Analysis of ISO/IEEE 11073 built-in security and its potential IHE-based extensibility

The ISO/IEEE 11073 standard for Personal Health Devices (X73PHD) aims to ensure interoperability between Personal Health Devices and aggregators—e.g. health appliances, routers—in ambulatory setups. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of different standards in healthcare systems (e.g. Personal/Electronic Health Records, alert managers, Clinical Decision Support Systems) by defining profiles intended for medical use cases. X73PHD provides a robust syntactic model and a comprehensive terminology, but it places limited emphasis on security and on interoperability with IHE-compliant systems and frameworks. However, the implementation of eHealth/mHealth applications in environments such as health and fitness monitoring, independent living and disease management (i.e. the X73PHD domains) increasingly requires features such as secure connections to mobile aggregators—e.g. smartphones, tablets—, the sharing of devices among different users with privacy, and interoperability with certain IHE-compliant healthcare systems. This work proposes a comprehensive IHE-based X73PHD extension consisting of additive layers adapted to different eHealth/mHealth applications, after having analyzed the features of X73PHD (especially its built-in security), IHE profiles related with these applications and other research works. Both the new features proposed for each layer and the procedures to support them have been carefully chosen to minimize the impact on X73PHD, on its architecture (in terms of delays and overhead) and on its framework. Such implications are thoroughly analyzed in this paper. As a result, an extended model of X73PHD is proposed, preserving its essential features while extending them with added value.     

Deriving consumer-facing disease concepts for family health histories using multi-source sampling

The family health history has long been recognized as an effective way of understanding individuals’ susceptibility to familial disease; yet electronic tools to support the capture and use of these data have been characterized as inadequate. As part of an ongoing effort to build patient-facing tools for entering detailed family health histories, we have compiled a set of concepts specific to familial disease using multi-source sampling. These concepts were abstracted by analyzing family health history data patterns in our enterprise data warehouse, collection patterns of consumer personal health records, analyses from the local state health department, a healthcare data dictionary, and concepts derived from genetic-oriented consumer education materials. Collectively, these sources yielded a set of more than 500 unique disease concepts, represented by more than 2500 synonyms for supporting patients in entering coded family health histories. We expect that these concepts will be useful in providing meaningful data and education resources for patients and providers alike.     

Empowering citizens with access control mechanisms to their personal health resources

BackgroundAdvancements in information and communication technologies have allowed the development of new approaches to the management and use of healthcare resources. Nowadays it is possible to address complex issues such as meaningful access to distributed data or communication and understanding among heterogeneous systems. As a consequence, the discussion focuses on the administration of the whole set of resources providing knowledge about a single subject of care (SoC). New trends make the SoC administrator and responsible for all these elements (related to his/her demographic data, health, well-being, social conditions, etc.) and s/he is granted the ability of controlling access to them by third parties. The subject of care exchanges his/her passive role without any decision capacity for an active one allowing to control who accesses what.PurposeWe study the necessary access control infrastructure to support this approach and develop mechanisms based on semantic tools to assist the subject of care with the specification of access control policies. This infrastructure is a building block of a wider scenario, the Person-Oriented Virtual Organization (POVO), aiming at integrating all the resources related to each citizen's health-related data. The POVO covers the wide range and heterogeneity of available healthcare resources (e.g., information sources, monitoring devices, or software simulation tools) and grants each SoC the access control to them.MethodsSeveral methodological issues are crucial for the design of the targeted infrastructure. The distributed system concept and focus are reviewed from the service oriented architecture (SOA) perspective. The main frameworks for the formalization of distributed system architectures (Reference Model-Open Distributed Processing, RM-ODP; and Model Driven Architecture, MDA) are introduced, as well as how the use of the Unified Modelling Language (UML) is standardized. The specification of access control policies and decision making mechanisms are essential keys for this approach and they are accomplished by using semantic technologies (i.e., ontologies, rule languages, and inference engines).ResultsThe results are mainly focused on the security and access control of the proposed scenario. An ontology has been designed and developed for the POVO covering the terminology of the scenario and easing the automation of administration tasks. Over that ontology, an access control mechanism based on rule languages allows specifying access control policies, and an inference engine performs the decision making process automatically. The usability of solutions to ease administration tasks to the SoC is improved by the Me-As-An-Admin (M3A) application. This guides the SoC through the specification of personal access control policies to his/her distributed resources by using semantic technologies (e.g., metamodeling, model-to-text transformations, etc.). All results are developed as services and included in an architecture in accordance with standards and principles of openness and interoperability.ConclusionsCurrent technology can bring health, social and well-being care actually centered on citizens, and granting each person the management of his/her health information. However, the application of technology without adopting methodologies or normalized guidelines will reduce the interoperability of solutions developed, failing in the development of advanced services and improved scenarios for health delivery. Standards and reference architectures can be cornerstones for future-proof and powerful developments. Finally, not only technology must follow citizen-centric approaches, but also the gaps needing legislative efforts that support these new paradigms of healthcare delivery must be identified and addressed.     

