database Reporting Database (Cube) SQL Server 2000 Relational Database With Analysis Services Informational View Business Objects 2000

26

27

28

29 Business Objects User Rights

30 CIDR Design and Development CIDR Project Team Fujitsu Consulting With extensive support from CIDR partners in Health Boards, Hospitals, Health Agencies, the Department of Health and Children, and from other NDSC staff