An open source software tool for creating and managing patient consents electronically in IHE XDS.b environments

Similar documents
GP Connector (GPC) O. Heinze 1, H. Schmuhl 1, B. Bergh 1

Imaging and radiological information in Cross-institutional networks: Standards and concepts, implementation experiences

Experiences with Personal Electronic Health Records in the Rhine-Neckar-

Entitlements Access Management for Software Developers

develop privacy policies, and implement them with role-based or other access control mechanisms supported by EHR systems.

SINTERO SERVER. Simplifying interoperability for distributed collaborative health care

Privacy Issues in the Austrian EHR Project ELGA

Electronic Health Network - Case Study Consent2Share Share with Confidence

goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services

NATIONAL EHEALTH ARCHITECTURE - FROM STRATEGY TO PRACTICE. Ministry of Social Affairs and Health, Finland

IBM Interoperable Healthcare Information Infrastructure (IHII) Overview. China October 2006 IBM

SCHIEx: The South Carolina Health Information Exchange Update

EHR Interoperability Framework Overview

XDS-I - CROSS-ENTERPRISE DOCUMENT SHARING FOR IMAGING

Interoperability testing in Finland. Konstantin Hyppönen Summit on Interoperability (DK)

Clinical Document Exchange Integration Guide - Outbound

IHE IT Infrastructure Technical Committee White Paper. Template for XDS Affinity Domain Deployment Planning

Illinois Health Information Exchange Client Readiness Technical Assessment Checklist

ehealth Infrastructure and Medical Data Exchange Agenda

GE Healthcare. ehealth: Solutions to Transform Care Delivery

Electronic Health Records and XDS the IHE approach

INTEGRATING THE ESANTÉ DSP INTO GECAMED

South Carolina Health Information Exchange (SCHIEx)

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution

Overview of an Enterprise HIE at Virtua Health

Building Regional and National Health Information Systems. Mike LaRocca

National Integrated Services Framework The Foundation for Future e-health Connectivity. Peter Connolly HSE May 2013

IHE IT Infrastructure Technical Framework Supplement. Secure Retrieve (SeR) Trial Implementation

Consent2Share Software Architecture

XACML and Access Management. A Business Case for Fine-Grained Authorization and Centralized Policy Management

National Kanta Services. Kela, Kanta Services Unit, Marina Lindgren & Marko Jalonen

IHE IT Infrastructure Technical Framework Supplement

HIMSS Interoperability Showcase 2011

IHE IT Infrastructure Technical Framework White Paper Cross-Enterprise User Authentication (XUA) For Public Comment

Clinical Exchange Platform for procurement through the G-Cloud

HIMSS Interoperability Showcase 2011

New York ehealth Collaborative. Health Information Exchange and Interoperability April 2012

A Framework for Testing Distributed Healthcare Applications

HIE Services & Pricing

IHE s Contribution to Telecardiology. Nick Gawrit, heartbase Antje Schroeder, Siemens Healthcare Paul Dow, ACC Charles Parisot, GE

IHE IT Infrastructure Technical Framework Supplement. Document Encryption (DEN) Trial Implementation

IHE in Veneto Region Elena Vio ArsenàIT Veneto's Research Centre for ehealth Innovation Arsenàl.IT Tutti i diritti riservati 1

U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)

Identity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics

HIE Services & Pricing

The National Finnish Patient Record Archive & EMC Documentum-DMX-Centera solution Yves Mahieu EMEA Director Healthcare

Overview of ehr Development. Slide - 1

ConnectVirginia EXCHANGE Onboarding and Certification Guide. Version 1.4

Integrating the Healthcare Enterprise (IHE) Integration Statement

There has to be more: iconnect Blends XDS and Image Exchange. A Merge White Paper

IHE Australia Workshops July Prepared by: Heather Grain Chair: Standards Australia IT14 Health Informatics and Ehealth Education

IHE cross-enterprise document sharing for imaging: interoperability testing software

ehealth in Austria -- National Strategy and Regional Approches Dr. Thomas Schabetsberger Masterclass, 23-Jul-2007 UMIT, Hall in Tyrol

Health IT Interoperability: HITSP Overview, Update and Discussion

HYBRID ELECTRONIC HEALTH RECORDS

IMAGE SHARING. Review and Update - A Fond Farewell to CDs 2012

EHR STRATEGY FINLAND. Kari Harno Helsinki University Central Hospital

ehealth EHR Viewer & Integration Joint Service/Access Policy Executive Summary for Authorized Provider Organizations ("APOs")

CONNECTing to the Nationwide Health Information Network (NHIN): The Road Ahead

President and Director OeHF. Implementing IHE Actors using the Open ehealth Integration Platform (IPF)

Interoperability for Mobile applications: New IHE profiles

IHE IT Infrastructure. XDS Patient Identity Management White Paper

Finland: country update. IHE Symposium 2016 in Bochum Konstantin Hyppönen, Kanta services, Kela, Finland

Interoperability. Reference Architecture

DELIVERABLE. ANTILOPE - Adoption and take up of standards and profiles for ehealth Interoperability" D3.2: Request for proposal. Version: 1.

EHR Standards Landscape

Healthcare Provider Directories. Eric Heflin, CTO/CIO Healtheway & CTO HIETexas

ehealth Interoperability State of the Art in Serbia

Healthcare Information Technology Infrastructures in Turkey

Vendor Neutral Archiving as an Enabler for ehealth.

