Privacy by information accountability for e-health systems

Privacy has become one of the main impediments for e-health in its advancement to providing better services to its consumers. Even though many security protocols are being developed to protect information from being compromised, privacy is still a major issue in healthcare where privacy protection is very important. When consumers are confident that their sensitive information is safe from being compromised, their trust in these services will be higher and would lead to better adoption of these systems. In this paper we propose a solution to the problem of patient privacy in e-health through an information accountability framework could enhance consumer trust in e-health services and would lead to the success of e-health services.

A test vehicle for compliance with resilience requirements in index-based e-health systems

Increasingly, national and international governments have a strong mandate to develop national e-health systems to enable delivery of much-needed healthcare services. Research is, therefore, needed into appropriate security and reliance structures for the development of health information systems which must be compliant with governmental and alike obligations. The protection of e-health information security is critical to the successful implementation of any e-health initiative. To address this, this paper proposes a security architecture for index-based e-health environments, according to the broad outline of Australia’s National E-health Strategy and National E-health Transition Authority (NEHTA)’s Connectivity Architecture. This proposal, however, could be equally applied to any distributed, index-based health information system involving referencing to disparate health information systems. The practicality of the proposed security architecture is supported through an experimental demonstration. This successful prototype completion demonstrates the comprehensibility of the proposed architecture, and the clarity and feasibility of system specifications, in enabling ready development of such a system. This test vehicle has also indicated a number of parameters that need to be considered in any national indexed-based e-health system design with reasonable levels of system security. This paper has identified the need for evaluation of the levels of education, training, and expertise required to create such a system.

An architecture for enhanced assurance in e-health systems

Notwithstanding the obvious potential advantages of information and communications technology (ICT) in the enhanced provision of healthcare services, there are some concerns associated with integration of and access to electronic health records. A security violation in health records, such as an unauthorised disclosure or unauthorised alteration of an individual's health information, can significantly undermine both healthcare providers' and consumers' confidence and trust in e-health systems. A crisis in confidence in any national level e-health system could seriously degrade the realisation of the system's potential benefits. In response to the privacy and security requirements for the protection of health information, this research project investigated national and international e-health development activities to identify the necessary requirements for the creation of a trusted health information system architecture consistent with legislative and regulatory requirements and relevant health informatics standards. The research examined the appropriateness and sustainability of the current approaches for the protection of health information. It then proposed an architecture to facilitate the viable and sustainable enforcement of privacy and security in health information systems under the project title "Open and Trusted Health Information Systems (OTHIS)". OTHIS addresses necessary security controls to protect sensitive health information when such data is at rest, during processing and in transit with three separate and achievable security function-based concepts and modules: a) Health Informatics Application Security (HIAS); b) Health Informatics Access Control (HIAC); and c) Health Informatics Network Security (HINS). The outcome of this research is a roadmap for a viable and sustainable architecture for providing robust protection and security of health information including elucidations of three achievable security control subsystem requirements within the proposed architecture. The successful completion of two proof-of-concept prototypes demonstrated the comprehensibility, feasibility and practicality of the HIAC and HIAS models for the development and assessment of trusted health systems. Meanwhile, the OTHIS architecture has provided guidance for technical and security design appropriate to the development and implementation of trusted health information systems whilst simultaneously offering guidance for ongoing research projects. The socio-economic implications of this research can be summarised in the fact that this research embraces the need for low cost security strategies against economic realities by using open-source technologies for overall test implementation. This allows the proposed architecture to be publicly accessible, providing a platform for interoperability to meet real-world application security demands. On the whole, the OTHIS architecture sets a high level of security standard for the establishment and maintenance of both current and future health information systems. This thereby increases healthcare providers‘ and consumers‘ trust in the adoption of electronic health records to realise the associated benefits.

Using a public key registry for improved trust and scalability in national E-health systems

An increasing number of countries are faced with an aging population increasingly needing healthcare services. For any e-health information system, the need for increased trust by such clients with potentially little knowledge of any security scheme involved is paramount. In addition notable scalability of any system has become a critical aspect of system design, development and ongoing management. Meanwhile cryptographic systems provide the security provisions needed for confidentiality, authentication, integrity and non-repudiation. Cryptographic key management, however, must be secure, yet efficient and effective in developing an attitude of trust in system users. Digital certificate-based Public Key Infrastructure has long been the technology of choice or availability for information security/assurance; however, there appears to be a notable lack of successful implementations and deployments globally. Moreover, recent issues with associated Certificate Authority security have damaged trust in these schemes. This paper proposes the adoption of a centralised public key registry structure, a non-certificate based scheme, for large scale e-health information systems. The proposed structure removes complex certificate management, revocation and a complex certificate validation structure while maintaining overall system security. Moreover, the registry concept may be easier for both healthcare professionals and patients to understand and trust.

