Contextualising co-creation of value in electronic personal health records

This conceptual paper is a preliminary part of an ongoing study into take-up of electronic personal health records (ePHRs). The purpose of this work is to contextually ‘operationalise' Grönroos’ (2012) model of value co-creation in service for ePHRs. Using findings in the extant literature we enhance theoretical and practical understanding of the potential for co-creation of value with ePHRs for relevant stakeholders. The research design focused on the selection and evaluation of relevant literature to include in the discussion. The objective was to demonstrate which articles can be used to 'contextualise' the concepts in relation to relevant healthcare providers and patient engagement in the co-creation of value from having shared ePHRs. Starting at the service concept, that is, what the service provider wants to achieve and for whom, there is little doubt that there are recognised benefits that co-create value for both healthcare providers and healthcare consumers (i.e. patients) through shared ePHRs. We further highlight both alignments and misalignments in the resources and activities concepts between stakeholder groups. Examples include the types of functionalities as well as the interactive and peer communication needs perceived as useful for healthcare providers compared to healthcare consumers. The paper has implications for theory and practice and is an original and innovative approach to studying the co-creation of value in eHealth delivery.

Personal health records as sources of productivity evidence

Capturing data from various data repositories and integrating them for productivity improvements is common in modern business organisations. With the well-accepted concept of achieving positive gains through investment in employee health and wellness, organisations have started to capture both employee health and non-health data as Employer Sponsored electronic Personal Health Records (ESPHRs). However, non-health related data in ESPHRs has hardly been taken into consideration with outcomes such as employee productivity potentially being suited for further validation and stimulation of ESPHR usage. Here we analyse selected employee demographic information (age, gender, marital status, and job grade) and health-related outcomes (absenteeism and presenteeism) of employees for evidence-based decision making. Our study considered demographic and health-related outcomes of 700 employees. Surprisingly, the analysis shows that employees with high sick leave rates are also high performers. A factor analysis shows 92% of the variance in the data can be explained by three factors, with the job grade capable of explaining 62% of the variance. Work responsibilities may drive employees to maintain high work performance despite signs of sickness, so ESPHRs should focus attention on high performers. This finding suggests new ways of extracting value from ESPHRs to support organisational health and wellness management to help assure sustainability in organisational productivity.

Personal health data - Privacy policy harmonization and global enforcement

This workshop is jointly organized by EFMI Working Groups Security, Safety and Ethics and Personal Portable Devices in cooperation with IMIA Working Group "Security in Health Information Systems". In contemporary healthcare and personal health management the collection and use of personal health information takes place in different contexts and jurisdictions. Global use of health data is also expanding. The approach taken by different experts, health service providers, data subjects and secondary users in understanding privacy and the privacy expectations others may have is strongly context dependent. To make eHealth, global healthcare, mHealth and personal health management successful and to enable fair secondary use of personal health data, it is necessary to find a practical and functional balance between privacy expectations of stakeholder groups. The workshop will highlight these privacy concerns by presenting different cases and approaches. Workshop participants will analyse stakeholder privacy expectations that take place in different real-life contexts such as portable health devices and personal health records, and develop a mechanism to balance them in such a way that global protection of health data and its meaningful use is realized simultaneously. Based on the results of the workshop, initial requirements for a global healthcare information certification framework will be developed.

An evaluation of the implementation of hand held health records with adults with learning disabilities: a cluster randomized controlled trial

Background: Personal health records were implemented with adults with learning disabilities (AWLD) to try to improve their health-care. Materials and Method: Forty GP practices were randomized to the Personal Health Profile (PHP) implementation or control group. Two hundred and one AWLD were interviewed at baseline and 163 followed up after 12 months intervention (PHP group). AWLD and carers of AWLD were employed as research interviewers. AWLD were full research participants. Results: Annual consultation rates in the intervention and control groups at baseline were low (2.3 and 2.6 visits respectively). A slightly greater increase occurred over the year in the intervention group 0.6 ()0.4 to 1.6) visits ⁄ year compared with controls. AWLD in PHP group reported more health problems at follow-up 0.9 (0.0 to 1.8). AWLD liked their PHP (92%) but only 63% AWLD and 55% carers reported PHP usage. Carers had high turnover (34%). Conclusions: No significant outcomes were achieved by the intervention.

