Background: Electronic Health Record Systems (EHRS) and Personal Health Record Systems (PHRS) are core components of infrastructure needed to run any health system. Objectives: As health systems undergo paradigm changes, EHRS and PHRS have to advance as well to meet the related interoperability challenges. Methods: The paper discusses EHR types, implementations and standards, starting with different requirements specifications, systems and systems architectures, standards and solutions. Results: Existing standards and specifications are compared with changing requirements, presenting weaknesses and defining the advancement of EHRS, architectures and related services, embedded in advanced infrastructure systems. Conclusion: Future EHR systems are components in a layered architecture with open interfaces. The need of verifying data models at business domains level is specifically highlighted. Such approach is enabled by the ISO Interoperability Reference Architecture of a systemoriented, architecture-centric, ontology-based, policy- driven approach, meeting good modeling best practices.
Introduction: Progressive health paradigms, involving many different disciplines and combining multiple policy domains, requires advanced interoperability solutions. This results in special challenges for modeling health systems. Methods: The paper discusses classification systems for data models and enterprise business architectures and compares them with the ISO Reference Architecture. Results and Conclusions: Existing definitions, specifications and standards for data models enabling interoperability are analyzed, and their limitations are evaluated. Amendments to correctly use those models and to better meet the aforementioned challenges are offered.
Background: Recently, the Austrian Patient Summary (APS) and Austrian Microbiology Report (AMR) document definitions were added to the Austrian national electronic health record repository. How to employ these standardized, structured patient data in clinical decision support (CDS) systems remains an interesting research subject. Objectives: To create a proof of concept for the emergency use of APS and AMR documents in a variety of CDS platforms and standards in an intensive care setting, in order to generate new insights by linking individual documents to different CDS approaches. Methods: APS and AMR definitions were stored using MongoDB, a document-oriented database system. For implementation of the clinical use case CDS, we selected the Drools business rule management system, as well as the ArdenSuite software for implementing the HL7 Arden Syntax for Medical Logic Systems standard. Results: Due to its manifold features, implementation of the CDS use case in Drools could be done quite efficiently without the need for additional coding of technical or algorithmic code, which results in smaller rules. In contrast, the use case implementations in Arden Syntax using the ArdenSuite required additional technical coding, distracting from the medical knowledge implementation. The Arden Syntax as a knowledge definition standard is, however, better understandable due to its resemblance to natural language compared to the Java-like definition language used in Drools. Conclusion: With the nation-wide availability of structured documents, the foundation for the implementation of clinical decision support systems has been laid. Commonly used open-source platforms offer extensive possibilities for the implementation of CDS systems. This evaluation of modern business rule management systems will advance the implementation of powerful clinical decision support solutions valuable to all stakeholders.
Background: We present our current approaches to improving personal data protection in (i) large (regional/ national/international) scale health information exchanges (HIEs) and (ii) UK NHS IG toolkit and ISO 27001-compliant trustworthy research environments (TREs) for discovery science communities. In particular we examine impacts of the General Data Protection Regulation (GDPR) on these technology designs and developments and the responses we have made to control complexity. Methods: The paper discusses multiple requirements to implement the key GDPR principles of “data protection by design” and “data protection by default”, each requiring new capabilities to embed multiple security tests and data protection tools in common deployable infrastructures. Methods are presented for consistent implementation of diverse data processing use cases. Results: We describe how modular compositions of GDPRcompliant data processing software have been used to implement use case(s) and deliver information governance (IG) requirements transparently. Security surveillance analysis is embedded throughout the application lifecycle, namely at design, implementation and operation (runtime) phases. A solution is described to the challenge of integrating coherent research (analytic) environments for authorized researchers to access data and analytic tools without compromising security or privacy. Conclusion: We recognise the need for wider implementation of rigorous interoperability standards concerning privacy and security management. Standards can be disseminated within low-cost commodity infrastructures that are shared across consortium partners. Comprehensive model-based approaches to information management will be fundamental to guaranteeing security and privacy in challenging areas such as ethical use of artificial intelligence in medicine. The target architecture is still in evolution but needs a number of communitycollaborative API developments to couple advanced specifications fulfilling all IG requirements.
Objectives: Aiming to strengthen EU citizens' fundamental privacy rights in the digital age the new European General Data Protection Regulation shall apply from May 25th 2018. It will require companies processing personal data to implement a set of organizational and technical controls for ensuring proper handling of these data. Obviously this applies for companies providing eHealth services. As HL7 offers a lot of material to support security and privacy for handling personal healthcare data, this paper aims at showing which HL7 standards and components can be used to support the implementation of GDPR related controls. Methods: The paper shows some key facts of the European GDPR as well as analyzes HL7 standards and components in the security and privacy domain to provide a basic mapping. Results: As a result the paper provides a table mapping HL7 artifacts to GDPR requirements. Conclusion: The paper shows, that consequently using HL7 security and privacy standards and components e fficiently helps to implement GDPR requirements.
Objectives: Health systems are on the move to increasing complexity, distribution, autonomy, number of domains or disciplines involved, thereby requesting evolution of interoperability to support required communication and cooperation among those systems for meeting intended business objectives. Methods: Information cycle model with its phases and phase transitions as well as systems theory are used to describe structure and processes of healthcare business cases and the interoperability levels for enabling the communication and cooperation between the principals involved. Results: When focusing on interoperability between health information systems acting as principals in an ICT business case, different levels of contribution to the common business case, i.e. phases to the completion of the information cycle, provided by the principals can be distinguished. While the first two levels, sharing data related to the business case, and sharing information derived from those data to define the required business process actions, deal with the communication challenge of interoperability, just the third level of providing the required action according to the business case concerns its operational part. Such service delivery requires appropriate system architecture for meeting the service functional cooperation challenge. When extending the consideration beyond ICT systems towards real world business systems, the architecture of non-ICT systems regarding their structure and behavior must be represented to be shared as required in the business case as well. This system extension requires domain knowledge based interoperability for covering the domain-specific concepts and relations including the constraints to be applied. When not just considering the domain-specific context, but also the context of the individual user, personalized business systems are managed. Conclusions: Advanced healthcare systems require not just communication standards for enabling interoperability, but also multi-domain, ontology-driven interoperability standards based on a generic reference architecture, that is also shortly presented in this paper.
While much has been written about the clinical document architecture and the challenges on semantic interoperability, the modelling of content and the implementation, little attention has been paid to the representation of the medical payload in CDA documents and its implications on usability and accessibility. The authors compare different methods to display CDA documents in a cross enterprise environment on the example of the Austrian national patient health record system. Strategies and decisions as well as technological approach and security implications are presented. Finally, a combination of PDF/A-3 and attached CDA document is proposed as a best practice method for future implementations.
