650 likes | 836 Vues
Integrating the Healthcare Enterprise. IHE IT Infrastructure New Integration Profiles. Charles Parisot, GE Healthcare IHE IT Infrastructure co-chair. www.IHE-europe.org W W W . I H E . N E T. Providers and Vendors Coming Together to Deliver Interoperable Health Information Systems
E N D
Integrating the Healthcare Enterprise IHE IT Infrastructure New Integration Profiles • Charles Parisot, GE Healthcare • IHE IT Infrastructure co-chair IHE EU-Conference & Workshop
www.IHE-europe.org W W W . I H E . N E T Providers and Vendors Coming Together to Deliver Interoperable Health Information Systems Within and Between Enterprises and Settings IHE EU-Conference & Workshop
IHE IT Infrastructure 2003-2004 IHE IT Infrastructure 2003-2004 IHE IT Infrastructure 2004-2005 Personnel White Page New Access to workforcecontact information New Retrieve Information for Display Retrieve Information for Display Retrieve Information for Display Cross-Enterprise Document Sharing Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Registration, distribution and access across health enterprises of clinical documents forming a patient electronic health record Patient Demographics Query New Audit Trail & Node Authentication Patient Synchronized Applications Patient Synchronized Applications New Centralized privacy audit trail and node to node authentication to create a secured domain. Synchronize multiple applications on a desktop to the same patient Synchronize multiple applications on a desktop to the same patient Patient Identifier Cross-referencing for MPI Patient Identifier Cross-referencing for MPI Enterprise User Authentication Enterprise User Authentication Consistent Time Consistent Time Provide users a single nameand centralized authentication processacross all systems Provide users a single nameand centralized authentication processacross all systems Map patient identifiers across independent identification domains Map patient identifiers across independent identification domains Coordinate time across networked systems Coordinate time across networked systems IHE EU-Conference & Workshop
IHE IT Infrastructure 2004-2005 Personnel White Page New Access to workforcecontact information New Retrieve Information for Display Retrieve Information for Display Cross-Enterprise Document Sharing Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Patient Demographics Query New Audit Trail & Node Authentication Registration, distribution and access across health enterprises of clinical documents forming a distributed patient electronic health record New Centralized privacy audit trail and node to node authentication to create a secured domain. Enterprise User Authentication Enterprise User Authentication Consistent Time Provide users a single nameand centralized authentication processacross all systems Coordinate time across networked systems Patient Synchronized Applications Synchronize multiple applications on a desktop to the same patient Patient Identifier Cross-referencing for MPI Map patient identifiers across independent identification domains IHE EU-Conference & Workshop
Introduction: EHR Cross-Enterprise Document Sharing First step towards the longitudinal dimension of the EHR Focus: Support document sharing between EHRs in different care settings and organizations IHE EU-Conference & Workshop
Typically, a patient goes through a sequence of encounters in different Care Settings Long Term Care Acute Care (Inpatient) Other Specialized Care(incl. Diagnostics Services) GPs and Clinics (Ambulatory) Continuity of Care: Patient Longitudinal Record IHE EU-Conference & Workshop
community Hospital Record Laboratory Results Specialist Record Records Sent Clinical Encounter Finding the records of a patient-Manual & tedious The challenge: Finding and accessing easily documents from other care providers In the community. Clinical IT System IHE EU-Conference & Workshop
Sharing records that have been published community Hospital Record Laboratory Results Reference to records Specialist Record 4-Patient data presented to Physician Temporary Aggregate Patient History Index of patients records (Document-level) 3-Records Returned Clinical IT System Sharing System 2-Reference to Records for Inquiry 1-Patient Authorized Inquiry Clinical Encounter IHE EU-Conference & Workshop
