Architecture for a Distributed National Electronic Health Record System in Austria



Similar documents
ehealth in Austria -- National Strategy and Regional Approches Dr. Thomas Schabetsberger Masterclass, 23-Jul-2007 UMIT, Hall in Tyrol

The ELGA initiative: A plan for implementing a nationwide electronic health records system in Austria

Management of and Access to Virtual Electronic Health Records

Privacy Issues in the Austrian EHR Project ELGA

XDS-I - CROSS-ENTERPRISE DOCUMENT SHARING FOR IMAGING

IBM Interoperable Healthcare Information Infrastructure (IHII) Overview. China October 2006 IBM

Electronic Health Records and XDS the IHE approach

EHR Interoperability Framework Overview

What are Functional Requirements of Future Shared Electronic Health Records?

Healthcare Network Tirol GesundheitsNetz Tirol (GNT)

New York ehealth Collaborative. Health Information Exchange and Interoperability April 2012

IMAGE SHARING. Review and Update - A Fond Farewell to CDs 2012

An open source software tool for creating and managing patient consents electronically in IHE XDS.b environments

Sharing images and documents between Enterprise VNAs Using IEP and XDS standards. Dave Harvey MRCP FRCR Medical Connections Ltd

EMC DOCUMENTUM CONTENT ENABLED EMR Enhance the value of your EMR investment by accessing the complete patient record.

IHE s Contribution to Telecardiology. Nick Gawrit, heartbase Antje Schroeder, Siemens Healthcare Paul Dow, ACC Charles Parisot, GE

ehealth Infrastructure and Medical Data Exchange Agenda

Electronic Health Record. Standards, Coding Systems, Frameworks, and Infrastructures

HIMSS Interoperability Showcase 2011

EHR Standards Landscape

Developers Integration Lab (DIL) System Architecture, Version 1.0

Electronic Health Network - Case Study Consent2Share Share with Confidence

Collaborative & Integrated Network & Systems Management: Management Using Grid Technologies

Deploying a distributed data storage system on the UK National Grid Service using federated SRB

Contextual cloud-based service oriented architecture for clinical workflow

Distributed Healthcare System Framework for Dynamic Medical Data Integration

U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)

Document Sharing: Installed systems throughout lower Austria and national roll out. IHE Austria, Schiffamtsgasse 15, 1020 Wien

INTEGRATING THE ESANTÉ DSP INTO GECAMED

Practical Implementation of a Bridge between Legacy EHR System and a Clinical Research Environment

There has to be more: iconnect Blends XDS and Image Exchange. A Merge White Paper

SINTERO SERVER. Simplifying interoperability for distributed collaborative health care

Implementing Interoperability using an IHE Profile for Interfacility Patient Transport

Facilitating Health Information Exchange in Hospitals and Networks Next Generation Archiving Solutions

IHE IT Infrastructure Cross Enterprise Document Sharing XDS Integration Profile

ehealth Interoperability State of the Art in Serbia

HIE Services & Pricing

Healthcare Provider Directories. Eric Heflin, CTO/CIO Healtheway & CTO HIETexas

HIE Services & Pricing

A Federated Authorization and Authentication Infrastructure for Unified Single Sign On

IHE IT Infrastructure White Paper. Health Information Exchange: Enabling Document Sharing Using IHE Profiles

SCHIEx: The South Carolina Health Information Exchange Update

Benefits of Image-Enabling the EHR

Introduction to Service Oriented Architectures (SOA)

E-HEALTH PLATFORMS AND ARCHITECTURES

Recognition and Privacy Preservation of Paper-based Health Records

A new innovation to protect, share, and distribute healthcare data

GE Healthcare. Centricity * Clinical Archive. Unify patient images and documents across the care continuum

HIMSS Interoperability Showcase 2011

Integrating the Healthcare Enterprise (IHE): Enable Seamless and Secure Access to Health Information. IHE Europe Peter Mildenberger (User Co Chair)

ConnectVirginia EXCHANGE Onboarding and Certification Guide. Version 1.4

Health Informatics Standardization: Relevance and Indian Initiatives

IBM Software. IBM Initiate: Delivering Accurate Patient and Provider Identification for Canadian Electronic Health Records

Smarter Planet: Healthcare Interoperability Solutions

NATIONAL EHEALTH ARCHITECTURE - FROM STRATEGY TO PRACTICE. Ministry of Social Affairs and Health, Finland

