This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.
Matched MeSH terms: Electronic Health Records/organization & administration*
The use of open source software in health informatics is increasingly advocated by authors in the literature. Although there is no clear evidence of the superiority of the current open source applications in the healthcare field, the number of available open source applications online is growing and they are gaining greater prominence. This repertoire of open source options is of a great value for any future-planner interested in adopting an electronic medical/health record system, whether selecting an existent application or building a new one. The following questions arise. How do the available open source options compare to each other with respect to functionality, usability and security? Can an implementer of an open source application find sufficient support both as a user and as a developer, and to what extent? Does the available literature provide adequate answers to such questions? This review attempts to shed some light on these aspects.
Matched MeSH terms: Electronic Health Records/organization & administration*
This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.
Matched MeSH terms: Electronic Health Records/organization & administration*
A target of telehealth is to maintain or improve the health of people outside the normal healthcare infrastructure. A modern paradigm in healthcare, and one which fits perfectly with telehealth, is "person self-monitoring", and this fits with the concept of "personal health record" (PHR). One factor in maintaining health is to monitor physiological parameters; this is of course especially important in people with chronic maladies such as diabetes or heart disease. Parameters to be monitored include blood pressure, pulse rate, temperature, weight, blood glucose, oxygen saturation, electrocardiogram (ECG), etc. So one task within telehealth would be to help monitor an individual's physiological parameters outside of healthcare institutions and store the results in a PHR in a way which is available, comprehensible and beneficial to the individual concerned and to healthcare providers. To date many approaches to this problem have been fragmented - emphasizing only part of the problem - or proprietary and not freely verifiable. We describe a framework to approach this task; it emphasizes the implementation of standards for data acquisition, storage and transmission in order to maximize the compatibility among disparate components, e.g. various PHR systems. Data from mobile biosensors is collected on a smartphone using the IEEE 11073 standard where possible; the data can be stored in a PHR on the phone (using standard formats) or can be converted in real-time into more useful information in the PHR, which is based on the International Classification for Primary Care (ICPC2e). The phone PHR data or information can be uploaded to a central online PHR using either the Wi-Fi or GSM transmission protocol together with the Continuity of Care Record message format (CCR, ASTM E2369).
Matched MeSH terms: Electronic Health Records/organization & administration*
This work investigates, whether openEHR with its reference model, archetypes and templates is suitable for the digital representation of demographic as well as clinical data. Moreover, it elaborates openEHR as a tool for modelling Hospital Information Systems on a regional level based on a national logical infrastructure. OpenEHR is a dual model approach developed for the modelling of Hospital Information Systems enabling semantic interoperability. A holistic solution to this represents the use of dual model based Electronic Healthcare Record systems. Modelling data in the field of obstetrics is a challenge, since different regions demand locally specific information for the process of treatment. Smaller health units in developing countries like Brazil or Malaysia, which until recently handled automatable processes like the storage of sensitive patient data in paper form, start organizational reconstruction processes. This archetype proof-of-concept investigation has tried out some elements of the openEHR methodology in cooperation with a health unit in Colombo, Brazil. Two legal forms provided by the Brazilian Ministry of Health have been analyzed and classified into demographic and clinical data. LinkEHR-Ed editor was used to read, edit and create archetypes. Results show that 33 clinical and demographic concepts, which are necessary to cover data demanded by the Unified National Health System, were identified. Out of the concepts 61% were reused and 39% modified to cover domain requirements. The detailed process of reuse, modification and creation of archetypes is shown. We conclude that, although a major part of demographic and clinical patient data were already represented by existing archetypes, a significant part required major modifications. In this study openEHR proved to be a highly suitable tool in the modelling of complex health data. In combination with LinkEHR-Ed software it offers user-friendly and highly applicable tools, although the complexity built by the vast specifications requires expert networks to define generally excepted clinical models. Finally, this project has pointed out main benefits enclosing high coverage of obstetrics data on the Clinical Knowledge Manager, simple modelling, and wide network and support using openEHR. Moreover, barriers described are enclosing the allocation of clinical content to respective archetypes, as well as stagnant adaption of changes on the Clinical Knowledge Manager leading to redundant efforts in data contribution that need to be addressed in future works.
Matched MeSH terms: Electronic Health Records/organization & administration*
This study distinguished between the application of e-health and m-health technologies in sub-Saharan African (SSA) countries based on the dimensions of use, targeted diseases or health conditions, locations of use, and beneficiaries (types of patients or health workers) in a country specific context. It further characterized the main opportunities and challenges associated with these dimensions across the sub-region. A systematic review of the literature was conducted on 66 published peer reviewed articles. The review followed the scientific process of the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines of identification, selection, assessment, synthesis and interpretation of findings. The results of the study showed that m-health was prevalent in usage for promoting information for treatment and prevention of diseases as well as serving as an effective technology for reminders towards adherence. For e-health, the uniqueness lay in data acquisition and patients' records management; diagnosis; training and recruitment. While m-health was never used for monitoring or training and recruitment, e-health on the other hand could not serve the purpose of reminders or for reporting cases from the field. Both technologies were however useful for adherence, diagnosis, disease control mechanisms, information provision, and decision-making/referrals. HIV/AIDS, malaria, and maternal (postnatal and antenatal) healthcare were important in both m-health and e-health interventions mostly concentrated in the rural settings of South Africa and Kenya. ICT infrastructure, trained personnel, illiteracy, lack of multilingual text and voice messages were major challenges hindering the effective usage of both m-health and e-health technologies.
Matched MeSH terms: Electronic Health Records/organization & administration*