RSS-Feed abonnieren
DOI: 10.3414/ME9121
Model-based Design of Clinical Information Systems
Publikationsverlauf
Publikationsdatum:
20. Januar 2018 (online)
Summary
Objective: The goal of this research is to provide a framework to enable the model-based development, simulation, and deployment of clinical information system prototypes with mechanisms that enforce security and privacy policies.
Methods: We developed the Model-Integrated Clinical Information System (MICIS), a software toolkit that is based on model-based design techniques and highlevel modeling abstractions to represent complex clinical workflows in a service-oriented architecture paradigm. MICIS translates models into executable constructs, such as web service descriptions, business process execution language procedures, and deployment instructions. MICIS models are enriched with formal security and privacy specifications, which are enforced within the execution environment.
Results: We successfully validated our design platform by modeling multiple clinical workflows and deploying them onto the execution platform.
Conclusions: The model-based approach shows great promise for developing, simulating, and evolving clinical information systems with formal properties and policy restrictions.
-
References
- 1 Kaushal A, Jha A, Franz C, Glaser J, Shetty K, Jaggi T. et al. Return on investment for a computerized physician order entry system. J Am Med Inform Assoc 2006; 13 (03) 261-266.
- 2 Shabo A. A global socio-economic-medico-legal model for the sustainability of longitudinal electronic health records. Methods Inf Med 2006; 45 (03) 240-245.
- 3 Simon SJ, Simon SJ. An examination of the financial feasibility of Electronic Medical Records (EMRs): a case study of tangible and intangible benefits. Int J Med Inform 2006; 2 (02) 185-200.
- 4 Menachemi N, Brooks RG. Reviewing the benefits and costs of electronic health records and as-sociated patient safety technologies. J Med Syst 2006; 30 (03) 159-168.
- 5 Lo HG, Newmark LP, Yoon C, Volk LA, Carlson VL, Kittler AF. et al. Electronic health records in specialty care: a time-motion study. J Am Med Inform Assoc 2007; 14 (05) 609-615.
- 6 Pizziferri L, Kittler AF, Volk LA, Honour MM, Gupta S, Wang T. et al. Primary care physician time utilization before and after implementation of an electronic health record: a time-motion study. J Biomed Inform 2005; 38 (03) 176-188.
- 7 Silver MR, Lusk R. Patient safety: a tale of two systems. Qual Manag Health Care 2002; 10 (02) 12-22.
- 8 Frank L, Galanos H, Penn S, Wetz Jr HF. Using BPI and emerging technology to improve patient safety. J Healthc Inf Manag 2004; 18 (01) 65-71.
- 9 Shepherd M, Zitner D, Watters C. Medical portals: web-based access to medical information. In: Sprague, RH Jr. (ed.).. Proceedings of the 33rd Annual Hawaii International Conference on System Sciences (HICSS-33); 2000 Jan 4-7; Maui, HI. New York: IEEE Computer Society; 2000. pp 5003-5013.
- 10 Barnett GO, Barry MJ, Robb-Nicholson C, Morgan M. Overcoming information overload: an information system for the primary care physician. In: Fieschi M, Coiera E, LiY C. (eds.). Proceedings of the 11th World Congress on Medical Informatics (Medinfo 2004);. 2004 Sept 7-11; San Francisco, CA. Amsterdam: IOS Press; 2004. 11 Pt 1 273-276.
- 11 Masys D, Baker D, Butros A, Cowles KE. Giving patients access to their medical records: the PCASSO experience. J Am Med Inform Assoc 2002; 9: 181-191.
- 12 Cimino JJ, Patel VL, Kushniruk AW. The patient clinical information system (PatCIS): technical solutions for and experience with giving patients access to their electronic medical records. Int J Med Inform 2002; 68: 113-127.
- 13 U.S.. Department of Health and Human Services. Standards for privacy of individually identifiable health information; Final Rule. Federal Register, 2002 Aug 12; 45 CFR: Parts 160-164.
- 14 U.S.. Department of Health and Human Services, Office for Civil Rights. Standards for protection of electronic health information; Final Rule. Federal Register, 2003 Feb 20; 45 CFR: Part 164.