Combining mHealth and health-coaching for improving self-management in chronic care. A scoping review

BackgroundSelf-management approaches are widely used to improve chronic care. In this context, health care professionals call for efficient tools to engage patients in managing their illness. Mobile health (mHealth), defined by WHO as medical and public health practice supported by mobile devices, is demonstrated to enhance self-management and health-coaching as an engaging tool in supporting behaviour change. Nevertheless, it is unclear how health-coaching and mHealth can benefit from each other.ObjectiveWe conducted a scoping review to provide a literature-overview and identify any existing gaps in knowledge of mHealth in combination with health-coaching interventions for improving self-management in patients with chronic diseases.Patient involvementNo patients were involved in the review process.MethodsThe five-stage framework by Arksey and O'Malley was used. The review surveys; PubMed, CINAHL, Embase, Scopus, and PsycInfo. Two independent reviewers performed review selection and characterization.ResultsThe review points at two approaches; (i) coaching used to support mHealth and (ii) mHealth as support for coaching. The findings suggest that patients prefer physical interactions to telecommunication. mHealth was primarily used to facilitate telecommunication and to monitor disease aspects.DiscussionWe found that mHealth and health-coaching interventions benefit from each other. The review report on a considerable unclarity in the coaching-methods and that the patients were more satisfied with physical interactions than mHealth. We suggest to prioritize human contact and to explore more personalized health technology.Practical valueThis scoping review can provide a framework for researchers and care providers to support discussion and introduction of new approaches and technology in self-management for patients with chronic diseases, thereby improving patients’ quality of life.     

A Missing Link: HIV-/AIDS-Related mHealth Interventions for Health Workers in Low- and Middle-Income Countries

Purpose of Review

Through a review of the peer-reviewed and gray literature on HIV mobile health (mHealth) tools for health workers and in-depth interviews with mHealth leaders in the field, we provide a synthesis of current work and propose mHealth research priorities for HIV prevention, care, and treatment.

Recent Findings

Significant investment in implementation research and bringing together researchers capable of identifying drivers of successful implementation and industry leaders capable of bringing efficacious tools to scale are needed to move this area forward.

Summary

Effective and appropriate technologies to support health systems in the prevention and treatment of HIV/AIDS in low- and middle-income countries are needed to improve the efficiency and quality of health service delivery and ultimately improve health outcomes. Although a growing number of HIV mHealth tools have been developed to support health workers, few of these tools have been rigorously evaluated and even fewer have been brought to scale.