Electronic health records for mobile citizens: a secure and collaborative architecture

Durante as ultimas décadas, os registos de saúde eletrónicos (EHR) têm evoluído para se adaptar a novos requisitos. O cidadão tem-se envolvido cada vez mais na prestação dos cuidados médicos, sendo mais pró ativo e desejando potenciar a utilização do seu registo. A mobilidade do cidadão trouxe mais desafios, a existência de dados dispersos, heterogeneidade de sistemas e formatos e grande dificuldade de partilha e comunicação entre os prestadores de serviços. Para responder a estes requisitos, diversas soluções apareceram, maioritariamente baseadas em acordos entre instituições, regiões e países. Estas abordagens são usualmente assentes em cenários federativos muito complexos e fora do controlo do paciente. Abordagens mais recentes, como os registos pessoais de saúde (PHR), permitem o controlo do paciente, mas levantam duvidas da integridade clinica da informação aos profissionais clínicos. Neste cenário os dados saem de redes e sistemas controlados, aumentando o risco de segurança da informação. Assim sendo, são necessárias novas soluções que permitam uma colaboração confiável entre os diversos atores e sistemas. Esta tese apresenta uma solução que permite a colaboração aberta e segura entre todos os atores envolvidos nos cuidados de saúde. Baseia-se numa arquitetura orientada ao serviço, que lida com a informação clínica usando o conceito de envelope fechado. Foi modelada recorrendo aos princípios de funcionalidade e privilégios mínimos, com o propósito de fornecer proteção dos dados durante a transmissão, processamento e armazenamento. O controlo de acesso _e estabelecido por políticas definidas pelo paciente. Cartões de identificação eletrónicos, ou certificados similares são utilizados para a autenticação, permitindo uma inscrição automática. Todos os componentes requerem autenticação mútua e fazem uso de algoritmos de cifragem para garantir a privacidade dos dados. Apresenta-se também um modelo de ameaça para a arquitetura, por forma a analisar se as ameaças possíveis foram mitigadas ou se são necessários mais refinamentos. A solução proposta resolve o problema da mobilidade do paciente e a dispersão de dados, capacitando o cidadão a gerir e a colaborar na criação e manutenção da sua informação de saúde. A arquitetura permite uma colaboração aberta e segura, possibilitando que o paciente tenha registos mais ricos, atualizados e permitindo o surgimento de novas formas de criar e usar informação clínica ou complementar.

A secure framework and related protocols for ubiquitous access to electronic health records using Java sim cards

Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the point-ofcare could possibly lead to a fatality. The U.S. Institute of Medicine has reported that between 44,000 and 98,000 people die each year due to medical errors, such as incorrect medication dosages, due to poor legibility in manual records, or delays in consolidating needed information to discern the proper intervention. In this research we propose employing emergent technologies such as Java SIM Cards (JSC), Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHR). A partial EHR contained within a JSC can be used at the point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Health Records Centre (EHRC) when time and network availability permit. Moreover, this framework and related protocols enable patients to give their explicit consent to a doctor to access their personal medical data, by using their Smart Phone, when the doctor needs to see or update the patient’s medical information during an examination. Also our proposed solution would give the power to patients to modify the Access Control List (ACL) related to their EHRs and view their EHRs through their Smart Phone. Currently, very limited research has been done on using JSCs and similar technologies as a portable repository of EHRs or on the specific security issues that are likely to arise when JSCs are used with ubiquitous access to EHRs. Previous research is concerned with using Medicare cards, a kind of Smart Card, as a repository of medical information at the patient point-of-care. However, this imposes some limitations on the patient’s emergency medical care, including the inability to detect the patient’s location, to call and send information to an emergency room automatically, and to interact with the patient in order to get consent. The aim of our framework and related protocols is to overcome these limitations by taking advantage of the SIM card and the technologies mentioned above. Briefly, our framework and related protocols will offer the full benefits of accessing an up-to-date, precise, and comprehensive medical history of a patient, whilst its mobility will provide ubiquitous access to medical and patient information everywhere it is needed. The objective of our framework and related protocols is to automate interactions between patients, healthcare providers and insurance organisations, increase patient safety, improve quality of care, and reduce the costs.

