The scalability and the strategy for EMR database encryption techniques

EMR (Electronic Medical Record) is an emerging technology that is highly-blended between non-IT and IT area. One methodology is to link the non-IT and IT area is to construct databases. Nowadays, it supports before and after-treatment for patients and should satisfy all stakeholders such as practitioners, nurses, researchers, administrators and financial departments and so on. In accordance with the database maintenance, DAS (Data as Service) model is one solution for outsourcing. However, there are some scalability and strategy issues when we need to plan to use DAS model properly. We constructed three kinds of databases such as plan-text, MS built-in encryption which is in-house model and custom AES (Advanced Encryption Standard) - DAS model scaling from 5K to 2560K records. To perform custom AES-DAS better, we also devised Bucket Index using Bloom Filter. The simulation showed the response times arithmetically increased in the beginning but after a certain threshold, exponentially increased in the end. In conclusion, if the database model is close to in-house model, then vendor technology is a good way to perform and get query response times in a consistent manner. If the model is DAS model, it is easy to outsource the database, however, some techniques like Bucket Index enhances its utilization. To get faster query response times, designing database such as consideration of the field type is also important. This study suggests cloud computing would be a next DAS model to satisfy the scalability and the security issues.

Development of an EMR implementation framework for public hospitals in Saudi Arabia

An Electronic Medical Record (EMR) is a system that has been embraced by healthcare providers worldwide. However, the implementation success of EMRs has varied widely. Studies have identified both barriers to and facilitators for implementing EMRs within healthcare organisations. In Saudi Arabia (SA), the majority of healthcare providers manage patient records manually. As public hospitals are a major provider of health services in SA and have been shown to face more EMR implementation barriers than private hospitals, there is a need for an implementation framework to guide EMR implementation in Saudi public hospitals. This doctoral project therefore aimed to develop an evidence-based EMR implementation framework for public hospitals in SA informed by those who work at the micro-implementation level and the macro-implementation level and the extant literature sensitive to the cultural, resource-related, and technological, organisational, and environmental issues of SA.

A time-variant medical data trustworthiness assessment model

Electronic Health Record (EHR) systems are being introduced to overcome the limitations associated with paper-based and isolated Electronic Medical Record (EMR) systems. This is accomplished by aggregating medical data and consolidating them in one digital repository. Though an EHR system provides obvious functional benefits, there is a growing concern about the privacy and reliability (trustworthiness) of Electronic Health Records. Security requirements such as confidentiality, integrity, and availability can be satisfied by traditional hard security mechanisms. However, measuring data trustworthiness from the perspective of data entry is an issue that cannot be solved with traditional mechanisms, especially since degrees of trust change over time. In this paper, we introduce a Time-variant Medical Data Trustworthiness (TMDT) assessment model to evaluate the trustworthiness of medical data by evaluating the trustworthiness of its sources, namely the healthcare organisation where the data was created and the medical practitioner who diagnosed the patient and authorised entry of this data into the patient’s medical record, with respect to a certain period of time. The result can then be used by the EHR system to manipulate health record metadata to alert medical practitioners relying on the information to possible reliability problems.

Sharing with care : an information accountability perspective

Health information sharing has become a vital part of modern healthcare delivery. E-health technologies provide efficient and effective ways of sharing medical information, but give rise to issues that neither the medical professional nor the consumers have control over. Information security and patient privacy are key impediments that hinder sharing information as sensitive as health information. Health information interoperability is another issue which hinders the adoption of available e health technologies. In this paper we propose a solution for these problems in terms of information accountability, the HL7 interoperability standard and social networks for manipulating personal health records.

Improving trust and securing data accessibility for e-health decision making by using data encryption techniques

In the medical and healthcare arena, patients‟ data is not just their own personal history but also a valuable large dataset for finding solutions for diseases. While electronic medical records are becoming popular and are used in healthcare work places like hospitals, as well as insurance companies, and by major stakeholders such as physicians and their patients, the accessibility of such information should be dealt with in a way that preserves privacy and security. Thus, finding the best way to keep the data secure has become an important issue in the area of database security. Sensitive medical data should be encrypted in databases. There are many encryption/ decryption techniques and algorithms with regard to preserving privacy and security. Currently their performance is an important factor while the medical data is being managed in databases. Another important factor is that the stakeholders should decide more cost-effective ways to reduce the total cost of ownership. As an alternative, DAS (Data as Service) is a popular outsourcing model to satisfy the cost-effectiveness but it takes a consideration that the encryption/ decryption modules needs to be handled by trustworthy stakeholders. This research project is focusing on the query response times in a DAS model (AES-DAS) and analyses the comparison between the outsourcing model and the in-house model which incorporates Microsoft built-in encryption scheme in a SQL Server. This research project includes building a prototype of medical database schemas. There are 2 types of simulations to carry out the project. The first stage includes 6 databases in order to carry out simulations to measure the performance between plain-text, Microsoft built-in encryption and AES-DAS (Data as Service). Particularly, the AES-DAS incorporates implementations of symmetric key encryption such as AES (Advanced Encryption Standard) and a Bucket indexing processor using Bloom filter. The results are categorised such as character type, numeric type, range queries, range queries using Bucket Index and aggregate queries. The second stage takes the scalability test from 5K to 2560K records. The main result of these simulations is that particularly as an outsourcing model, AES-DAS using the Bucket index shows around 3.32 times faster than a normal AES-DAS under the 70 partitions and 10K record-sized databases. Retrieving Numeric typed data takes shorter time than Character typed data in AES-DAS. The aggregation query response time in AES-DAS is not as consistent as that in MS built-in encryption scheme. The scalability test shows that the DBMS reaches in a certain threshold; the query response time becomes rapidly slower. However, there is more to investigate in order to bring about other outcomes and to construct a secured EMR (Electronic Medical Record) more efficiently from these simulations.