Building and accessing Documents DocumentRepository Submission of Document References Retrieve of selected Documents Documents Registry EHR-LR:Longitudinal Recordas usedacross-encounters Long Term Care Acute Care (Inpatient) Other Specialized Careor Diagnostics Services PCPs and Clinics (Ambulatory) EHR-CR: Care Record systemssupporting care delivery IHE EU-Conference & Workshop
XDS – Value Proposition • Foundation for Health IT Infrastructures: Shared Electronic Health Record, in a community, region, etc. • Effective means to contribute and access clinical documents across health enterprises. • Scalable sharing of documents between private physicians, clinics, long term care, pharmacy, acute care with different clinical IT systems. • Easy access: Care providers are offered means to query and retrieve clinical documents of interest. IHE EU-Conference & Workshop
XDS - Value Proposition • Distributed: Each Care delivery organization “publishes” clinical information for others. Actual documents may remain in the source EHR-CR. • Cross-Enterprise: A Registry provides an index for published information to authorized care delivery organizations belonging to the same clinical affinity domain (e.g. an LHII). • Document Centric: Published clinical data is organized into “clinical documents”. using agreed standard document types (HL7-CDA, ASTM-CCR, PDF, DICOM, etc.) • Document Content Neutral: Document content is processed only by source and consumer IT systems. • Standardized Registry Attributes:Queries based on meaningful attributes ensure deterministic document searches. IHE EU-Conference & Workshop
IHE XDS Integration Profile: Key Concepts • XDS Document • XDS Submission Set • XDS Folder IHE EU-Conference & Workshop
Document Repository and RegistryExample of Submission Request Submission Request Folder A SubmissionSet 1 DocumentEntry DocumentEntry Document Document Document Registry Document Repositories IHE EU-Conference & Workshop
IHE XDS Integration Profile: Key Concepts XDS Document • A set of attested clinical information (structured or not) which form an element of a patient record to be shared. It may already exist within the source IT system. XDS Submission Set • A set of documents related to a patient that a (team of) clinician(s) in the same source system have decided to make available to potential consumers. XDS Folder A means to group documents for a number of other reasons: • Team work across several physicians, • Episode of care, • Emergency information for a patient, etc. XDS leaves open the use of folders to affinity domain clinicians. IHE EU-Conference & Workshop
Cardiac Care Scenario (1) IHE EU-Conference & Workshop
Cardiac Care Scenario (2) IHE EU-Conference & Workshop
Acteurs et Transactions du profil XDS IHE EU-Conference & Workshop
IHE-XDS = SouplesseArchitecture Centralisée Document Consumer Document Consumer Document Consumer Document Source Document Source Document Source IHE EU-Conference & Workshop
IHE-XDS = SouplesseArchitecture Décentralisée Document Consumer Document Consumer Document Consumer Document Repository Document Repository Document Repository Document Source Document Source Document Source IHE EU-Conference & Workshop
IHE-XDS = SouplesseArchitecture Mixte Document Consumer Document Consumer Document Consumer Document Repository Document Repository Document Repository Document Source Document Source Document Source Document Source Document Source Document Source IHE EU-Conference & Workshop
Patient Access also possible • A patient accesses own record: • Query and Retrieve a set of documents using for example a portal application that offers the ability to display documents’ content. • This is a particular case of an EHR-CR, where the patient is interested her/his own care. Patient may also register and provide documents. IHE EU-Conference & Workshop
Sélection de normes pour le XDS IHE Aucune norme ne peut traiter à elle seule le partage de documents inter-entreprise Normes sur les affaires électroniques ebXML, SOAP, etc. Normes sur l’Internet HTML, HTTP,ISO, PDF, JPEG, etc. Normes sur le contenu des soins de santé HL7 CDA, CEN EHRcomASTM CCRDICOM, etc. Le mariage des normes sur les soins de santé facilite la mise en œuvre et optimise les technologies auxiliaires(p. ex. sécurité et confidentialité). IHE EU-Conference & Workshop