Automatic de-identification of electronic health records : an Australian perspective

We present an approach to automatically de-identify health records. In our approach, personal health information is identified using a Conditional Random Fields machine learning classifier, a large set of linguistic and lexical features, and pattern matching techniques. Identified personal information is then removed from the reports. The de-identification of personal health information is fundamental for the sharing and secondary use of electronic health records, for example for data mining and disease monitoring. The effectiveness of our approach is first evaluated on the 2007 i2b2 Shared Task dataset, a widely adopted dataset for evaluating de-identification techniques. Subsequently, we investigate the robustness of the approach to limited training data; we study its effectiveness on different type and quality of data by evaluating the approach on scanned pathology reports from an Australian institution. This data contains optical character recognition errors, as well as linguistic conventions that differ from those contained in the i2b2 dataset, for example different date formats. The findings suggest that our approach compares to the best approach from the 2007 i2b2 Shared Task; in addition, the approach is found to be robust to variations of training size, data type and quality in presence of sufficient training data.

De-Identification of health records using Anonym: Effectiveness and robustness across datasets

Objective Evaluate the effectiveness and robustness of Anonym, a tool for de-identifying free-text health records based on conditional random fields classifiers informed by linguistic and lexical features, as well as features extracted by pattern matching techniques. De-identification of personal health information in electronic health records is essential for the sharing and secondary usage of clinical data. De-identification tools that adapt to different sources of clinical data are attractive as they would require minimal intervention to guarantee high effectiveness. Methods and Materials The effectiveness and robustness of Anonym are evaluated across multiple datasets, including the widely adopted Integrating Biology and the Bedside (i2b2) dataset, used for evaluation in a de-identification challenge. The datasets used here vary in type of health records, source of data, and their quality, with one of the datasets containing optical character recognition errors. Results Anonym identifies and removes up to 96.6% of personal health identifiers (recall) with a precision of up to 98.2% on the i2b2 dataset, outperforming the best system proposed in the i2b2 challenge. The effectiveness of Anonym across datasets is found to depend on the amount of information available for training. Conclusion Findings show that Anonym compares to the best approach from the 2006 i2b2 shared task. It is easy to retrain Anonym with new datasets; if retrained, the system is robust to variations of training size, data type and quality in presence of sufficient training data.

Privacy and trust management for electronic health records

Establishing a nationwide Electronic Health Record system has become a primary objective for many countries around the world, including Australia, in order to improve the quality of healthcare while at the same time decreasing its cost. Doing so will require federating the large number of patient data repositories currently in use throughout the country. However, implementation of EHR systems is being hindered by several obstacles, among them concerns about data privacy and trustworthiness. Current IT solutions fail to satisfy patients’ privacy desires and do not provide a trustworthiness measure for medical data. This thesis starts with the observation that existing EHR system proposals suer from six serious shortcomings that aect patients’ privacy and safety, and medical practitioners’ trust in EHR data: accuracy and privacy concerns over linking patients’ existing medical records; the inability of patients to have control over who accesses their private data; the inability to protect against inferences about patients’ sensitive data; the lack of a mechanism for evaluating the trustworthiness of medical data; and the failure of current healthcare workflow processes to capture and enforce patient’s privacy desires. Following an action research method, this thesis addresses the above shortcomings by firstly proposing an architecture for linking electronic medical records in an accurate and private way where patients are given control over what information can be revealed about them. This is accomplished by extending the structure and protocols introduced in federated identity management to link a patient’s EHR to his existing medical records by using pseudonym identifiers. Secondly, a privacy-aware access control model is developed to satisfy patients’ privacy requirements. The model is developed by integrating three standard access control models in a way that gives patients access control over their private data and ensures that legitimate uses of EHRs are not hindered. Thirdly, a probabilistic approach for detecting and restricting inference channels resulting from publicly-available medical data is developed to guard against indirect accesses to a patient’s private data. This approach is based upon a Bayesian network and the causal probabilistic relations that exist between medical data fields. The resulting definitions and algorithms show how an inference channel can be detected and restricted to satisfy patients’ expressed privacy goals. Fourthly, a medical data trustworthiness assessment model is developed to evaluate the quality of medical data by assessing the trustworthiness of its sources (e.g. a healthcare provider or medical practitioner). In this model, Beta and Dirichlet reputation systems are used to collect reputation scores about medical data sources and these are used to compute the trustworthiness of medical data via subjective logic. Finally, an extension is made to healthcare workflow management processes to capture and enforce patients’ privacy policies. This is accomplished by developing a conceptual model that introduces new workflow notions to make the workflow management system aware of a patient’s privacy requirements. These extensions are then implemented in the YAWL workflow management system.