Presentation Agenda. TILAK Clinical Information system CERNER Millennium. Introduction on Tilak. TILAK Hospitals

Health Information Exchange. Scalable and Affordable

Relationship of HL7 EHR System Draft Standard to X12N

Trends in Healthcare Information Standardization

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

Participating in a Health Information Exchange (HIE) Many Faces of Community Health /27/11 Greg Linden

HIGH AVAILABILITY CONFIGURATION FOR HEALTHCARE INTEGRATION PORTFOLIO (HIP) REGISTRY

OpenHRE Security Architecture. (DRAFT v0.5)

Health Information Exchange: Reality and Future Kenneth A. Kleinberg, FHIMSS Managing Director, The Advisory Board Company

IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Office of the CIO Province of BC People Collaboration Innovation

BC ehealth Conceptual System Architecture

Models Supporting Development of Complex Information Systems in Healthcare. Case study: an Obstetrics-Gynecology Department

Clinical Document Exchange Integration Guide - Outbound

Streamlining Medical Image Access and Sharing: Integrating Image Workflow and Patient Referrals

IHE IT Infrastructure Technical Framework Supplement. Healthcare Provider Directory (HPD) Trial Implementation

MAGDA-LENA versus HIPAA: Two national frameworks for healthcare data exchange

Service-Oriented Architecture and Software Engineering

Direct Secure Messaging: Improving the Secure and Interoperable Exchange of Health Information

Open Platform. Clinical Portal. Provider Mobile. Orion Health. Rhapsody Integration Engine. RAD LAB PAYER Rx

Resource Management on Computational Grids

Integration Information Model

A Framework for Testing Distributed Healthcare Applications

Regionale uitwisseling van medische gegevens (IHE)

Transcription:

Architecture for a Distributed National Electronic Health Record System in Austria Raimund Vogl a,1,, Florian WOZAK c, Micheal BREU b, Robert PENZ a, Thomas SCHA- BETSBERGER c and Manfred WURZ d a HITT - health information technologies tirol, Innsbruck, Austria b Leopold-Franzens-University Innsbruck, Innsbruck, Austria c University of Health Sciences Medical Informatics and Technology, Hall, Austria d icoserve Information Technologies, Innsbruck, Austria Abstract. Quality and efficiency of healthcare services is expected to be improved by the electronic processing and transinstitutional availability of medical data. A prototype architecture based on the IHE-XDS profile is currently being developed aiming at providing a basis for a distributed electronic health record in Austria. Due to legal and organizational requirements specific adaptations to the IHE-XDS profile have been made. In this work the services of the health@net reference architecture are described in details, which have been developed with focus on compliance to both, the IHE-XDS profile and the legal situation in Austria. We expect to gain knowledge about the development of a shared electronic health record using Medical Data Grids as an Open Source reference implementation and how proprietary hospital information systems can be integrated in this environment. 1. Introduction The electronic processing of medical data which is expected to improve quality and efficiency of health care services [1] will lead to an increasing amount of medical data exchanged across institutional boundaries [2]. The greatest benefit is expected if concise medical data are available for the patient him self as well as for medical institutions involved in the treatment process. Currently transinstitutional data exchange is only partly realized for specific fields. Up to now, and to our best knowledge no systems for a transparent integration of medical data across institutional boundaries have been implemented. Presently communication among institutions in the healthcare environment is mainly based on directed data flow, implying that the intended receiver has to be known at the very beginning of the communication process. Particularly in a medical context this is very limiting, resulting in multiple transmissions of documents from the producing institution to all the possible recipients. In this paper we illustrate the development of a network architecture for a patient centered shared electronic health record (SEHR), using a technical infrastructure based on Medical Data GRIDs. The architecture is designed to comply with the cross enterprise document sharing specification (IHE-XDS) and the Austrian federal law for health telematics [3]. The main challenge is to design the architecture in the way to comply 1 Corresponding Author: Dr. Raimund Vogl, HITT health information technology tirol, Leopoldstrasse 1, A-6020 Innsbruck, Austria. Email: R.Vogl@hitt.at Web: http://www.hitt.at.