IHE Cross-Enterprise Document Sharing • IHE XDS is a critical element to enable sharing of health information between EHR Systems. • Access Control and Doc Content Profiles are on the IHE Roadmap for 2005. • In collaboration with well established standards bodies (HL7, ASTM, CEN, OASIS, IETF, DICOM, etc.) and other EHR related initiatives world-wide (EuroREC, etc.), IHE is contributing to a more cost-effective and rapid deployment of community, regional and national health IT infrastructures. IHE EU-Conference & Workshop
How real is XDS ? • Specification work since Nov 2003 • Public Comments June-July 2004 • 600 constructive comments received. • Validity of XDS approach confirmed around the world. • Stable specification IHE Technical Framework Published Aug 15th, 2004 (TI Supplement) • IHE Connectathon - January 2005 (USA)-17 vendors • HIMSS Feb 2005 - show-wide demonstration • IHE Connectathon - April 2005 (Europe)-27 vendors Several Implementation Projects by health authorities in 2005 IHE EU-Conference & Workshop
HIMSS 2005 Interoperability Showcase HIMSS leverages its sponsorship of IHE to demonstrate practical interoperability in two large Showcase Exhibits: • cross-enterprise sharing of health information in the acute care (18 vendors) and ambulatory (14 vendors). • HIMSS Showcaseexhibitslinked with vendor booths (10 vendors) show-wide. • Show-wide interactive environment demonstrating attendees “patient” record in a “HIMSS RHIO”. Uses IHE Cross-enterprise Document Sharing: • Around a central document registry • Distributed document repositories • 17 EHR that publish/share documents (CCR, CDA, HL7-lab, PDF) IHE EU-Conference & Workshop
Exposition d’interopérabilité HIMSS 2005 • Organisée par HIMSS, un des sponsors IHE aux USA. • Intégrant les milieux hospitaliers et ambulatoires : • partage inter-entreprise de l’information de santé entre les milieux de soins hospitaliers et ambulatoires. • Intégrant les dossier patient électroniques sur les stands des fournisseurs: • milieu hautement interactif, basé sur les normes, visant à démontrer l’interopérabilité pratique entre les entreprises de soins. IHE EU-Conference & Workshop
Exposition d’interopérabilité HIMSS 2005 • Visiteurs géreront leur dossier de soin électronique au sein du « réseau régional HIMSS ». • Environnement communiquant s’appuyant sur le profil IHE Cross-enterprise Document Sharing: • Bati autour d’un « XDS document registry » central. • Des « XDS document repositories » distribués. • 17 DES qui publient/partagent divers documents (Résumé Patient-CCR, HL7-CDA, HL7-lab, PDF). IHE EU-Conference & Workshop
HIMSS 2005 Interoperability Showcases HIMSS sponsors the testing and demonstration of IHE interoperability in two large Showcase Exhibits: • cross-enterprise sharing of health information in the acute care, 20 vendors: Cedara Gusrada/Care Science NIST Dictaphone IDX Novell Eastman Kodak InterSystems Open Text Eclipsys Infinitt Sentillion Emageon Kryptiq Siemens Epic MedCommons Univ. Of Washington GE Healthcare Mortara Instruments • ambulatory sharing of health information, 13 vendors: Allscripts GE Healthcare MidMark CapMed/SanDisk IDX NextGen Cerner Krytiq WebMD Eclipsys MedcomSoft ETIAM MediNotes IHE EU-Conference & Workshop
Cross-enterprise Showcase Booth ITInfrastructure Radiology Vendor Booth Vendor Booth Vendor Booth Vendor Booth Vendor Booth Vendor Booth In-Patient/Out-patient Cardiology PCP Diag Center MultispecialtyClinic Home Vendor Booth Ambulatory Showcase Booth Vendor Booth Vendor System HIMSS 2005 – Show-Wide Interoperability Allscripts CapMed Cerner Eclipsys GE Healthcare IDX Infinitt InterSystems Krytiq MedCommons MediNotes NextGen OpenText Siemens WebMD HIMSS “RHIO” with Cross-enterprisedoc sharing IHE EU-Conference & Workshop
Sécurité pour XDSSe base sur le Profil IHE Audit Trail & Node Authentication • ATNA crée un domaine sécurisé sur internet: • User Accountability (Audit trail) • Node-to-Node Access Control • Node-level user authentication • Les Contrôles d’accèsutilisateurs sont prévuspour 2005. Patient Identity Source Secured Node Patient Identity Feed Secured Node Query Documents Document Consumer Document Registry Secured Node Register Document Set Provide&RegisterDocument Set Retrieve Document Secured Node Document Repository Document Source Secured Node Secured Node IHE EU-Conference & Workshop
