Cloud architecture for electronic health record systems interoperability

BACKGROUND: Current Electronic Health Record (EHR) systems are built using different data representation and information models, which makes difficult achieving information exchange. OBJECTIVE: Our aim was to propose a scalable architecture that allows the integration of information from different EHR systems. METHODS: A cloud-based EHR interoperable architecture is proposed through the standardization and integration of patient electronic health records. The data is stored in a cloud repository with high availability features. Stakeholders can retrieve the patient EHR by requesting only to the integrated data repository. The OpenEHR two-level approach is applied according to the HL7-FHIR standards. We validated our architecture by comparing it with 5 different works (CHISTAR, ARIEN, DIRAYA, LLPHR and INEHRIS) using a set of selected axes and a scoring method. RESULTS: The problem was reduced to a single point of communication between each EHR system and the integrated data repository. By combining cloud computing paradigm with selected health informatics standards, we obtained a generic and scalable architecture that complies 100% with interoperability requisites according to the evaluation framework applied. CONCLUSIONS: The architecture allowed the integration of several EHR systems, adapting them with the use of standards and ensuring the availability thanks to cloud computing features.

Download Full-text

An HL7 FHIR and GraphQL approach for interoperability between heterogeneous Electronic Health Record systems

Health Informatics Journal ◽

10.1177/14604582211043920 ◽

2021 ◽

Vol 27 (3) ◽

pp. 146045822110439

Author(s):

Suresh Kumar Mukhiya ◽

Yngve Lamo

Keyword(s):

Electronic Health Record ◽

Information Exchange ◽

Secure Communication ◽

Health Information Exchange ◽

Heterogeneous Systems ◽

Data Representation ◽

Health Record ◽

Data Interoperability ◽

Hl7 Fhir ◽

Electronic Health

Heterogeneities in data representation and care processes create interoperability complexity among Electronic Health Record systems (EHRs). We can resolve such data and process level heterogeneities by following consistent healthcare standards like Clinical Document Architecture (CDA), OpenEHR, and HL7 FHIR. However, these standards also differ at the structural and implementation level, making interoperability more complex. Hence, there is a need to investigate mechanisms that can resolve data level heterogeneity to achieve semantic data interoperability between heterogeneous systems. As a solution to this, we offer an architecture that utilizes a resource server based on GraphQL and HL7 FHIR that establishes communication between two heterogeneous EHRs. This paper describes how the proposed architecture is implemented to achieve interoperability between two heterogeneous EHRs, HL7 FHIR and OpenMRS. The presented approach establishes secure communication between the EHRs and provides accurate mappings that enable timely health information exchange between EHRs.

Download Full-text

Identifying the Taiwanese Electronic Health Record Systems Evaluation Framework and Instrument by Implementing the Modified Delphi Method

Pervasive Health Knowledge Management ◽

10.1007/978-1-4614-4514-2_25 ◽

2012 ◽

pp. 351-371

Author(s):

Yung-Yu Su ◽

Khin Than Win ◽

Tieh-Chi Chung

Keyword(s):

Electronic Health Record ◽

Delphi Method ◽

Evaluation Framework ◽

Health Record ◽

Modified Delphi Method ◽

Modified Delphi ◽

Electronic Health

Download Full-text

Securing XML with Role-Based Access Control

Architectures and Protocols for Secure Information Technology Infrastructures - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-4514-1.ch013 ◽

2014 ◽

pp. 334-365 ◽

Cited By ~ 5

Author(s):

Alberto De la Rosa Algarín ◽

Steven A. Demurjian ◽

Timoteus B. Ziminski ◽

Yaira K. Rivera Sánchez ◽

Robert Kuykendall

Keyword(s):