A secure framework and related protocols for ubiquitous access to electronic health records using Java SIM cards

Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the patient point-of-care could possibly lead to a fatality. In this paper we propose employing emergent technologies such as Java SIM Cards (JSC),Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHRs). A partial EHR contained within a JSC can be used at the patient point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Healthcare Records Centre (EHRC).

A rights management approach to protection of privacy in a cloud of electronic health records

A patient-centric DRM approach is proposed for protecting privacy of health records stored in a cloud storage based on the patient's preferences and without the need to trust the service provider. Contrary to the current server-side access control solutions, this approach protects the privacy of records from the service provider, and also controls the usage of data after it is released to an authorized user.

Privacy oriented access control for electronic health records

Security and privacy in electronic health record systems have been hindering the growth of e-health systems since their emergence. The development of policies that satisfy the security and privacy requirements of different stakeholders in healthcare has proven to be difficult. But, these requirements have to be met if the systems developed are to succeed in achieving their intended goals. Access control is a fundamental security barrier for securing data in healthcare information systems. In this paper we present an access control model for electronic health records. We address patient privacy requirements, confidentiality of private information and the need for flexible access for health professionals for electronic health records. We carefully combine three existing access control models and present a novel access control model for EHRs which satisfies requirements of electronic health records.

Improving self care of patients with chronic disease using online personal health record

BACKGROUND: Effective management of chronic diseases such as prostate cancer is important. Research suggests a tendency to use self-care treatment options such as over-the-counter (OTC) complementary medications among prostate cancer patients. The current trend in patient-driven recording of health data in an online Personal Health Record (PHR) presents an opportunity to develop new data-driven approaches for improving prostate cancer patient care. However, the ability of current online solutions to share patients' data for better decision support is limited. An informatics approach may improve online sharing of self-care interventions among these patients. It can also provide better evidence to support decisions made during their self-managed care. AIMS: To identify requirements for an online system and describe a new case-based reasoning (CBR) method for improving self-care of advanced prostate cancer patients in an online PHR environment. METHOD: A non-identifying online survey was conducted to understand self-care patterns among prostate cancer patients and to identify requirements for an online information system. The pilot study was carried out between August 2010 and December 2010. A case-base of 52 patients was developed. RESULTS: The data analysis showed self-care patterns among the prostate cancer patients. Selenium (55%) was the common complementary supplement used by the patients. Paracetamol (about 45%) was the commonly used OTC by the patients. CONCLUSION: The results of this study specified requirements for an online case-based reasoning information system. The outcomes of this study are being incorporated in design of the proposed Artificial Intelligence (Al) driven patient journey browser system. A basic version of the proposed system is currently being considered for implementation.

Perceptions and attitudes of nursing students’ towards electronic health records

Introduction The onset of Personally Controlled Electronic Health Records in Australia demand healthcare decision making processes to comprise, understand and accept electronic health records (EHR). Nurses play a key, central role in the healthcare decision making process and their perceptions and attitudes of EHRs are significant [1], which develop during their academic life. However, studies aimed at nursing students’ attitudes of EHRs are very limited [2-4]. A proper understanding of these attitudes and how they evolve with academic progress is important. This paper presents results from a survey conducted at a leading University in Queensland, Australia as a first step to filling this gap.