Imaging Information Content Continuity of Care Document Content For Display Document Content Lab Results Document Content Personnel White Page Access to workforcecontact information Format of the Document Content and associated coded vocabulary Format of the Document Content Format of the Document Content and associated coded vocabulary Format of the Document Content and associated coded vocabulary Patient Identifier Cross-referencing Cross-Enterprise Document Sharing Cross-Enterprise Notification Map patient identifiers across independent identification domains Notification of a remote provider/ health enterprise Registration, distribution and access across health enterprises of clinical documents forming a patient electronic health record Patient Demographics Query Audit Trail & Node Authentication Centralized privacy audit trail and node to node authentication to create a secured domain. User Identity, Authentication and Permissions Consistent Time Enable Basic Access Control Coordinate time across networked systems Profils IHE pour un Réseau Régional Info de SantéCe qui est disponible et ce qui le sera en 2005Profils d’Intégration prévus pour 2005 IHE EU-Conference & Workshop
Personnel White Page New Access to workforcecontact information New Retrieve Information for Display Retrieve Information for Display Cross-Enterprise Document Sharing Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Registration, distribution and access across health enterprises of clinical documents forming a patient electronic health record Patient Demographics Query New Audit Trail & Node Authentication New Centralized privacy audit trail and node to node authentication to create a secured domain. Enterprise User Authentication Enterprise User Authentication Consistent Time Provide users a single nameand centralized authentication processacross all systems Coordinate time across networked systems IHE IT Infrastructure 2004-2005 Retrieval of a patient list including patient names, identifiers, contacts, and visit information Patient Synchronized Applications Synchronize multiple applications on a desktop to the same patient Patient Identifier Cross-referencing for MPI Patient Identifier Cross-referencing for MPI Map patient identifiers across independent identification domains Map patient identifiers across independent identification domains IHE EU-Conference & Workshop
Patient Demographics QueryAbstract/Scope • Allow quick retrieval of a patient list including common patient names, identifiers, contacts, and visit information • Enable selection of correct patient when full identification data may not be available • Limits access to only a subset of demographic and visit information IHE EU-Conference & Workshop
Patient Demographics QueryValue Proposition • Enables access on demand to diverse systems and devices • Participants that do not need continual synchronization of patient registration information • Devices that cannot participate in monitoring of ADT feeds, e.g.: • Small-footprint devices • Low-memory devices IHE EU-Conference & Workshop
Patient Demographics QueryValue Proposition (cont’d) • Allow search on full or partial data • Retrieve information from any domain to which the client has query access • Allows use of matching algorithm (e.g., soundex) to find near matches IHE EU-Conference & Workshop
Patient Demographics QueryTransaction Diagram A departmental system that is connected on demand to the registration system. Diverse systems including bedside monitors, physician office systems, lab applications, mobile blood bank registries; might be any system at the point of contact. IHE EU-Conference & Workshop
Patient Demographics QueryStandards Used • Employs HL7 Conformance Based Queries • Defined in HL7 Version 2.5, Chapter 5 • Profiles Query by Parameter (QBP^Q22) with Segment Pattern Response (RSP^K22) IHE EU-Conference & Workshop
IHE IT Infrastructure 2004-2005 Personnel White Page New Access to workforcecontact information New Retrieve Information for Display Retrieve Information for Display Cross-Enterprise Document Sharing Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Access a patient’s clinical information and documents in a format ready to be presentedto the requesting user Registration, distribution and access across health enterprises of clinical documents forming a patient electronic health record Patient Demographics Query New Audit Trail & Node Authentication New Centralized privacy audit trail and node to node authentication to create a secured domain. Enterprise User Authentication Enterprise User Authentication Consistent Time Provide users a single nameand centralized authentication processacross all systems Coordinate time across networked systems Patient Synchronized Applications Synchronize multiple applications on a desktop to the same patient Patient Identifier Cross-referencing for MPI Patient Identifier Cross-referencing for MPI Map patient identifiers across independent identification domains Map patient identifiers across independent identification domains IHE EU-Conference & Workshop