Access Control ◽

Electronic Health Record ◽

Information Exchange ◽

Security Policies ◽

Health Record ◽

Role Based Access Control ◽

Future Trends ◽

Security Framework ◽

Electronic Health ◽

Role Based

Today’s applications are often constructed by bringing together functionality from multiple systems that utilize varied technologies (e.g. application programming interfaces, Web services, cloud computing, data mining) and alternative standards (e.g. XML, RDF, OWL, JSON, etc.) for communication. Most such applications achieve interoperability via the eXtensible Markup Language (XML), the de facto document standard for information exchange in domains such as library repositories, collaborative software development, health informatics, etc. The use of a common data format facilitates exchange and interoperability across heterogeneous systems, but challenges in the aspect of security arise (e.g. sharing policies, ownership, permissions, etc.). In such situations, one key security challenge is to integrate the local security (existing systems) into a global solution for the application being constructed and deployed. In this chapter, the authors present a Role-Based Access Control (RBAC) security framework for XML, which utilizes extensions to the Unified Modeling Language (UML) to generate eXtensible Access Control Markup Language (XACML) policies that target XML schemas and instances for any application, and provides both the separation and reconciliation of local and global security policies across systems. To demonstrate the framework, they provide a case study in health care, using the XML standards Health Level Seven’s (HL7) Clinical Document Architecture (CDA) and the Continuity of Care Record (CCR). These standards are utilized for the transportation of private and identifiable information between stakeholders (e.g. a hospital with an electronic health record, a clinic’s electronic health record, a pharmacy system, etc.), requiring not only a high level of security but also compliance to legal entities. For this reason, it is not only necessary to secure private information, but for its application to be flexible enough so that updating security policies that affect millions of documents does not incur a large monetary or computational cost; such privacy could similarly involve large banks and credit card companies that have similar information to protect to deter identity theft. The authors demonstrate the security framework with two in-house developed applications: a mobile medication management application and a medication reconciliation application. They also detail future trends that present even more challenges in providing security at global and local levels for platforms such as Microsoft HealthVault, Harvard SMART, Open mHealth, and open electronic health record systems. These platforms utilize XML, equivalent information exchange document standards (e.g., JSON), or semantically augmented structures (e.g., RDF and OWL). Even though the primary use of these platforms is in healthcare, they present a clear picture of how diverse the information exchange process can be. As a result, they represent challenges that are domain independent, thus becoming concrete examples of future trends and issues that require a robust approach towards security.

Download Full-text

Implementation of Electronic Health Record (EHR) System in the Healthcare Industry

E-Health and Telemedicine ◽

10.4018/978-1-4666-8756-1.ch051 ◽

2016 ◽

pp. 1001-1016

Author(s):

Robert P Schumaker ◽

Kavya P. Reganti

Keyword(s):

Electronic Health Record ◽

Information Exchange ◽

Health Information Exchange ◽

Health Management ◽

Healthcare Delivery ◽

Healthcare Services ◽

Health Record ◽

Healthcare Industry ◽

Efficient Delivery ◽

Electronic Health

The purpose of this research is to demonstrate the efficiency of the Electronic Health Record (EHR) software that is adopted in the healthcare industry to provide better patient care. The authors examine the impact of EHRs on the efficient delivery of healthcare services. More specifically, they detail the origin of EHR, its significance in modern healthcare delivery along with the selection and implementation criteria for EHR software. They present a survey on the extent of adoption of EHR by clinicians. They also highlight the challenges and barriers faced by organizations in adopting EHR software such as cost, workflow impact and data security. Finally, the authors contemplate the future of EHR, its role in the implementation of health information exchange and its implementation in the cloud. They conclude that the implementation of EHR in the cloud is an important step towards better health management across the population with the end-goal of better health outcomes.

Download Full-text

Design of Secure Protocol for Cloud-Assisted Electronic Health Record System Using Blockchain

Sensors ◽

10.3390/s20102913 ◽

2020 ◽

Vol 20 (10) ◽

pp. 2913 ◽

Cited By ~ 1

Author(s):

MyeongHyun Kim ◽

SungJin Yu ◽

JoonYoung Lee ◽

YoHan Park ◽

YoungHo Park

Keyword(s):