- 15 Yanchuk A, Ivanyukovich A, Marchese M. Towards a mathematical foundation for serviceoriented applications design [cited 2008 Jul 21]. Available from: http://www.science.unitn.it/~marchese/pdf/Towards_SOAD_JoS_06.pdf
- 16 Portier B. SOA terminology overview, Part 1: Service, architecture, governance, and business terms [cited 2008 Jul 21]. Available from: http://www-128.ibm.com/developerworks/library/wssoa-term1/index.html
- 17 Portier B. SOA terminology overview, Part 2: Development processes, models, and assets [cited 2008 Jul 21]. Available from: http://www-128.ibm.com/developerworks/library/ws-soa-term2/index.html
- 18 Gray J. A conversation with Werner Vogels, CTO, Amazon.com. Web Services. 2006 [cited 2008 Jul 21]. Available from: http://portal.acm.org/ft_gateway.cfm?id=1142065&type=pdf
- 19 Service-Oriented Architecture [cited 2008 Jul 21]. Available from: http://www.oracle.com/ technologies/soa/index.html
- 20 Service-Oriented Architecture (SOA) [cited 2008 Jul 21]. Available from: http://www.sun.com/ products/soa/index.jsp
- 21 SOA Software – Solutions – SOA Fabric [cited 2008 Jul 21]. Available from: http://www.soa.com/index.php/section/solutions/soa_fabric/
- 22 WS-BPEL Extension for People – BPEL4People, http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-bpel4people/BPEL4People_white_paper.pdf
- 23 Werner J, Mathe J, Duncavage S, Malin B, Lédeczi Á, Jirjis J, Sztipanovits J. Platform-based design for clinical information systems. In: Dietrich D, Hancke G, Palensky P. (eds.). Proceedings of the 5th IEEE International Conference on Industrial Informatics (INDIN); 2007 June 23-27; Vienna, Austria. New York: IEEE Computer Society; 2007. pp 749-755.
- 24 Duncavage S, Mathe J, Werner J, Malin B, Lédeczi Á, Sztipanovits J. A modeling environment for patient portals. In: Teich JM. (ed.). Proceedings of the 2007 American Medical Informatics Association Annual Symposium (AMIA); 2007 Nov 10-14; Washington, DC. Philadelphia: Hanley & Belfus; 2007. pp 201-206.
- 25 Long E, Misra A, Sztipanovits J. Increasing productivity at Saturn. IEEE Computer Magazine 1998; 31 (08) 35-43.
- 26 Völgyesi P, Maróti M, Dóra S, Osses E, Lédeczi Á. Software composition and verification for sensor networks. Science of Computer Programming 2005; 56 (1-2): 191-210.
- 27 Lédeczi Á, Davis J, Neema S, Agrawal A. Modeling methodology for integrated simulation of embedded systems. ACM Trans on Modeling and Computer Simulation 2003; 13 (01) 82-103.
- 28 The Generic Modeling Environment website [cited 2008 Jul 21].. Available from: http://www.isis.vanderbilt.edu/projects/gme/
- 29 Kawamoto K, Lobach D. Proposal for fulfilling strategic objectives of the U.S. roadmap for national action on decision support through a service- oriented architecture leveraging HL7 services. JAm Med InformAssoc 2007; 14: 146-155.
- 30 Jürjens J, Rumm R. Model-based security analysis of the German health card architecture. Methods Inf Med 2008; 47: 409-416.
- 31 Sloman MS. Policy driven management for distributed systems. Journal of Network and Systems Management 1994; 2 (04) 333-360.
- 32 Alam M, Hafner M, Breu R. A constraint based role based access control in the SECTET: a model-driven approach. Journal of Computer Security 2008; 16 (02) 223-260.
- 33 Alam M, Breu R, Hafner M. Modeling permissions in a (U/X)ML world. In: Wagner R, Pernul G, Takizawa M, Quirchmayr G, Tjoa A. (eds.). Proceedings of the 1st International Conference on Availability, Reliability, and Security (ARES); 2006 April 20-22; Vienna, Austria. New York: IEEE Computer Society; 2006. pp 685-692.
- 34 Zhang N, Ryan M, Gueley D. Synthesising verified access control systems in XACML. In: Backes B, Basin D, Waidner M. (eds.). Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering (FMSE); 2004 Oct 29; Washington DC. New York: ACM Press; 2004. pp 56-65.
- 35 Barth A. et al. Privacy and utility in business processes. In: Proc. IEEE CSF; 2007. pp 279-294.
- 36 OASIS Web Services Business Process Execution Language (WS-BPEL) [cited 2008 Jul 21]. Available from: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsbpel
- 37 Apache Foundation, Apache Orchestration Director Engine [cited 2008 Jul 21]. Available from: http://ode.apache.org.
- 38 Oracle BPEL Process Manager website [cited 2008 Jul 21].. Available from: http://www.oracle.com/technology/bpel/index.html
- 39 ActiveBPEL Open Source Engine Project website [cited 2008 Jul 21].. Available from:. http://www.active-endpoints.com/active-bpel-engineoverview.htm
- 40 SOAP standard [cited 2008 Jul 21]. Available from: http://www.w3.org/TR/soap/
- 41 Sun’s XACML Implementation [cited 2008 Jul 21]. Available from: http://sunxacml.sourceforge.net/
- 42 OASIS eXtensible Access Control Markup Language (XACML) TC [cited 2008 Jul 21]. Available from: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
- 43 SWI-Prolog engine [cited 2008 Jul 21]. Available from: http://www.swi-prolog.org
- 44 Joint NEMA/COCIR/JIRA Security and Privacy Committee (SPC).. “Breakglass – an approach to granting emergency access to healthcare systems” [cited 2008 Jul 21]. Available from: http://www. nema.org/prod/med/security/.