Electronic case history. Theory for practice
Health informatization is a tempting idea for anyone confronted with medicine and computers and is very intrusive for our government.
Recently, on the respected Habrahabr I flashed an article representing the patient's view of the problem of EIB and the benefits of its widespread implementation.
I will try to express the point of view from the opposite side of the phonendoscope.
GOST , being currently the only regulatory document, in fact, does not describe the technical side of the electronic medical record, it only points to a number of requirements relating mainly to data security. Plus there is the notorious 152 FZ.
Summarizing the intermediate result, we can formulate a number of requirements for EIB.
The main problems limiting electronic history, this is the difficulty of access control, ensuring the invariability of records in hindsight, the legitimacy of the records (you should always know who wrote what and when), security against leaks.
')
The key link - the clinic - the main place of formation of records about the patient. Each patient has a personal e-signature protected in a tangible medium (USB key, smart card or social card). There is information about honey. insurance. The second copy of the signature is in electronic form in the encrypted vault of the clinic. Each doctor has a private key on a tangible medium, providing him access to the storage of patient certificates. Each access case is recorded in a database. Each patient visit is one new XML file signed with a doctor's key and encrypted with the patient's key. The doctor's signature confirms his identity and the date of recording. Encryption - protects from prying eyes.
To provide remote access and backup, all hospital records without decryption are synchronized with the federal server. This also achieves backdating of records. There are no keys for patients and doctors on the federal server; they do not read the records there.
In the case of a person turning to another (any) medical institution, he takes his key with him and, in the case of hospitalization, transfers it with his key for temporary storage in health facilities. This provides remote access to the records of the main card. The request first goes to the polyclinic server, if it is unavailable - to the federal base. In the case of hospitalization of the patient without a key, a temporary one is generated, for maintaining the current history with the subsequent import. The scheme as in the clinic - xml-files, signed with the doctor's key and encrypted with the patient's key. Synchronization with the federal base daily.
Data for reports is not extracted from the medical history, but by transferring some of the impersonal data about the patient's visit during its reception and recording of information on the card. So can be considered as bed-days, morbidity by negotiability, etc. That is, triggers are triggered - filling out the diagnosis field copies it, without communication with the patient, into a separate base of health facilities, a completed statement increases the counter of favorable outcomes, etc.
This article deliberately does not consider the interfaces and software for maintaining EIB - for this the author lacks the qualifications. Plus, I adhere to the point of view that software has the right to be heterogeneous, and only formats and data transmission channels should be standardized. Also, in order to save space, I began to dwell on the modernization of the provision of services - electronic queues, registries, and analyzes via SMS are a topic for a separate large conversation.
Recently, on the respected Habrahabr I flashed an article representing the patient's view of the problem of EIB and the benefits of its widespread implementation.
I will try to express the point of view from the opposite side of the phonendoscope.
What is the meaning of medical history?
- for the attending physician, this is a document that is a structured diary of the patient's condition and allows you to trace the dynamics of the course of the disease and recall the necessary facts from the past. There are two main forms of information storage - an outpatient card in the clinic and one case report for each hospitalization. Map and history related statements. Therefore, EIB requires the ability of the attending physician to view full medical information about the patient.
- for another doctor, this is a way to get patient information. Now implemented through certificates, extracts, requests, calls to colleagues, rudimentary telemedicine. Ideally, information with the permission of the patient. Should be available to any doctor in the required amount.
- for the patient - initially medical records are not intended for the patient - there are special documents for him - references and medical recommendations. However, modern legislation allows access to their medical data in the presence of honey. staff.
- for regulatory bodies, it’s not just the prosecutor’s office and the court. This includes the head. departments, and administration of medical institutions, and insurance companies. for statistical bodies - summary data for various reports.
GOST , being currently the only regulatory document, in fact, does not describe the technical side of the electronic medical record, it only points to a number of requirements relating mainly to data security. Plus there is the notorious 152 FZ.
Summarizing the intermediate result, we can formulate a number of requirements for EIB.
An electronic medical history should possess:
- completeness of data - ideally being the only source of information about a patient’s health
- access by the patient and honey. hospital staff
- immutability of records (protection against fraud)
- logging access to records (even for reading)
- remote access capability
- reporting data
- availability for examination
The main problems limiting electronic history, this is the difficulty of access control, ensuring the invariability of records in hindsight, the legitimacy of the records (you should always know who wrote what and when), security against leaks.
')
How can it look like?
The key link - the clinic - the main place of formation of records about the patient. Each patient has a personal e-signature protected in a tangible medium (USB key, smart card or social card). There is information about honey. insurance. The second copy of the signature is in electronic form in the encrypted vault of the clinic. Each doctor has a private key on a tangible medium, providing him access to the storage of patient certificates. Each access case is recorded in a database. Each patient visit is one new XML file signed with a doctor's key and encrypted with the patient's key. The doctor's signature confirms his identity and the date of recording. Encryption - protects from prying eyes.
To provide remote access and backup, all hospital records without decryption are synchronized with the federal server. This also achieves backdating of records. There are no keys for patients and doctors on the federal server; they do not read the records there.
In the case of a person turning to another (any) medical institution, he takes his key with him and, in the case of hospitalization, transfers it with his key for temporary storage in health facilities. This provides remote access to the records of the main card. The request first goes to the polyclinic server, if it is unavailable - to the federal base. In the case of hospitalization of the patient without a key, a temporary one is generated, for maintaining the current history with the subsequent import. The scheme as in the clinic - xml-files, signed with the doctor's key and encrypted with the patient's key. Synchronization with the federal base daily.
Data for reports is not extracted from the medical history, but by transferring some of the impersonal data about the patient's visit during its reception and recording of information on the card. So can be considered as bed-days, morbidity by negotiability, etc. That is, triggers are triggered - filling out the diagnosis field copies it, without communication with the patient, into a separate base of health facilities, a completed statement increases the counter of favorable outcomes, etc.
Strong circuit locations
- the whole patient history is available to the doctor, not scant discharge
- data is constantly available only to the medical staff and the patient
- data is reserved
- remote access
- record immutability is achieved
- you can generate reports
- leakage protection
Weak spots
- examination - at present, the medical history can go up to 3-4 examinations under normal conditions and much more by court order. If you give access to all, it increases the likelihood of data leakage. If you give access only by court order, then there is a problem with the control of the activities of doctors by colleagues and insurance companies.
This article deliberately does not consider the interfaces and software for maintaining EIB - for this the author lacks the qualifications. Plus, I adhere to the point of view that software has the right to be heterogeneous, and only formats and data transmission channels should be standardized. Also, in order to save space, I began to dwell on the modernization of the provision of services - electronic queues, registries, and analyzes via SMS are a topic for a separate large conversation.
Source: https://habr.com/ru/post/129754/
All Articles