Cloud Computing ◽

Electronic Health Record ◽

Medical Service ◽

Mutual Authentication ◽

Internet Security ◽

Communication Overhead ◽

Health Record ◽

Blockchain Technology ◽

Secure Protocol ◽

Electronic Health

In the traditional electronic health record (EHR) management system, each medical service center manages their own health records, respectively, which are difficult to share on the different medical platforms. Recently, blockchain technology is one of the popular alternatives to enable medical service centers based on different platforms to share EHRs. However, it is hard to store whole EHR data in blockchain because of the size and the price of blockchain. To resolve this problem, cloud computing is considered as a promising solution. Cloud computing offers advantageous properties such as storage availability and scalability. Unfortunately, the EHR system with cloud computing can be vulnerable to various attacks because the sensitive data is sent over a public channel. We propose the secure protocol for cloud-assisted EHR system using blockchain. In the proposed scheme, blockchain technology is used to provide data integrity and access control using log transactions and the cloud server stores and manages the patient’s EHRs to provide secure storage resources. We use an elliptic curve cryptosystems (ECC) to provide secure health data sharing with cloud computing. We demonstrate that the proposed EHR system can prevent various attacks by using informal security analysis and automated validation of internet security protocols and applications (AVISPA) simulation. Furthermore, we prove that the proposed EHR system provides secure mutual authentication using BAN logic analysis. We then compare the computation overhead, communication overhead, and security properties with existing schemes. Consequently, the proposed EHR system is suitable for the practical healthcare system considering security and efficiency.

Download Full-text

Management of Laboratory Data and Information Exchange in the Electronic Health Record

Archives of Pathology & Laboratory Medicine ◽

10.5858/arpa.2013-0712-so ◽

2015 ◽

Vol 139 (3) ◽

pp. 319-327 ◽

Cited By ~ 21

Author(s):

Myra L. Wilkerson ◽

Walter H. Henricks ◽

William J. Castellani ◽

Mark S. Whitsitt ◽

John H. Sinard

Keyword(s):

Electronic Health Record ◽

Information Exchange ◽

Laboratory Data ◽

Health Record ◽

Electronic Health

Download Full-text

Search Functionality Within the Electronic Health Record and Health Information Exchange Databases

Proceedings of IMPRS ◽

10.18060/24610 ◽

2020 ◽

Vol 3 ◽

Author(s):

Brandon Gregory ◽

Jordan Hill ◽

Titus Schleyer

Keyword(s):

Electronic Health Record ◽

Health Information ◽

Patient Information ◽

Information Exchange ◽

Health Information Exchange ◽

Healthcare Delivery ◽

Healthcare Providers ◽

Health Record ◽

Search Function ◽

Electronic Health

Background and Hypothesis: In the US today, over 95% of healthcare institutions operate using the electronic health record (EHR). While proven to be a substantial improvement to medical practice, the substantial amount of retained information within those records has made searching the EHR for relevant material difficult and too time consuming. We hypothesize that by providing a search function within the EHR with added capability of collaborative filtration, physicians will be better able to retrieve important patient information and thus provide more efficient care. Project Methods: Emergency Department physicians of Sidney & Lois Eskenazi Hospital and Indiana University Health Hospital were recruited to partake in this study based on their use and familiarity of the EHR Cerner and/or Health Information Exchange (HIE) CareWeb Search function. Participants filled out a pre-interview, Likert-scale questionnaire to determine their general impressions of search functions and the frequency with which they were used. Additional insight was obtained during an interview focusing on participants’ previous experiences searching within the EHR/HIE. Participants were then shown a mock-up of potential collaborative filtering integration into CareWeb in order to collect opinions regarding the feature’s usability/practicality, display/format, and a number of suggested terms. Results: From the pilot study, current challenges that limit clinician search function use include limited time in clinician workflow, information overload, and inaccurate results. Clinicians are more likely to conduct searches when treating patients who have limited medical history, complex histories, known recent visitations, and/or who have been seen at other institutions. Participants demonstrated interest in a collaborative filtration search feature; they expressed a preference to have the feature recommend five related search terms. Potential Impact: The data from this study aims to refine the way healthcare providers search within the EHR/HIE. This will allow healthcare providers to more efficiently extract relevant patient information for improved healthcare delivery and proficient clinician workflow.

Download Full-text

Implementation of Electronic Health Record (EHR) System in the Healthcare Industry

International Journal of Privacy and Health Information Management ◽

10.4018/ijphim.2014070104 ◽

2014 ◽

Vol 2 (2) ◽

pp. 57-71 ◽

Cited By ~ 1

Author(s):

Robert P Schumaker ◽

Kavya P. Reganti

Keyword(s):

Electronic Health Record ◽

Information Exchange ◽

Health Information Exchange ◽

Health Management ◽

Healthcare Delivery ◽

Healthcare Services ◽

Health Record ◽

Healthcare Industry ◽

Electronic Health ◽

The Impact

Download Full-text

EEMI - An Electronic Health Record for Pediatricians

Data Analytics in Medicine ◽

10.4018/978-1-7998-1204-3.ch034 ◽

2020 ◽

pp. 614-628

Author(s):