Brownfield re-development : Perceptions and risk mitigation strategies

Scarcity of large parcels of land in well-serviced areas has motivated people to re-develop brownfield land. Most of brownfield land has high risk of contamination from wide range of industrial activities such as gas works, factories, railway land and waste tips. In addition, people who live in brownfield re-development areas may be exposed to health hazards. This paper discusses public perceptions on the brownfield sites and also the risk and mitigation strategy to promote brownfield re-development. Data is gathered from face to face survey of fifty respondents who work in Brisbane Central Business District (CBD) and interview with an expert on remediation of contaminated land. From this preliminary study, it is found that majority of the population are not aware of any brownfield sites near their residence and those who are aware showed very little concern on their proximity to the site. Further discussion on the paper based on a simple cross tabulation analysis. The main risk mitigation strategy of re-development of brownfield site is by updating the registration through Environmental Management Register (EMR) and Contaminated Land Register (CLR). In addition, insurance may offer to cover cost overruns on remediation cost.

Information accountability and usability : are there any connections?

Availability of health information is rapidly increasing and the expansion and proliferation of health information is inevitable. The Electronic Healthcare Record, Electronic Medical Record and Personal Health Record are at the core of this trend and are required for appropriate and practicable exchange and sharing of health information. However, it is becoming increasingly recognized that it is essential to preserve patient privacy and information security when utilising sensitive information for clinical, management and administrative processes. Furthermore, the usability of emerging healthcare applications is also becoming a growing concern. This paper proposes a novel approach for integrating consideration of information accountability with a perspective from usability engineering that can be applied when developing healthcare information technology applications. A social networking user case in the healthcare information exchange will be presented in the context of our approach.

Progress and challenges in the implementation of Electronic Medical Records in Saudi Arabia : a systematic review

Electronic Medical Record (EMR) systems are being implemented increasingly worldwide. Saudi Arabia is one of the developing countries that commenced implementing such systems in 1988. Whilst EMR uptake has been low in Saudi Arabia until now, a number of hospitals have implemented EMR systems successfully. This paper analyses available studies (n = 28) in the literature regarding EMR implementation in Saudi Arabia to identify the progress of EMR implementation to date and to identify the facilitators and barriers to implementation.

Electronic medical record systems in Saudi Arabia: Knowledge and preferences of healthcare professionals

Background The use of Electronic Medical Record (EMR) systems is increasing internationally, though developing countries, such as Saudi Arabia, have tended to lag behind in the adoption and implementation of EMR systems due to several barriers. The literature shows that the main barriers to EMR in Saudi Arabia are lack of knowledge or experience using EMR systems and staff resistance to using the implemented EMR system. Methods A quantitative methodology was used to examine health personnel knowledge and acceptance of and preference for EMR systems in seven Saudi public hospitals in Jeddah, Makkah and Taif cities. Results Both English literacy and education levels were significantly correlated with computer literacy and EMR literacy. Participants whose first language was not Arabic were more likely to prefer using an EMR system compared to those whose first language was Arabic. Conclusion This study suggests that as computer literacy levels increase, so too do staff preferences for using EMR systems. Thus, it would be beneficial for hospitals to assess English language proficiency and computer literacy levels of staff prior to implementing an EMR system. It is recommended that hospitals need to offer training and targeted educational programs to the potential users of the EMR system. This would help to increase English language proficiency and computer literacy levels of staff as well as staff acceptance of the system.

Enterprise system investments for competitive advantage: An empirical study of Swiss SMEs

Previous research identifies various reasons companies invest in information technology (IT), often as a means to generate value. To add to the discussion of IT value generation, this study investigates investments in enterprise software systems that support business processes. Managers of more than 500 Swiss small and medium-sized enterprises (SMEs) responded to a survey regarding the levels of their IT investment in enterprise software systems and the perceived utility of those investments. The authors use logistic and ordinary least squares regression to examine whether IT investments in two business processes affect SMEs' performance and competitive advantage. Using cluster analysis, they also develop a firm typology with four distinct groups that differ in their investments in enterprise software systems. These findings offer key implications for both research and managerial practice.