with both requirements. The architecture is designed to be highly scalable and to offer standardized interfaces which simplifies the process of joining for new institutions as much as possible. For this reason an architecture following the blueprint of Medical Data GRIDs seem to be most appropriate. Data GRIDs are usually defined in the following way: Data Grid is an emerging technological paradigm for the seamless access, via virtualized middleware, to heterogeneous and distributed ensembles of data storage resources [4]. A commonly agreed on definition, which takes into account the very specific context in which medical data is treated, is not known to us. Legal and organizational requirements in the medical domain vary vastly for every country. Data handled by a shared electronic health record are specific to a medical domain such as laboratory results or radiological images. Analysis and procession is closely bound to the originating medical domain. These specific requirements demand for adaptation of the data GRID architecture definition. For this paper we propose to extend the original definition as follows: Medical Data GRID is an emerging technological paradigm for the seamless access to medical data for a patient centric shared electronic health record with special focus on legal and organizational requisitions of the environment they are operated in, via virtualized middleware, to heterogeneous and distributed ensembles of data storage resources. 2. Methods In an initial step functional requirements for a SEHR have been analyzed [5]. According to these requirements the implementation of the architecture was designed. We apply the SECTET approach [6] to model the functional requirements along with the security requirements of the transinstitutional workflows in a SEHR. The backbone of the SECTET methodology are UML models [7] that specify the workflows between the participating partners. A starting point is the document model that defines the basic objects that are managed and exchanged by the system. In parallel a role model is developed that reflects the permissions and capabilities of the users of the system. These models guide through the elicitation of security requirements 2.1.The Austrian E-Health Initiative In 2005 the E-Health Initiative (EHI) of the Austrian Federal Ministry for Health and Woman compiled a strategy to organize the development of the health system towards an integrated patient-centered care on a long-term basis [8]. Hereby a major role is played by the electronic health record (EHR; ELGA as an acronym for Elektronische Gesundheitsakte is the German buzzword) which is a summary of health-related data of an individual, acquired continually from either outpatient or inpatient treatment, and which is filed digitally. This electronic health record should store all these data all one s life independent of place or time, and should present them demand-oriented to all the persons involved in the medical treatment, including the patient himself.

2.2.The IHE XDS approach IHE is an initiative by healthcare professionals, institutions and industry to improve the way computer systems in healthcare share information. IHE promotes the coordinated use of established standards such as DICOM and HL7 to address specific clinical needs in support of optimal patient care. Systems developed in accordance with IHE integration profiles have improved communicate capabilities, are easier to implement, and enable care providers to use information more effectively [9]. The IHE cross enterprise document sharing integration profile (XDS) provides an architectural approach for document sharing in heterogeneous health care environments [10]. The reference architecture proposed by XDS specification is described in Figure 1 (A). At the Document Source medical documents are produced, which are then stored at the document Repository and made available to the end user (Document Consumer). The document Registry is for indexing and search functions, the Patient Id source provides for unique patient identification. 3. Infrastructure and Network Architecture The proposals from the Austrian ELGA and e-health initiative are the foundation for the implementation of the health@net [11] core architecture. Currently our group is implementing an open source prototype architecture based on the IHE XDS specification. To meet legal and organizational requirements specific for Austria, certain services are to be implemented to adapt the architecture according to the needs. In the following an overview of the most important services of the health@net prototype implementation shown in Figure 1 (B) is outlined. To ensure greatest possible flexibility and scalability, a distributed approach following the above introduced paradigm of Medical Data GRIDs was chosen. Consistent use of web service technology allows the SEHR interfaces to be designed in a generic way, which simplifies implementation for joining institutions as far as possible. The core architecture consists of independent services responsible for storing documents and corresponding meta data, security features, unique patient identification and service discovery according to the IHE XDS specification. To guarantee a high level of security beyond the application security covered by role based access control, the entire communication is encrypted using the HTTPS Protocol, digital certificates provide mutual authentication of participating systems and each SOAP message exchanged is digitally singed using Web service security extensions [12]. Core functionality is provided by the three service groups: Document Repository, Document Registry and Patient Id Source. Medical documents remain stored at the organization where they have been produced in the Document Repository (DR) situated at this organization. Documents are usually provided by the Document Source in a proprietary format (eg. HL7 V2.3 messages, PDF documents, etc...). For this reason incoming documents are converted to the Clinical Document Architecture (CDA) format internally used. The Document Clearing service (DC) is responsible for document conversion and mapping of locally used patient identification to the internally used unique identification.