     

OmniPHR: A distributed architecture model to integrate personal health records

The advances in the Information and Communications Technology (ICT) brought many benefits to the healthcare area, specially to digital storage of patients’ health records. However, it is still a challenge to have a unified viewpoint of patients’ health history, because typically health data is scattered among different health organizations. Furthermore, there are several standards for these records, some of them open and others proprietary. Usually health records are stored in databases within health organizations and rarely have external access. This situation applies mainly to cases where patients’ data are maintained by healthcare providers, known as EHRs (Electronic Health Records). In case of PHRs (Personal Health Records), in which patients by definition can manage their health records, they usually have no control over their data stored in healthcare providers’ databases. Thereby, we envision two main challenges regarding PHR context: first, how patients could have a unified view of their scattered health records, and second, how healthcare providers can access up-to-date data regarding their patients, even though changes occurred elsewhere. For addressing these issues, this work proposes a model named OmniPHR, a distributed model to integrate PHRs, for patients and healthcare providers use. The scientific contribution is to propose an architecture model to support a distributed PHR, where patients can maintain their health history in an unified viewpoint, from any device anywhere. Likewise, for healthcare providers, the possibility of having their patients data interconnected among health organizations. The evaluation demonstrates the feasibility of the model in maintaining health records distributed in an architecture model that promotes a unified view of PHR with elasticity and scalability of the solution.     

Purple: A Modular System for Developing and Deploying Behavioral Intervention Technologies

The creation, deployment, and evaluation of Web-based and mobile-based applications for health, mental health, and wellness within research settings has tended to be siloed, with each research group developing their own systems and features. This has led to technological features and products that are not sharable across research teams, thereby limiting collaboration, reducing the speed of dissemination, and raising the bar for entry into this area of research. This paper provides an overview of Purple, an extensible, modular, and repurposable system created for the development of Web-based and mobile-based applications for health behavior change. Purple contains features required to construct applications and to manage and evaluate research trials using these applications. Core functionality of Purple includes elements that support user management, content authorship, content delivery, and data management. We discuss the history and development of the Purple system guided by the rationale of producing a system that allows greater collaboration and understanding across research teams interested in investigating similar questions and using similar methods. Purple provides a useful tool to meet the needs of stakeholders involved in the creation, provision, and usage of eHealth and mHealth applications. Housed in a non-profit, academic institution, Purple also offers the potential to facilitate the diffusion of knowledge across the research community and improve our capacity to deliver useful and usable applications that support the behavior change of end users.     

SANDS: a service-oriented architecture for clinical decision support in a National Health Information Network

In this paper, we describe and evaluate a new distributed architecture for clinical decision support called SANDS (Service-oriented Architecture for NHIN Decision Support), which leverages current health information exchange efforts and is based on the principles of a service-oriented architecture. The architecture allows disparate clinical information systems and clinical decision support systems to be seamlessly integrated over a network according to a set of interfaces and protocols described in this paper. The architecture described is fully defined and developed, and six use cases have been developed and tested using a prototype electronic health record which links to one of the existing prototype National Health Information Networks (NHIN): drug interaction checking, syndromic surveillance, diagnostic decision support, inappropriate prescribing in older adults, information at the point of care and a simple personal health record. Some of these use cases utilize existing decision support systems, which are either commercially or freely available at present, and developed outside of the SANDS project, while other use cases are based on decision support systems developed specifically for the project. Open source code for many of these components is available, and an open source reference parser is also available for comparison and testing of other clinical information systems and clinical decision support systems that wish to implement the SANDS architecture.The SANDS architecture for decision support has several significant advantages over other architectures for clinical decision support. The most salient of these are:

1. Greater modularity than other architectures, allowing for work to be distributed.

2. The potential for creating and sustaining a commercial market for clinical decision support.

3. Reduced cost and risk of trying new decision support systems because of its ability to easily integrate a variety of decision support services, and to easily remove them, if desired, as well.

4. Significant freedom for developers of clinical decision support systems to choose the way they represent knowledge and internally implement their system, in comparison to other approaches which constrain such developers to a particular knowledge representation formalism.

5. Unification of the direction and agenda of decision support research and development with promising near-term efforts to improve interoperability of clinical systems.

