Medical Record Sharing Framework
•
1 like•270 views
Poster presented at the Integrated Management (IM) conference in 2013
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (10)
Similar to Medical Record Sharing Framework
Similar to Medical Record Sharing Framework (20)
Medical Record Sharing Framework
- 1. Low-Level Operations (LLO) Data Management Interfaces (DMI) Medical Record System Medical Record System Medical Record System Medical Record System Goals and Approach CHINO Process Definition and Execution Medical Record Sharing Jovan Stevovic, Fabio Casati, Bilal Farraj Dep. of Information Engineering and Computer Science University of Trento, Italy icons by http://dryicons.com EHR Electronic Health Record System The CHINO Business Process and Policy Execution Framework Healthcare services = joint work of many organizations Develop a system to easily share medical records while satisfying security, privacy and business requirements Compliance-Aware Cross-Organization Medical Record Sharing Record Store Data Filtering PEP Metadata Registry Business Rules Manager Access Rights PEP Shared Process Execution Environment The main modeler components are: A: List of all processes B: The Modeling framework C: List of the Custom CHINO elements D: Configuration of the custom elements DMI and LLO implemented using SOA and EDA architectural patterns Some of the used tools: Activiti BPM open source engine, Mule ESB, MySQL, ebXML Registry Security policies ¡ Access control ¡ Encryption strategy ¡ Data storage location Requirements and Case Study Jun Li, Hamid R. Motahari-Nezhad Hewlett-Packard Laboratories Palo Alto, California, USA Giampaolo Armellin CRG - Centro Ricerche GPI Trento, Italy 1. Identification of Business Requirements 2. Identification of Compliance Requirements 3. Definition of Compliance-Aware Data Management Scenarios 4. Definition of Executable Processes and Policies 5. Deployment and Execution inside Runtime Environment Chief Information Officer Business Analyst Business Analyst and Developer Developer Chief Compliance Officer Patient Doctor Specialist 0: specifies/accepts sharing policies1: problem description 2: consultation request 4: request records 3: consultation request 7: Records / request denied 6: retrieve record from external store 5: check policies Doctor-consultation scenario in Italy EHR Electronic Health Record System Patient Doctor Specialist 6: approve/ deny 1: problem description 2: consultation request 4: request records 3: consultation request 7: Records / request denied Doctor-consultation scenario in UK 5: request approval Privacy policies ¡ Data owners ¡ Policy enforcement points ¡ Purposes of use of data Business specific requirements ¡ EHR standards ¡ Organizations’ requirements The CHINO Methodology • Interactions • Business req. Descriptions of services • Security req. • Privacy req. Compliance requirements High-level representation describing the interactions annotated with privacy, security and compliance req. input output input output output Executable compliance-aware business processes and rules. output Compliance-aware medical record sharing output It is challenging due to security, privacy and business requirements The Process Modeling and Policy Definition Framework Enable organizations to define their own data management processes and policies that manage their data and share them with others pushRecord getRecordgrantRightspushMetadata The CHINO framework elements: ¡ Two categories of data: • Records: detailed and privacy sensitive information • Metadata: describes Records ¡ Rules: • Access Right Rules: defines access control over Metadata and Records • Privacy Filtering Rules: fine-grained data filtering mechanism for XML or HL7 data ¡ Data Management Interfaces (DMI): • pushRecord, getRecord, grantRights to manage Records and Metadata ¡ Modeling Elements: • BPMN 2.0 elements: supported by the Activiti engine. • Custom CHINO BPMN elements: to facilitate access to LLO and interaction with external organizations trough DMI. ¡ Low Level Operations (LLO): • pushRecord, getRecord, grantRights to access to internal components OpenMRS + CHINO integration 1. Doctor-consultation module for OpenMRS 2. Integrated with CHINO 3. 2 sets of processes to demonstrate cross- regulation record sharing. ValidationValidation SpecialistDoctor The custom CHINO tasks are mapped on Low-Level Operations over data and policies Record requests trigger record owners’ processes and policies From requirements collection to process and policy execution demo Ongoing study with 2 Groups 1. Developers and Business Analysts to understand if it is feasible to model requirements with CHINO. - preliminary results are positive 2. Privacy Experts: to understand if CHINO process visibility can improve trust ValidationUser Study our approach…Data sharing is essential but...