915 resultados para electronic health records
Resumo:
Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the point-ofcare could possibly lead to a fatality. The U.S. Institute of Medicine has reported that between 44,000 and 98,000 people die each year due to medical errors, such as incorrect medication dosages, due to poor legibility in manual records, or delays in consolidating needed information to discern the proper intervention. In this research we propose employing emergent technologies such as Java SIM Cards (JSC), Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHR). A partial EHR contained within a JSC can be used at the point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Health Records Centre (EHRC) when time and network availability permit. Moreover, this framework and related protocols enable patients to give their explicit consent to a doctor to access their personal medical data, by using their Smart Phone, when the doctor needs to see or update the patient’s medical information during an examination. Also our proposed solution would give the power to patients to modify the Access Control List (ACL) related to their EHRs and view their EHRs through their Smart Phone. Currently, very limited research has been done on using JSCs and similar technologies as a portable repository of EHRs or on the specific security issues that are likely to arise when JSCs are used with ubiquitous access to EHRs. Previous research is concerned with using Medicare cards, a kind of Smart Card, as a repository of medical information at the patient point-of-care. However, this imposes some limitations on the patient’s emergency medical care, including the inability to detect the patient’s location, to call and send information to an emergency room automatically, and to interact with the patient in order to get consent. The aim of our framework and related protocols is to overcome these limitations by taking advantage of the SIM card and the technologies mentioned above. Briefly, our framework and related protocols will offer the full benefits of accessing an up-to-date, precise, and comprehensive medical history of a patient, whilst its mobility will provide ubiquitous access to medical and patient information everywhere it is needed. The objective of our framework and related protocols is to automate interactions between patients, healthcare providers and insurance organisations, increase patient safety, improve quality of care, and reduce the costs.
Resumo:
Establishing a nationwide Electronic Health Record system has become a primary objective for many countries around the world, including Australia, in order to improve the quality of healthcare while at the same time decreasing its cost. Doing so will require federating the large number of patient data repositories currently in use throughout the country. However, implementation of EHR systems is being hindered by several obstacles, among them concerns about data privacy and trustworthiness. Current IT solutions fail to satisfy patients’ privacy desires and do not provide a trustworthiness measure for medical data. This thesis starts with the observation that existing EHR system proposals suer from six serious shortcomings that aect patients’ privacy and safety, and medical practitioners’ trust in EHR data: accuracy and privacy concerns over linking patients’ existing medical records; the inability of patients to have control over who accesses their private data; the inability to protect against inferences about patients’ sensitive data; the lack of a mechanism for evaluating the trustworthiness of medical data; and the failure of current healthcare workflow processes to capture and enforce patient’s privacy desires. Following an action research method, this thesis addresses the above shortcomings by firstly proposing an architecture for linking electronic medical records in an accurate and private way where patients are given control over what information can be revealed about them. This is accomplished by extending the structure and protocols introduced in federated identity management to link a patient’s EHR to his existing medical records by using pseudonym identifiers. Secondly, a privacy-aware access control model is developed to satisfy patients’ privacy requirements. The model is developed by integrating three standard access control models in a way that gives patients access control over their private data and ensures that legitimate uses of EHRs are not hindered. Thirdly, a probabilistic approach for detecting and restricting inference channels resulting from publicly-available medical data is developed to guard against indirect accesses to a patient’s private data. This approach is based upon a Bayesian network and the causal probabilistic relations that exist between medical data fields. The resulting definitions and algorithms show how an inference channel can be detected and restricted to satisfy patients’ expressed privacy goals. Fourthly, a medical data trustworthiness assessment model is developed to evaluate the quality of medical data by assessing the trustworthiness of its sources (e.g. a healthcare provider or medical practitioner). In this model, Beta and Dirichlet reputation systems are used to collect reputation scores about medical data sources and these are used to compute the trustworthiness of medical data via subjective logic. Finally, an extension is made to healthcare workflow management processes to capture and enforce patients’ privacy policies. This is accomplished by developing a conceptual model that introduces new workflow notions to make the workflow management system aware of a patient’s privacy requirements. These extensions are then implemented in the YAWL workflow management system.
Resumo:
Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the patient point-of-care could possibly lead to a fatality. In this paper we propose employing emergent technologies such as Java SIM Cards (JSC),Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHRs). A partial EHR contained within a JSC can be used at the patient point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Healthcare Records Centre (EHRC).
