Operational Aspects (Encryption and Data Storage) in E-Prescription

Master of Science in Biomedical Engineering Exam Presentation Medical Informatics Operational Aspects (Encryption and Data Storage) in E-Prescription Thomas Gijs Roel Rynders 12/05/2014

Overview Introduction Data storage Encryption Recip-e Summary

Introduction Definition: Electronic prescribing, or e-prescribing is the computer-based electronic generation and transmission of a prescription, taking the place of paper and faxed prescriptions.

Introduction Medical doctor prescribes drugs Information about prescription is stored on a server Pharmacist can retrieve prescription and delivers the drug

Example from Estonia Estonian digital prescription system - how does it work? online video, accessed 5 May 2014, <https://www.youtube.com/watch?v=m9rtzm2kj78>

Introduction E-Prescribing and Medication Management webinar, Agency for Healthcare and Research Quality (AHRQ), March 31, 2009

Introduction Goal: Reduce medical errors and deaths Reduce the financial costs Eliminate prescription fraud

Data storage in E-Prescription Web service according W3C a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction with other Webrelated standards Php-based in browser

Data storage in E-Prescription XML-tags Submitter s Name Submitter ID Patients Name National Provider Identifier Tax Identification Number Drug Identification Number

Example <Prescription> <Patient> <Patient_name>John Taylor </Patient name> <Identification> 5765766677</Identification> <Medicine> <Medicine_name>Panadol</Medicine> <Disease>fewer</Disease> <Quantity>30</Quantity> <Dose>One tablet three times a day</dose> </Medicine> </Patient> </Prescription>

Data storage in E-Prescription Validation KMEHR Database from BCFI or RxNorm Independent of program that is used

Data storage in E-Prescription CDSS (clinical decision support system) Drug drug interactions can be noticed Same drugs from different manufacturers Data used in research

Data storage in E-Prescription Easy accessibility is needed Doctor not always in cabinet Ambulatory: PDA or laptop that can read e-id Possible with current 3G/4G coverage

Encryption in E-Prescription Confidential information use encryption to guarantee privacy 2 types of encryption: Symmetric Asymmetric Sending encrypted messages over network: typically symmetric + assymetric

Encryption in E-Prescription Symmetric Asymmetric

Encryption in E-Prescription Important considerations: Who should get decryption keys? (e.g. patient, pharmacist(s), prescriber, ) When encryption? (e.g. while electronic transfer, during intermediate storage, from creation untill reading by pharmacist) Who controls data privacy in an electronic transfer of prescriptions (ETP) system?

Encryption in E-Prescription Asymmetric key pair to all ETP professionals, directly encrypt for dispenser Key pairs to groups of ETP professionals, directly encrypt for group Asymmetric key pair to all ETP professionals, but only encryption when transfer to and from secure central storage Asymmetric key pairs to all patients, encrypt for the patient Symmetric key to patient, prescription in secure central storage

Encryption in E-Prescription Who controls data privacy in an electronic transfer of prescriptions (ETP) system? Patient control Patient controls own data privacy + flexibility (choice of pharmacy) e.g. Smartcard Barcode

Encryption in E-Prescription Who controls data privacy in an electronic transfer of prescriptions (ETP) system? Healthcare professional control e.g. Direct transfer encrypted data from prescriber to pharmacy/pharmacist(s) BUT: loss of flexibility

Encryption in E-Prescription Who controls data privacy in an electronic transfer of prescriptions (ETP) system? Sender Storage device administrator control e.g. Encryption Central Storage Device Decryption Encryption Decryption Receiver Can only be decrypted by key known by central storage device Sender Encryption Decryption Central Storage Device Encryption Decryption Receiver

Encryption in E-Prescription Example of an ETP system: Salford Model (UK) Security issues in the electronic transmission of prescriptions, D.P. Mundy and D. W. Chadwick, Med Inform Internet Med. 2003 Dec;28(4):253-77.

E-prescribing in Belgium: Recip-e

Data storage E-prescribing in Belgium: Temporary storage of prescription on recip-e server Decryption keys stored on ehealth platform Prescription format = XML KMEHR message Prescription software responsible for validation XSD validation Additional validation Recip-e

E-prescribing in Belgium: Additional validation Recip-e

Encryption E-prescribing in Belgium: End-to-end secured Recip-e Encryption before transmission and stored in encrypted form Symmetric encryption of prescription ( nonaddressed message ) Key linked to message NOT to actor (via ehealth) PKI infrastructure (via ehealth) for transport

Encryption E-prescribing in Belgium: Addressed encryption: public key of recipient received from ehealth service For transport Recip-e For storage (feedbacks/notifications) Non-addressed encryption: symmetric key provided by ehealth For storage (prescription)

Summary Electronic prescriptions are a secure way to create and transmit prescriptions Data stored in XML (validation possible) Communication through web services Encryption to ensure privacy During storage During transmission

Questions?