Driving toward guiding principles: a goal for privacy, confidentiality, and security of health information.
As health care moves from paper to electronic data collection, providing easier access and dissemination of health information, the development of guiding privacy, confidentiality, and security principles is necessary to help balance the protection of patients' privacy interests against appropriate information access. A comparative review and analysis was done, based on a compilation of privacy, confidentiality, and security principles from many sources. Principles derived from ten identified sources were compared with each of the compiled principles to assess support level, uniformity, and inconsistencies. Of 28 compiled principles, 23 were supported by at least 50 percent of the sources. Technology could address at least 12 of the principles. Notable consistencies among the principles could provide a basis for consensus for further legislative and organizational work. It is imperative that all participants in our health care system work actively toward a viable resolution of this information privacy debate. (+info
Evaluation of vocabularies for electronic laboratory reporting to public health agencies.
Clinical laboratories and clinicians transmit certain laboratory test results to public health agencies as required by state or local law. Most of these surveillance data are currently received by conventional mail or facsimile transmission. The Centers for Disease Control and Prevention (CDC), Council of State and Territorial Epidemiologists, and Association of Public Health Laboratories are preparing to implement surveillance systems that will use existing laboratory information systems to transmit electronic laboratory results to appropriate public health agencies. The authors anticipate that this will improve the reporting efficiency for these laboratories, reduce manual data entry, and greatly increase the timeliness and utility of the data. The vocabulary and messaging standards used should encourage participation in these new electronic reporting systems by minimizing the cost and inconvenience to laboratories while providing for accurate and complete communication of needed data. This article describes public health data requirements and the influence of vocabulary and messaging standards on implementation. (+info
Virtual management of radiology examinations in the virtual radiology environment using common object request broker architecture services.
In the Department of Defense (DoD), US Army Medical Command is now embarking on an extremely exciting new project--creating a virtual radiology environment (VRE) for the management of radiology examinations. The business of radiology in the military is therefore being reengineered on several fronts by the VRE Project. In the VRE Project, a set of intelligent agent algorithms determine where examinations are to routed for reading bases on a knowledge base of the entire VRE. The set of algorithms, called the Meta-Manager, is hierarchical and uses object-based communications between medical treatment facilities (MTFs) and medical centers that have digital imaging network picture archiving and communications systems (DIN-PACS) networks. The communications is based on use of common object request broker architecture (CORBA) objects and services to send patient demographics and examination images from DIN-PACS networks in the MTFs to the DIN-PACS networks at the medical centers for diagnosis. The Meta-Manager is also responsible for updating the diagnosis at the originating MTF. CORBA services are used to perform secure message communications between DIN-PACS nodes in the VRE network. The Meta-Manager has a fail-safe architecture that allows the master Meta-Manager function to float to regional Meta-Manager sites in case of server failure. A prototype of the CORBA-based Meta-Manager is being developed by the University of Arizona's Computer Engineering Research Laboratory using the unified modeling language (UML) as a design tool. The prototype will implement the main functions described in the Meta-Manager design specification. The results of this project are expected to reengineer the process of radiology in the military and have extensions to commercial radiology environments. (+info
Meta-manager: a requirements analysis.
The digital imaging network-picture-archiving and communications system (DIN-PACS) will be implemented in ten sites within the Great Plains Regional Medical Command (GPRMC). This network of PACS and teleradiology technology over a shared T1 network has opened the door for round the clock radiology coverage of all sites. However, the concept of a virtual radiology environment poses new issues for military medicine. A new workflow management system must be developed. This workflow management system will allow us to efficiently resolve these issues including quality of care, availability, severe capitation, and quality of the workforce. The design process of this management system must employ existing technology, operate over various telecommunication networks and protocols, be independent of platform operating systems, be flexible and scaleable, and involve the end user at the outset in the design process for which it is developed. Using the unified modeling language (UML), the specifications for this new business management system were created in concert between the University of Arizona and the GPRMC. These specifications detail a management system operating through a common object request brokered architecture (CORBA) environment. In this presentation, we characterize the Meta-Manager management system including aspects of intelligence, interfacility routing, fail-safe operations, and expected improvements in patient care and efficiency. (+info
Interactive web-based radiology teaching file.
This multimedia radiology teaching file was developed for medical students, residents, physicians, and researchers to present teaching components related to clinical studies. Patient studies are used to create teaching cases, user can also create lecture series and custom presentations (catalogs) by linking related text and images. The user is able to make and preserve his/her own notes related to reviewed information. From the computer workstation, the user can perform search our case library by American College of Radiology (ACR) codes, keywords, modalities, or text. Results are presented in custom pages and include text lists, thumbnails lists, rescaled images, and full-size images. Text can be easily printed in custom format or exported to an ASCI file. To preserve the privacy of the student, access to our database is granted to the web browser by log-in panel. Image and text can be imported from Digital Imaging and Communications in Medicine (DICOM)-compatible devices or entered by using web forms. In conclusion, we developed a multifunctional interactive teaching environment accessible for multiplatform internet users. (+info
Occupational cancer research in the Nordic countries.
Occupational cancer research in the Nordic countries benefits from certain structural advantages, including the existence of computerized population registries, national cancer registries with high-quality data on cancer incidence, and a personal identification number for each inhabitant. This article outlines the utilization of this research infrastructure in Denmark, Finland, Iceland, Norway, and Sweden, together with research examples from the different countries. Future research on occupational cancer in this region requires that national legislation on electronic handling of sensitive personal information should not be stricter than the European Union Directive on individual protection with regard to personal data. A personal identification number is essential both for keeping up the high quality of data of the registers and for the high quality of the process of linking the different data sources together. Although previous occupational research has focused on male workers, a broader approach is needed in the future, including a study of how cancer risk in women may be affected by occupational activity and the question of possible cancer risk in offspring of men and women exposed to workplace carcinogens. (+info
Aspects of computer security: a primer.
As health care organizations continue on the path toward total digital operations, a topic often raised but not clearly understood is that of computer security. The reason for this is simply the vastness of the topic. Computers and networks are complex, and each service offered is a potential security hole. This article describes for the lay person the fundamental points of computer operation, how these can be points attacked, and how these attacks can be foiled--or at least detected. In addition, a taxonomy that should aid system administrators to evaluate and strengthen their systems is described. (+info
Security architecture for multi-site patient records research.
A security system was developed as part of a patient records research database project intended for both local and multi-site studies. A comprehensive review of ethical foundations and legal environment was undertaken, and a security system comprising both administrative policies and computer tools was developed. For multi-site studies, Institutional Review Board (IRB) approval is required for each study, at each participating site. A sponsoring Principal Investigator (PI) is required at each site, and each PI needs automated enforcement tools. Systems fitting this model were implemented at two academic medical centers. Security features of commercial database systems were found to be adequate for basic enforcement of approved research protocols. (+info