Resumo:
A patient-centric DRM approach is proposed for protecting privacy of health records stored in a cloud storage based on the patient's preferences and without the need to trust the service provider. Contrary to the current server-side access control solutions, this approach protects the privacy of records from the service provider, and also controls the usage of data after it is released to an authorized user.
Resumo:
Security and privacy in electronic health record systems have been hindering the growth of e-health systems since their emergence. The development of policies that satisfy the security and privacy requirements of different stakeholders in healthcare has proven to be difficult. But, these requirements have to be met if the systems developed are to succeed in achieving their intended goals. Access control is a fundamental security barrier for securing data in healthcare information systems. In this paper we present an access control model for electronic health records. We address patient privacy requirements, confidentiality of private information and the need for flexible access for health professionals for electronic health records. We carefully combine three existing access control models and present a novel access control model for EHRs which satisfies requirements of electronic health records.
Resumo:
Introduction The onset of Personally Controlled Electronic Health Records in Australia demand healthcare decision making processes to comprise, understand and accept electronic health records (EHR). Nurses play a key, central role in the healthcare decision making process and their perceptions and attitudes of EHRs are significant [1], which develop during their academic life. However, studies aimed at nursing students’ attitudes of EHRs are very limited [2-4]. A proper understanding of these attitudes and how they evolve with academic progress is important. This paper presents results from a survey conducted at a leading University in Queensland, Australia as a first step to filling this gap.
Resumo:
This research was a step forward in developing a data integration framework for Electronic Health Records. The outcome of the research is a conceptual and logical Data Warehousing model for integrating Cardiac Surgery electronic data records. This thesis investigated the main obstacles for the healthcare data integration and proposes a data warehousing model suitable for integrating fragmented data in a Cardiac Surgery Unit.
Resumo:
Information privacy is a critical success/failure factor in information technology supported healthcare (eHealth). eHealth systems utilise electronic health records (EHR) as the main source of information, thus, implementing appropriate privacy preserving methods for EHRs is vital for the proliferation of eHealth. Whilst information privacy may be a fundamental requirement for eHealth consumers, healthcare professionals demand non-restricted access to patient information for improved healthcare delivery, thus, creating an environment where stakeholder requirements are contradictory. Therefore, there is a need to achieve an appropriate balance of requirements in order to build successful eHealth systems. Towards achieving this balance, a new genre of eHealth systems called Accountable-eHealth (AeH) systems has been proposed. In this paper, an access control model for EHRs is presented that can be utilised by AeH systems to create information usage policies that fulfil both stakeholders’ requirements. These policies are used to accomplish the aforementioned balance of requirements creating a satisfactory eHealth environment for all stakeholders. The access control model is validated using a Web based prototype as a proof of concept.
Resumo:
We present an approach to automatically de-identify health records. In our approach, personal health information is identified using a Conditional Random Fields machine learning classifier, a large set of linguistic and lexical features, and pattern matching techniques. Identified personal information is then removed from the reports. The de-identification of personal health information is fundamental for the sharing and secondary use of electronic health records, for example for data mining and disease monitoring. The effectiveness of our approach is first evaluated on the 2007 i2b2 Shared Task dataset, a widely adopted dataset for evaluating de-identification techniques. Subsequently, we investigate the robustness of the approach to limited training data; we study its effectiveness on different type and quality of data by evaluating the approach on scanned pathology reports from an Australian institution. This data contains optical character recognition errors, as well as linguistic conventions that differ from those contained in the i2b2 dataset, for example different date formats. The findings suggest that our approach compares to the best approach from the 2007 i2b2 Shared Task; in addition, the approach is found to be robust to variations of training size, data type and quality in presence of sufficient training data.
Resumo:
Background Historically, the paper hand-held record (PHR) has been used for sharing information between hospital clinicians, general practitioners and pregnant women in a maternity shared-care environment. Recently in alignment with a National e-health agenda, an electronic health record (EHR) was introduced at an Australian tertiary maternity service to replace the PHR for collection and transfer of data. The aim of this study was to examine and compare the completeness of clinical data collected in a PHR and an EHR. Methods We undertook a comparative cohort design study to determine differences in completeness between data collected from maternity records in two phases. Phase 1 data were collected from the PHR and Phase 2 data from the EHR. Records were compared for completeness of best practice variables collected The primary outcome was the presence of best practice variables and the secondary outcomes were the differences in individual variables between the records. Results Ninety-four percent of paper medical charts were available in Phase 1 and 100% of records from an obstetric database in Phase 2. No PHR or EHR had a complete dataset of best practice variables. The variables with significant improvement in completeness of data documented in the EHR, compared with the PHR, were urine culture, glucose tolerance test, nuchal screening, morphology scans, folic acid advice, tobacco smoking, illicit drug assessment and domestic violence assessment (p = 0.001). Additionally the documentation of immunisations (pertussis, hepatitis B, varicella, fluvax) were markedly improved in the EHR (p = 0.001). The variables of blood pressure, proteinuria, blood group, antibody, rubella and syphilis status, showed no significant differences in completeness of recording. Conclusion This is the first paper to report on the comparison of clinical data collected on a PHR and EHR in a maternity shared-care setting. The use of an EHR demonstrated significant improvements to the collection of best practice variables. Additionally, the data in an EHR were more available to relevant clinical staff with the appropriate log-in and more easily retrieved than from the PHR. This study contributes to an under-researched area of determining data quality collected in patient records.