Vegetable soil health systems for overcoming limitations causing soil borne diseases

The purpose of the report is to summarise progress in developing vegetable production systems with improved soil health that overcome soil limitations with the potential to suppress soil borne diseases. Management approaches to soil health improvement were regionally specific to overcome regional soil limitations in different production environments.

Using Bayesian networks to model surveillance in complex plant and animal health systems

In this chapter we consider biosecurity surveillance as part of a complex system comprising many different biological, environmental and human factors and their interactions. Modelling and analysis of surveillance strategies should take into account these complexities, and also facilitate the use and integration of the many types of different information that can provide insight into the system as a whole. After a brief discussion of a range of options, we focus on Bayesian networks for representing such complex systems. We summarize the features of Bayesian networks and describe these in the context of surveillance.

Impact of different health systems on the burden of type 2 diabetes in two populations

Objectives: Health policy directs the management of patients with chronic disease in a country, but evaluating nationwide policies is difficult, not least because of the absence of suitable comparators. This paper examines the management of patients with type 2 diabetes in two demographically comparable populations with different health care systems to see if this represents a viable approach to evaluation.

Methods: A secondary analysis of centralized prescribing databases for 2010 was undertaken to compare the levels and costs of care of patients with type 2 diabetes in Northern Ireland’s National Health Service (NHS) (NI, n = 1.8 million) which has structured care, financial incentives related to diabetes care and an emphasis on generic prescribing, with that of the Republic of Ireland (ROI, n = 4.3 million) where management of diabetes care is guided solely by clinical and other guidelines.

Results: The prevalence of treated type 2 diabetes was 3.59% in NI and 3.09% in ROI, but there were similar and high levels of prescribing of secondary cardiovascular medications. Medication costs per person for anti-diabetic, anti-obesity and cardiovascular medication were 46% higher in ROI than NI, due to differences in levels of generic prescribing.

Conclusions: These different health care systems appear to be producing similar levels of care for patients with type 2 diabetes, although at different levels of cost. The findings question the need for financial incentives in NI and highlight the large cost savings potentially accruing from a greater shift to generic prescribing in ROI. Cross-country comparison, though not without difficulties, may prove a useful adjunct to within-country analysis of policy impact.

Health systems efficiency after the crisis in the OECD

This work evaluates the efficiency position of the health system of each OECD country. It identifies whether, or not, health systems changed in terms of quality and performance after the financial crisis. The health systems performance was calculated by fixed-effects estimator and by stochastic frontier analysis. The results suggest that many of those countries that the crisis affected the most are more efficient than the OECD average. In addition, some of those countries even managed to reach the top decile in the efficiency ranking. Finally, we analyze the stochastic frontier efficiency scores together with other health indicators to evaluate the health systems’ overall adjustments derived from the crisis.

Bioethics’ Lack in Relation to Person-Centred User-Driven Health Systems Planning: A Call for Change

La tribune de l'éditeur / Editor's Soapbox

Issues in developing e-health systems: an Australian case study

Over the last few years, perceptions of the importance of eHealth have increased rapidly, together with the use of IS&T in the delivery of health and social services. Although “e” approaches to health and social services have much potential, they are not panaceas, and the use of new technologies in improving the efficiency and effectiveness of such systems cannot be considered in isolation from their wider context. eHealth systems remain complex socio-organisational systems and, as we will argue and illustrate through this case study, require that a balanced approach to feasibility and desirability analysis be taken.

The case study in this paper describes a feasibility study into the potential effectiveness of a smartdevice-based electronic data collection and payment system which was proposed for the provision of disability services. A key finding of the study was that the most significant impediment to such a system was the highly diffused, fragmented, interlocking organisational structure of the social service administration itself. Rather than raise issues specific to the implementation or diffusion of new technologies in designing e-health services, it raised issues associated with decision making and control in such an environment, and with the design of the underlying organisational system: for service provision, the level of detail required in the service data, and the locus of decision-making power among the stakeholders.

In our account we illustrate the existence of multiple, incommensurate but valid perceptions of the human service provision problem, and discuss the implications for developers or managers of information systems in the arena of e-health or governance. We examine this environment from sociological and information systems perspectives, and confirm the usefulness of socio-organisational approaches in understanding such contexts.