A modular approach to disease registry design: Successful adoption of an internet-based rare disease registry

There is a need to develop Internet‐based rare disease registries to support health care stakeholders to deliver improved quality patient outcomes. Such systems should be architected to enable multiple‐level access by a range of user groups within a region or across regional/country borders in a secure and private way. However, this functionality is currently not available in many existing systems. A new approach to the design of an Internet‐based architecture for disease registries has been developed for patients with clinical and genetic data in geographical disparate locations. The system addresses issues of multiple‐level access by key stakeholders, security and privacy. The system has been successfully adopted for specific rare diseases in Australia and is open source. The results of this work demonstrate that it is feasible to design an open source Internet‐based disease registry system in a scalable and customizable fashion and designed to facilitate interoperability with other systems. © 2012 Wiley Periodicals, Inc.     

Implementing partnership-driven clinical federated electronic health record data sharing networks

ObjectiveBuilding federated data sharing architectures requires supporting a range of data owners, effective and validated semantic alignment between data resources, and consistent focus on end-users. Establishing these resources requires development methodologies that support internal validation of data extraction and translation processes, sustaining meaningful partnerships, and delivering clear and measurable system utility. We describe findings from two federated data sharing case examples that detail critical factors, shared outcomes, and production environment results.MethodsTwo federated data sharing pilot architectures developed to support network-based research associated with the University of Washington’s Institute of Translational Health Sciences provided the basis for the findings. A spiral model for implementation and evaluation was used to structure iterations of development and support knowledge share between the two network development teams, which cross collaborated to support and manage common stages.ResultsWe found that using a spiral model of software development and multiple cycles of iteration was effective in achieving early network design goals. Both networks required time and resource intensive efforts to establish a trusted environment to create the data sharing architectures. Both networks were challenged by the need for adaptive use cases to define and test utility.ConclusionAn iterative cyclical model of development provided a process for developing trust with data partners and refining the design, and supported measureable success in the development of new federated data sharing architectures.     

Hidden concerns of sharing research data by low/middle-income country scientists

There has considerable interest in bringing low/middle-income countries (LMIC) scientists into discussions on Open Data – both as contributors and users. The establishment of in situ data sharing practices within LMIC research institutions is vital for the development of an Open Data landscape in the Global South. Nonetheless, many LMICs have significant challenges – resource provision, research support and extra-laboratory infrastructures. These low-resourced environments shape data sharing activities, but are rarely examined within Open Data discourse. In particular, little attention is given to how these research environments shape scientists’ perceptions of data sharing (dis)incentives. This paper expands on these issues of incentivizing data sharing, using data from a quantitative survey disseminated to life scientists in 13 countries in sub-Saharan Africa. This interrogated not only perceptions of data sharing amongst LMIC scientists, but also how these are connected to the research environments and daily challenges experienced by them. The paper offers a series of analysis around commonly cited (dis)incentives such as data sharing as a means of improving research visibility; sharing and funding; and online connectivity. It identifies key areas that the Open Data community need to consider if true openness in research is to be established in the Global South.     

A case for using grid architecture for state public health informatics: the Utah perspective

This paper presents the rationale for designing and implementing the next-generation of public health information systems using grid computing concepts and tools. Our attempt is to evaluate all grid types including data grids for sharing information and computational grids for accessing computational resources on demand. Public health is a broad domain that requires coordinated uses of disparate and heterogeneous information systems. System interoperability in public health is limited. The next-generation public health information systems must overcome barriers to integration and interoperability, leverage advances in information technology, address emerging requirements, and meet the needs of all stakeholders. Grid-based architecture provides one potential technical solution that deserves serious consideration. Within this context, we describe three discrete public health information system problems and the process by which the Utah Department of Health (UDOH) and the Department of Biomedical Informatics at the University of Utah in the United States has approached the exploration for eventual deployment of a Utah Public Health Informatics Grid. These three problems are: i) integration of internal and external data sources with analytic tools and computational resources; ii) provide external stakeholders with access to public health data and services; and, iii) access, integrate, and analyze internal data for the timely monitoring of population health status and health services. After one year of experience, we have successfully implemented federated queries across disparate administrative domains, and have identified challenges and potential solutions concerning the selection of candidate analytic grid services, data sharing concerns, security models, and strategies for reducing expertise required at a public health agency to implement a public health grid.     