Resumo:
The paper hand-held record (PHR) has been used extensively in general practice (GP) shared care management of pregnant women, and recently, the first Mater Shared Electronic Health Record (MSEHR) was introduced. The aim of this qualitative study was to examine women’s experiences using the records and the contribution of the records to integrate care. At the 36-week antenatal visit in a maternity tertiary centre clinic, women were identified as a user of either the PHR or the MSEHR and organised into Phase 1 and Phase 2 studies respectively. Fifteen women were interviewed in Phase 1 and 12 women in Phase 2. Semi-structured interviews were used for data collection, and analysed using qualitative content analysis. Four main themes were identified: (1) purpose of the record; (2) perceptions of the record; (3) content of the record, and; (4) sharing the record. Findings indicate that the PHR is a well-liked maternity tool. The findings also indicate there is under-usage of the MSEHR due to health-care providers failing to follow up and discuss the option of using the electronic health record option or if a woman has completed the log-in process. This paper adds to an already favourable body of knowledge about the use of the PHR. It is recommended that continued implementation of the MSEHR be undertaken to facilitate its use.
Resumo:
Public submission # 029 to a Australian federal parliamentary committee considering proposed legislative changes to the Commonwealth's Healthcare Identifiers Act 2010 and the Personally Controlled Electronic Health Records Act 2012.
Resumo:
Durante as ultimas décadas, os registos de saúde eletrónicos (EHR) têm evoluído para se adaptar a novos requisitos. O cidadão tem-se envolvido cada vez mais na prestação dos cuidados médicos, sendo mais pró ativo e desejando potenciar a utilização do seu registo. A mobilidade do cidadão trouxe mais desafios, a existência de dados dispersos, heterogeneidade de sistemas e formatos e grande dificuldade de partilha e comunicação entre os prestadores de serviços. Para responder a estes requisitos, diversas soluções apareceram, maioritariamente baseadas em acordos entre instituições, regiões e países. Estas abordagens são usualmente assentes em cenários federativos muito complexos e fora do controlo do paciente. Abordagens mais recentes, como os registos pessoais de saúde (PHR), permitem o controlo do paciente, mas levantam duvidas da integridade clinica da informação aos profissionais clínicos. Neste cenário os dados saem de redes e sistemas controlados, aumentando o risco de segurança da informação. Assim sendo, são necessárias novas soluções que permitam uma colaboração confiável entre os diversos atores e sistemas. Esta tese apresenta uma solução que permite a colaboração aberta e segura entre todos os atores envolvidos nos cuidados de saúde. Baseia-se numa arquitetura orientada ao serviço, que lida com a informação clínica usando o conceito de envelope fechado. Foi modelada recorrendo aos princípios de funcionalidade e privilégios mínimos, com o propósito de fornecer proteção dos dados durante a transmissão, processamento e armazenamento. O controlo de acesso _e estabelecido por políticas definidas pelo paciente. Cartões de identificação eletrónicos, ou certificados similares são utilizados para a autenticação, permitindo uma inscrição automática. Todos os componentes requerem autenticação mútua e fazem uso de algoritmos de cifragem para garantir a privacidade dos dados. Apresenta-se também um modelo de ameaça para a arquitetura, por forma a analisar se as ameaças possíveis foram mitigadas ou se são necessários mais refinamentos. A solução proposta resolve o problema da mobilidade do paciente e a dispersão de dados, capacitando o cidadão a gerir e a colaborar na criação e manutenção da sua informação de saúde. A arquitetura permite uma colaboração aberta e segura, possibilitando que o paciente tenha registos mais ricos, atualizados e permitindo o surgimento de novas formas de criar e usar informação clínica ou complementar.