Juan C. Lavariega ◽

Roberto Garza ◽

Lorena G Gómez ◽

Victor J. Lara-Diaz ◽

Manuel J. Silva-Cavazos

Keyword(s):

Electronic Health Records ◽

Electronic Health Record ◽

Data Sharing ◽

Medical Records ◽

Data Exchange ◽

Data Representation ◽

Health Record ◽

Health Records ◽

Health Area ◽

Electronic Health

The use of paper health records and handwritten prescriptions are prone to preset errors of misunderstanding instructions or interpretations that derive in affecting patients' health. Electronic Health Records (EHR) systems are useful tools that among other functions can assists physicians' tasks such as finding recommended medicines, their contraindications, and dosage for a given diagnosis, filling prescriptions and support data sharing with other systems. This paper presents EEMI, a Children EHR focused on assisting pediatricians in their daily office practice. EEMI functionality keeps the relationships among diagnosis, treatment, and medications. EEMI also calculates dosages and automatically creates prescriptions which can be personalized by the physician. The system also validates patient allergies. This paper also presents the current use of EHRs in Mexico, the Mexican Norm (NOM-024-SSA3-2010), standards for the development of electronic medical records and its relationships with other standards for data exchange and data representation in the health area.

Download Full-text

Securing XML with Role-Based Access Control

E-Health and Telemedicine ◽

10.4018/978-1-4666-8756-1.ch025 ◽

2016 ◽

pp. 487-522

Author(s):

Alberto De la Rosa Algarín ◽

Steven A. Demurjian ◽

Timoteus B. Ziminski ◽

Yaira K. Rivera Sánchez ◽

Robert Kuykendall

Keyword(s):

Access Control ◽

Electronic Health Record ◽

Information Exchange ◽

Security Policies ◽

Health Record ◽

Role Based Access Control ◽

Future Trends ◽

Security Framework ◽

Electronic Health ◽

Role Based

Today's applications are often constructed by bringing together functionality from multiple systems that utilize varied technologies (e.g. application programming interfaces, Web services, cloud computing, data mining) and alternative standards (e.g. XML, RDF, OWL, JSON, etc.) for communication. Most such applications achieve interoperability via the eXtensible Markup Language (XML), the de facto document standard for information exchange in domains such as library repositories, collaborative software development, health informatics, etc. The use of a common data format facilitates exchange and interoperability across heterogeneous systems, but challenges in the aspect of security arise (e.g. sharing policies, ownership, permissions, etc.). In such situations, one key security challenge is to integrate the local security (existing systems) into a global solution for the application being constructed and deployed. In this chapter, the authors present a Role-Based Access Control (RBAC) security framework for XML, which utilizes extensions to the Unified Modeling Language (UML) to generate eXtensible Access Control Markup Language (XACML) policies that target XML schemas and instances for any application, and provides both the separation and reconciliation of local and global security policies across systems. To demonstrate the framework, they provide a case study in health care, using the XML standards Health Level Seven's (HL7) Clinical Document Architecture (CDA) and the Continuity of Care Record (CCR). These standards are utilized for the transportation of private and identifiable information between stakeholders (e.g. a hospital with an electronic health record, a clinic's electronic health record, a pharmacy system, etc.), requiring not only a high level of security but also compliance to legal entities. For this reason, it is not only necessary to secure private information, but for its application to be flexible enough so that updating security policies that affect millions of documents does not incur a large monetary or computational cost; such privacy could similarly involve large banks and credit card companies that have similar information to protect to deter identity theft. The authors demonstrate the security framework with two in-house developed applications: a mobile medication management application and a medication reconciliation application. They also detail future trends that present even more challenges in providing security at global and local levels for platforms such as Microsoft HealthVault, Harvard SMART, Open mHealth, and open electronic health record systems. These platforms utilize XML, equivalent information exchange document standards (e.g., JSON), or semantically augmented structures (e.g., RDF and OWL). Even though the primary use of these platforms is in healthcare, they present a clear picture of how diverse the information exchange process can be. As a result, they represent challenges that are domain independent, thus becoming concrete examples of future trends and issues that require a robust approach towards security.

Download Full-text