IHE and “HIPAA Style” Security • User Identity PWP, EUA • User AuthenticationEUA • Node AuthenticationATNA • Security Audit TrailsATNA • Data Integrity ControlsCT, ATNA TLS option • Data ConfidentialityATNA TLS option • Access ControlsFuture item in IHE roadmap IHE EU-Conference & Workshop
Scope • Defines basic security features for an individual system for use as part of the security and privacy environment for a healthcare enterprise. • Extends the IHE radiology oriented Basic Security profile (defined in 2002) to be applicable to other healthcare uses. • Supports two categories of network environments • First of a family of profiles with different kinds of authentication. IHE EU-Conference & Workshop
ATNA Profile - Value Proposition • Protect Patient Privacy and System Security: • Meet ethical and regulatory requirements • Enterprise Administrative Convenience: • Unified and uniform auditing system • Common approach from multiple vendors simplifies definition of enterprise policies and protocols. • Common approach simplifies administration • Development and support cost reduction through Code Re-use: • Allows vendors to leverage single development effort to support multiple actors • Allows a single development effort to support the needs of different security policies and regulatory environments. IHE EU-Conference & Workshop
Security requirements • Reasons: Clinical Use and Privacy • authorized persons must have access to medical data of patients, and the information must not be disclosed otherwise. • Unauthorized persons should not be able to interfere with operations or modify data • By means of procedures and security mechanisms, guarantee: • Confidentiality • Integrity • Availability • Authenticity IHE EU-Conference & Workshop
IHE Goal with ATNA IHE makes cross-node security management easy: • Only a simple manual certificate installation is needed. • Separate the authentication, authorization, and accountability functions to accommodate the needs of different approaches. • Enforcement driven by ‘a posteriori audits’ and real-time visibility. IHE EU-Conference & Workshop
Integrating trusted nodes • Local access control (authentication of user) • Strong authentication of remote node (digital certificates) • network traffic encryption is not required, it is optional • Audit trail with: • Real-time access • Time synchronization Secured System Secured System Secure network System B System A Central Audit TrailRepository IHE EU-Conference & Workshop
Secured Domain: integrating trusted nodes Other Actors Other Actors Other Actors Other Actors Secured Node Actor Central Audit TrailRepository Other Actors Other Actors Other Actors Other Actors TimeServer Secured Node Actor Secured Node Actor Secure Node Actor IHE EU-Conference & Workshop
IHE Audit Trail EventsCombined list of IETF and DICOM events IHE EU-Conference & Workshop
IHE Audit Trail EventsCombined list of IETF and DICOM events IHE EU-Conference & Workshop
IHE Audit Trail EventsCombined list of IETF and DICOM events IHE EU-Conference & Workshop
Authenticate Node transaction • X.509 certificates for node identity and keys • TCP/IP Transport Layer Security Protocol (TLS) for node authentication, and optional encryption • Secure handshake protocol of both parties during Association establishment: • Identify encryption protocol • Exchange session keys • Actor must be able to configure certificate list of authorized nodes. • ATNA presently specifies mechanisms for HTTP, DICOM, and HL7 IHE EU-Conference & Workshop
Record Audit Event transaction • Reliable Syslog (RFC 3195) is the preferred transport for Audit Records, although BSD Syslog protocol (RFC 3164) is permitted for backward compatibility with Radiology Basic Security. • Audit trail events and content based on IETF, DICOM, HL7, and ASTM standards. Also, Radiology Basic Security audit event format is allowed for backward compatibility. IHE EU-Conference & Workshop