Figure 1: Health@net architecture based on the IHE-XDS reference architecture. In (A) the IHE-XDS reference Architecture is shown. in (B) specific adaptations for the health@net prototype architecture are described. The Document Registry service provides functionality for document search, perdocument access permissions, a link to the physical location at the Document Repository as well as a service discovery unit. Searches for documents are managed by the Document Meta Data Index (DMDI), which holds search relevant meta data as well as document based access permissions. This service checks each request for a document against the per-document access control lists and if permitted the request is signed. Only in case of a valid signature the Document Repository returns the requested document. The Global Index (GI) is responsible for finding DMDI services that hold document meta data for a specific patient identified by the unique patient ID. The Document Registry provides an Interface for Document Consumers called Access Nodes (AN), which generate queries to the architecture. They are defined as gateways to access the SEHR from external systems. The Patient Id Source service group provides for unique patient identification across institutional boundaries, independent form patient's nationality. The Austrian legal situation and the fact that a unique patient identification does not exist requires different services, partly provided by the Austrian government to be integrated in the architecture. The Patient Lookup Index (PLI) is used as interface for other services (mostly DC and AN) to obtain a unique patient identification based on demographic data. Each Austrian citizen is assigned a unique number by a governmental institution called Zentrales Melderegister (Central Citizen Registry, shown as ZMR in Figure 1 B). Due to data privacy considerations, this unique citizen Id is not publicly available and must not be recorded by any institution, but a domain specific one-way derivation can be obtained for various sectors of daily live, such as the health care sector. A second way is to take the social insurance number as unique patient identification. Social insurances (shown as HI: Health Insurer in Figure 1 B) provide a service to obtain the insurance number by demographic data such as first name, last name, date of birth, address. This insurance number is not globally unique it is comprised of a 4-digit sequential number plus the date of birth in 6 digit format and will be reused after a person is deceased. And can thus only be used as an auxiliary means of identification.

Consequently, a distributed Patient Lookup service (PL) is needed to obtain these identifiers transparently for the underlying architecture. Furthermore this service provides a Patient Id Source for patients without a ZMR identification, especially for non Austrian citizens. The Austrian federal law for health telematics[3] also requires a central e-health directory service (shown as EHI in Figure 1 B) to be established until July 2006. At the moment medical data exchange partly makes use of a privately maintained forerunner for this official registry, a central LDAP directory of Austrian physicians known as evga ( Elektronisches Verzeichnis der Gesundheitsdienstanbieter ). In the SEHR architecture this directory will be used for role- and context based access control. Currently two different approaches are being evaluated for services which allow the patient to give fine grained permissions to physicians and institutions which allows them to access specific parts of the record: 1. Distributed services, which manage and enforce access permissions assigned by the patient using roles defined by the e-health directory. 2. A permission management system based on digital certificates issued for each permitted operation. Due to the early stage of evaluation this service is not implemented in the first prototype. The privacy of patient related data is temporarily solved in a way that participating institutions are bound by contract to only access data relevant for the specific treatment case. A variety of work flows such as the adding, retrieval, version-save updates of documents and correction of misidentified patients are supported by the architecture. Their detailed description is beyond the scope of this paper. 4. Discussion and outlook The development of the network architecture follows an iterative approach which we have chosen to gradually adopt the architecture to evolving requirements of the major players. In this article the first prototype implementation is described, which of course lacks certain functionality and implements only simplified security requirements. To guarantee the highest level of data protection for patients, in the initial prototype phase physicians who test the architecture are conscientiously selected and will be bounded by contract to respect the patient's consent. The operators of the architecture commit themselves to prove the adherence to the contract by collecting random samples from logging. Austrian federal law for health telematics [3] requires a central e-health directory service to be implemented until July 2006. At the moment medical data exchange partly makes use of a central LDAP directory of Austrian physicians known as evga (Elekronisches Verzeichnis der Gesundheitsdienstabieter). In the SEHR architecture this directory will be used for role- and context based access control. Though the developed architecture follows the paradigm of Medical Data GRIDs, currently available GRID middleware such as the GLOBUS-Toolkit [13] is not used in this setup. The main reason is that requirements for Medical Data GRIDs as outlined above are currently not satisfactorily covered and only a subset of the provided GRID features would be used. Nevertheless, the evaluation of the GLOBUS-Toolkit version 4 revealed some use-

