1. Low-Level Operations (LLO)
Data Management Interfaces (DMI)
Medical Record
System
Medical Record
System
Medical Record
System
Medical Record
System
Goals and Approach
CHINO Process Definition and Execution
Medical Record Sharing
Jovan Stevovic, Fabio Casati, Bilal Farraj
Dep. of Information Engineering and Computer Science
University of Trento, Italy
icons by http://dryicons.com
EHR
Electronic Health
Record System
The CHINO Business Process and Policy Execution
Framework
Healthcare services = joint work of many
organizations
Develop a system to easily share medical records while satisfying security,
privacy and business requirements
Compliance-Aware Cross-Organization
Medical Record Sharing
Record
Store
Data Filtering
PEP
Metadata
Registry
Business Rules
Manager
Access Rights
PEP
Shared Process Execution Environment
The main modeler components are:
A: List of all processes
B: The Modeling framework
C: List of the Custom CHINO elements
D: Configuration of the custom elements
DMI and LLO implemented using
SOA and EDA architectural patterns
Some of the used tools: Activiti BPM
open source engine, Mule ESB,
MySQL, ebXML Registry
Security policies
¡ Access control
¡ Encryption strategy
¡ Data storage location
Requirements and Case Study
Jun Li, Hamid R. Motahari-Nezhad
Hewlett-Packard Laboratories
Palo Alto, California, USA
Giampaolo Armellin
CRG - Centro Ricerche GPI
Trento, Italy
1. Identification of Business
Requirements
2. Identification of Compliance
Requirements
3. Definition of Compliance-Aware Data
Management Scenarios
4. Definition of Executable Processes and
Policies
5. Deployment and Execution inside Runtime
Environment
Chief
Information
Officer
Business
Analyst
Business
Analyst and
Developer
Developer
Chief
Compliance
Officer
Patient
Doctor
Specialist
0: specifies/accepts sharing
policies1: problem
description
2: consultation
request
4: request records
3: consultation request
7: Records / request
denied
6: retrieve record from
external store
5: check policies
Doctor-consultation scenario in Italy
EHR
Electronic Health
Record System
Patient
Doctor
Specialist
6: approve/ deny
1: problem
description
2: consultation
request
4: request records
3: consultation request
7: Records / request
denied
Doctor-consultation scenario in UK
5: request approval
Privacy policies
¡ Data owners
¡ Policy enforcement points
¡ Purposes of use of data
Business specific requirements
¡ EHR standards
¡ Organizations’ requirements
The CHINO Methodology
• Interactions
• Business req.
Descriptions of
services
• Security req.
• Privacy req.
Compliance
requirements
High-level representation describing the
interactions annotated with privacy, security
and compliance req.
input output input output
output
Executable compliance-aware business
processes and rules.
output
Compliance-aware medical record sharing
output
It is challenging due to security, privacy and
business requirements
The Process Modeling and Policy Definition
Framework
Enable organizations to define their own data management processes and
policies that manage their data and share them with others
pushRecord getRecordgrantRightspushMetadata
The CHINO framework elements:
¡ Two categories of data:
• Records: detailed and privacy sensitive
information
• Metadata: describes Records
¡ Rules:
• Access Right Rules: defines access control
over Metadata and Records
• Privacy Filtering Rules: fine-grained data
filtering mechanism for XML or HL7 data
¡ Data Management Interfaces (DMI):
• pushRecord, getRecord, grantRights to
manage Records and Metadata
¡ Modeling Elements:
• BPMN 2.0 elements: supported by the Activiti
engine.
• Custom CHINO BPMN elements: to facilitate
access to LLO and interaction with external
organizations trough DMI.
¡ Low Level Operations (LLO):
• pushRecord, getRecord, grantRights to access
to internal components
OpenMRS + CHINO integration
1. Doctor-consultation module for OpenMRS
2. Integrated with CHINO
3. 2 sets of processes to demonstrate cross-
regulation record sharing.
ValidationValidation
SpecialistDoctor
The custom CHINO tasks are
mapped on Low-Level Operations
over data and policies
Record requests trigger record
owners’ processes and policies
From requirements collection to process and policy execution
demo
Ongoing study with 2 Groups
1. Developers and Business Analysts to
understand if it is feasible to model
requirements with CHINO.
- preliminary results are positive
2. Privacy Experts: to understand if CHINO
process visibility can improve trust
ValidationUser Study
our approach…Data sharing is essential but...