Overview of global ehealth initiatives

Electronic Health Record. Standards, Coding Systems, Frameworks, and Infrastructures

Identity Management: Securing Information in the HIPAA Environment

Charting the Future of Healthcare Interoperability. Presenters. Michael Stearns, MD, CPC, CFCP

Identity Management for Interoperable Health Information Exchanges

White Paper The Identity & Access Management (R)evolution

Health Information and Quality Authority. To drive continuous improvements in the quality and safety of health and social care in Ireland

Transcription:

An open source software tool for creating and managing patient consents electronically in IHE XDS.b environments 20th of April 2012 O. Heinze 1, M. Birkle 1, H. Schmuhl 1, B. Bergh 1 1 Department of Information Technology and Medical Engineering University Hospital Heidelberg, Germany

Overview 1. Background / Motivation 2. Objectives 3. Methods 4. Results 5. Discussion

Background / Motivation

Classic Health Record architecture Personal Health Record (PHR) Patient / Citizen Electronic Health Record (EHR) Hospitals GPs Pharmacies Homecare Devices

Personal Electronic Health Record (PEHR) in the Metropolitan Region Rhine-Neckar Patient / Citizen Personal Electronic Health Record (PEHR) 1. Fully controlled by the patient 2. Based on IHE Profiles 3. Open Source for connectivity Hospitals GPs Pharmacies Homecare Devices

Metropolitan Region Rhine-Neckar (MRN) 3 states (Baden-Wuerttemberg, Hessen, Rhineland-Palatinate) area of 5637 km² with 2.4 million inhabitants seventh largest economy in Germany more Information: www.m-r-n.com

Integrating the Healthcare Enterprise (IHE) Initative Initiative by healthcare professionals and industry to improve electronic data exchange and interoperability in health care using standards (e.g. HL7, DICOM, ) Definition of Integration Profiles which describes Actors and Transactions Actor 1 Transaction e.g. ITI-08: HL7 Version 2.3.1 ADT A01 i.e. XDS-I: Cross-enterprise Document Sharing for Imaging Integration Profile 5 Actors (e.g. Image Document Source and Consumer) 2 Transactions (e.g. Provide and register Image Document Set) Actor 2

PEHR architecture overview Data Warehouse Primary Systems PEHR Personal Electronic Health Record Central Registrys XDS compliant software OSEP Proxy not XDS compliant software OSEP Open Service Platform Document Registry (XDS) Document Repository (XDS) Patient Registry (PIX, PDQ) Provider and Organization Registry (PORS) Audit Repository (ATNA) Central Repositorys Medication Services Forms Service Professional Portal (InPROV) Care and Disease Mangement (CDM) Patient Portal Central Applications optional interface anonymized Private EHRs

Objectives To develop a concept and a prototype for the PEHR consent management which Strengthens patients rights patient empowerment Taking the main legal requirement in Germany into account: opt-in approach informed consent high transparency fine grained access rights

Methods

Methods Based on Literature review Analysis of IHE Basic Patient Privacy (BPPC) Profile Analysis of OASIS XACML the functionalities and components to meet the requirements of a centralized opt-in consent management solution compliant with German legislation have been analysed Two JAVA based services have been developed and integrated into the Heidelberg PEHR.

Results

IHE Basic Patient Privacy Consent (BPPC) Profile very basic profile to manage patient privacy in XDS environments three problems of BPPC have been identified: usage of OIDs in the field confidentiality code return of all privacy policies to the decentralized policy decision points no workflow described how to manage consent documents

extensible Access Control Markup Language (XACML) Powerful standard to build structured access control policies based on XML Syntax Definition of PAP - Policy Administration Point which manages policies PDP - Policy Decision Point which evaluates and issues authorization decisions PEP - Policy Enforcement Point which intercepts user's access request to a resource and enforces PDP's decision. PIP - Policy Information Point which can provide external information to a PDP (e.g. LDAP attribute information)

PEHR architecture with consent management Data Warehouse Primary Systems PEHR Personal Electronic Health Record XDS compliant software OSEP Proxy not XDS compliant software PEP OSEP Open Service Platform Document Registry (XDS) Document Repository (XDS) Central Registrys Patient Registry (PIX, PDQ) Provider and Organization Registry (PORS) PEP PAP PDP Audit Repository (ATNA) Central Repositorys PIP Medication Services Forms Service Professional Portal (InPROV) Care and Disease Mangement (CDM) Patient Portal Central Applications optional interface anonymized Private EHRs

Consent Management Suite (COMS) Consists out of two different services Consent Management Service (CMS) store, process and enforce consent documents Consent Creator Service (CCS) create, alter and manage consent documents Definition of a CDA based consent document PAP PDP

Consent Management Service (CMS)

Consent Creator Service (CCS)

Workflows supported with COMS create consent document (left top) provide document (left bottom) retrieve document (right top)

Discussion

Discussion Our approach solves the consent issue when using IHE profiles for the PEHR. It is highly interoperable due to the use of international standards and can hence be used in any other setting to leverage consent issues and substantially promote the use of IHE for regional health information networks in general. COMS is open source software released at the Open ehealth Foundation (OeHF)

Thank you! University Hospital Heidelberg Department of Information Technology and Medical Engineering (ZIM) Speyerer Str. 4 69115 Heidelberg Germany Oliver Heinze Mail oliver.heinze@med.uni-heidelberg.de Fon +49 6221 56 37571 Markus Birkle Mail markus.birkle@med.uni-heidelberg.de Fon +49 6221 56 36603

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information