ful concepts. Since they mainly rely on open standards defined by the OASIS working group [14] those concepts have been integrated in the architecture. Our implementation of the architecture follows the IHE XDS specification as closely as possible, nevertheless the Austrian federal law demands for specific modifications of the architecture as described above for patient identification and usage of the central e-health register. Primarily for the issue of access rights to data, including the incorporation of patient consent, additional specification and design features had to introduced on top of the IHE profile. We expect to gain knowledge about the development of a shared electronic health record and how proprietary systems, particularly the clinical information system from the Innsbruck University Hospital can be integrated in this environment. Before the architecture can be used in productive environments technical and organizational issues have to be solved comprising extended security, financing and cooperation with other health care institutions. Acknowledgements This work has been funded through the HITT centre of excellence programme supported by the Austrian Ministry for Economy and Work (BMWA) and the Tyrolean Future Endowment Fund (TZS). References [1] Maglaveras N, Chouvarda I, Koutkias V, Meletiadis S, Haris K, Balas EA. Information technology can enhance quality in regional health delivery. Methods Inf Med 2002;41(5):393 400. [2] Haux R, Ammenwerth E, Herzog W, Knaup P. Health care in the information society. A prognosis for the year 2013. Int J Med Inform 2002;66(1-3):3 21. [3] Gesundheitsreformgesetz 2005 (in German), BGBl. I Nr. 179/2004, (Dec 30 2004). [4] Leoni L, Manca S, Giachetti A, Zanetti G. A Virtual Grid Architecture for Medical Data Using SRB. In: Inchingolo P, Pozzi-Mucelli R, editors. EuroPACS - MIR 2004 In The Enlarged Europe. vol. 1. E.U.T. Edizioni Universita di Trieste; 2004. p. 475 478. [5] Schabetsberger T, Ammenwerth E, Goebel G, Lechleitner G, Penz R, Vogl R, Wozak F. What are Functional Requirements of Future Shared Electronic Health Records? In: Engelbrecht R, Geissbuhler A, Lovis C, Mihalas G. European Notes in Medical Informatics (CD-Rom): Connecting Medical Informatics and Bio-Informatics; MIE2005; 2005 Aug 28-31; Geneve, Switzerland. Vol. I Nr. 1, 2005. ISSN 1861-3179. [6] Hafner M, Breu R, Breu M, Nowak A. Modelling Inter-organizational Workflow Security in a Peer-to- Peer Environment. In: R. Bilof (Ed.): Proceedings of the 2005 IEEE International Conference on Web Services. IEEE Conference Publishing Services; 2005. p. 533 540. [7] Unified Modelling Language [homepage in the Internet]. Needham, MA: Object ManagementGroup- UML; c1997-2006 [cited 2006 Jan 14]. Available from: http://www.uml.org/. [8] Austrian E-Health-Initiative Strategie und Technologien (in German) [homepage on the Internet]. Vienna; Arbeitsgemeinschaft für Datenverarbeitung (ADV); c2005 [cited 2005 Dec 18]. Available from: http://ehi.adv.at. [9] Integrating the Healthcare Enterprise [homepage in the Internet]. IHE.net; c2005 [cited 2005 Dec 19]. Available from: http://www.ihe.net. [10] IHE Radiology Technical Framework Supplement Cross-enterprise Document Sharing for Imaging (XDS-I) [homepage in the Internet]. IHE.net; c2005 [cited 2005 Dec 19]. Available from: http://www.ihe.net/technical_framework/upload/ihe_rad-tf_suppl_xdsi_ti_2005-08-15.pdf. [11] Schabetsberger T, Ammenwerth E, Andreatta S, Gratl G, Haux R, Lechleitner G, Schindelwig K, Stark C, Vogl R, Wilhelmy I, Wozak F. From a Paper-based Transmission of Discharge Summaries to Electronic Communication in Health Care Regions. IJMI. In press. [12] OASIS Web Services Security (WSS) TC [homepage in the Internet]. OASIS Open; c2005 [cited 2005 Dec 11]. Available from: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss. [13] Foster I, Kesselman C, Tuecke S. The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International J Supercomputer Applications 2001. [14] OASIS [homepage in the Internet]. OASIS Open; c2005 [cited 2005 Dec 11]. Available from: http://www.oasis-open.org/.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information