Trustworthy reuse of health data: A transnational perspective

BackgroundThe widespread adoption of electronic health records (EHRs) is accelerating the collection of sensitive clinical data. The availability of these data raises privacy concerns, yet sharing the data is essential for public health, longitudinal patient care, and clinical research.MethodFollowing previous work in the United States [1], [2], the International Medical Informatics Association convened the 2012 European Summit on Trustworthy Reuse of Health Data. Over 100 delegates representing national governments, academia, patient groups, industry, and the European Commission participated. In all, 21 countries were represented. The agenda was designed to solicit a wide range of perspectives on trustworthy reuse of health data from the participants.Results and conclusionsDelegates agreed that the “government” should provide oversight, that the reuse should be “fully regulated,” and that the patient should be “fully informed.” One important reflection was that doing nothing will have negative implications across the European Union (EU). First, continued fragmented parallel non-standards-based developments in multiple sectors entail a substantial duplication of costs and human effort. Second, a failure to work jointly across the stakeholders on common policy frameworks will forego a crucial opportunity to boost key EU markets (pharmaceuticals, health technology and devices, and eHealth solutions) and counter global competition. Finally, and crucially, the lack of harmonized policy across EU nations for trustworthy reuse of health data risks patient safety. The productive dialog, initiated with multiple stakeholders from government, academia, and industry, will have to continue, in order to address the many remaining issues outlined in this white paper.     

Securing electronic health records without impeding the flow of information

OBJECTIVE: We present an integrated set of technologies, known as the Hippocratic Database, that enable healthcare enterprises to comply with privacy and security laws without impeding the legitimate management, sharing, and analysis of personal health information. APPROACH: The Hippocratic Database approach to securing electronic health records involves (1) active enforcement of fine-grained data disclosure policies using query modification techniques, (2) efficient auditing of past database access to verify compliance with policies and track security breaches, (3) data mining algorithms that preserve privacy by randomizing information at the individual level, (4) de-identification of personal health data using an optimal method of k-anonymization, and (5) information sharing across autonomous data sources using cryptographic protocols. CONCLUSIONS: Our research confirms that policies concerning the disclosure of electronic health records can be reliably and efficiently enforced and audited at the database level. We further demonstrate that advanced data mining and anonymization techniques can be employed to analyze aggregate health records without revealing individual patient identities. Finally, we show that web services and commutative encryption can be used to share sensitive information selectively among autonomous entities without compromising security or privacy.     

Assessment and the Journal of Clinical Child and Adolescent Psychology’s Evidence Base Updates Series: Evaluating the Tools for Gathering Evidence

In 2014, Michael Southam-Gerow and Mitch Prinstein launched the Evidence Base Updates series. As invited contributors, authors of Evidence Base Updates articles offer the field an invaluable resource: regular evaluations of the latest data on tools for addressing the mental health needs of children and adolescents. Until now, authors of Evidence Base Updates articles have focused exclusively on evaluating treatment techniques. In this article, we outline how the Evidence Base Updates series will evolve to also include evaluations of assessment techniques. In our treatment-focused updates, contributors follow strict criteria when evaluating the evidence. Following these criteria allows authors of Evidence Base Updates articles to provide mental health professionals with clear “take-home messages” about the evidence underlying the treatments evaluated. Similarly, we outline the criteria that authors will follow when preparing Evidence Base Updates articles that evaluate assessments. We also highlight the formats of these articles, which will include evaluations of condition-focused measures (e.g., anxiety, conduct problems); transdiagnostic constructs (e.g., parenting, rumination); specific, widely used measures that cut across conditions; and updates on field-wide considerations regarding measurement (e.g., clinical utility, incremental validity).