• No results found

ehr Preparation Technical Aspect

N/A
N/A
Protected

Academic year: 2021

Share "ehr Preparation Technical Aspect"

Copied!
28
0
0

Loading.... (view fulltext now)

Full text

(1)

eHR Preparation – Technical Aspect

(2)

PMI ePR

System Overview

PMI CDR Other Repositories Shared Services Shared services Portal

Security & Audit

eHR Sharing System (eHR Core)

CMS Extension

(3)

eHR Sharing System

Serves as a platform for sharing the

electronic Health Records of participants

(4)

Technical Preparation

• Access to eHRSS

(5)
(6)

Controlled Access to eHRSS

• Aim : Protect security and privacy of eHR data

• Can only connect to the eHRSS through ‘Identifiable

Sources’:

– Fixed IP address; or

– Installed eHR Encapsulated Linkage Security Application

(ELSA)

• To be able to view the eHR clinical data

– HCP must have joined eHR

– Patient must have joined eHR

– Patient has given consent to the HCP

(7)

Identifiable sources :

(8)

eHR Connection Modes

Mode Certified EMR Connect via Sub Mode Source Identification User Authentication Type of 2nd Factor User Exper-ience Login ID Password 2nd Factor

A

System based Private Channel Connection Yes Leased

line/VPN 1.0 Fixed IP Local Local eHR

E-Cert (Server based enciphe rment) Silent Logon

B

System based Public Channel Connection Yes Internet 2.0 ELSA

Local Local eHR User

elect 2nd Factor Logon 3.0 Fixed IP

C

Workstation based Public Channel Connection No 4.0 ELSA

eHR eHR eHR User

elect

Full 2FA Logon

(9)

Mode A: Connect to eHR Core via EMR

eHR Viewer EMR eHR Viewer Logon System HCP eHR_UID eHR_no. Public Network (Leased Line / VPN) Patient Selection ppp 2 PPP 1

PMI

User Profile Inbox

EMR system

eHR Core

Silent Logon

(10)

Mode B: Connect to eHR Core via EMR

eHR Viewer EMR eHR Viewer Logon System HCP eHR_UID eHR_no. Internet Patient Selection ppp 2 PPP 1

PMI

User Profile Inbox

EMR system

eHR Core

Second Factor

Login

(11)

Mode C : Workstation Based Connection

eHR Viewer eHR Viewer Logon HCP Internet Patient Selection ppp 2 PPP 1

PMI

User Profile Inbox

eHR Core

2FA Login ELSA

(12)

Self Assessment

Security Assessment Requirement

for Different Connection Modes

Regular SRA

Self Assessment

(13)

Technical Preparation

• Security Assessment

– Self assessment checklist on security

– Mode A requires Security Risk Assessment on systems

with direct connection to eHRSS

• Connectivity

– Network infrastructure requirements depend on

Connection Mode(s) elected by HCP

– EMR System enhancement to integrate with eHRSS

– Integration test and registration with eHRSS

(14)

Patient’s consent to HCP :

(15)

Patient Consent

• Govern which HCP can view patient’s eHR / upload patient

data to eHR

• Use eHRSS <Build Relationship> function to record patient’s

consent to HCP

• Means of consent

– HK SmartID Card

– Written form

– One-time password

• Technical Preparation

– Install SmartID Card Reader

– PMI related enhancements

(16)

User Access Control :

(17)

Role-based Access Control

• Only authorised users can access eHR under

‘patient-under-care’ & ‘need-to-know’ principles

• A user can access a patient’s record only if :

– The user can be individually identified & authenticated

– The user is accessing eHRSS through ‘connection’ of the HCP which his

/her account belongs to

– The patient has a current and valid relationship with the HCP

• Role based access

– Functions / Data accessible by user depend on the role assigned to the

user by HCP

– Only registered Healthcare professionals (with registration with Boards

& Councils ) can view clinical data

– Healthcare administrative/ancillary staff has administrative function

access only

(18)

Related Preparation

• Identify which healthcare staff can access eHR

• Determine what role(s) to be assigned to the staff

• Collect personal data and agreements from staff to create eHR

user accounts in eHRSS

– HKIDs & Names

– B&C Registration numbers for healthcare professionals requiring

access to patient’s clinical data

• Create staff accounts in eHR Sharing System

– Via online <User Account Management> function, or

– Via batch data interface

– Assign security token if required

(19)

Technical Preparation

• For Connection Modes A & B:

– Enhance local EMR systems to store eHRUIDs

generated by eHRSS for use in system interfaces

• If user accounts are to be set up / maintain via

batch interface :

– Develop batch interface program

– Integration test with eHRSS

– System handling of eHRUIDs returned by eHRSS

– Exception handling and on-going maintenance

(20)
(21)

Sharing Data to eHR

• HCPs to provide readily sharable electronic data

within scope to eHR under patient’s consent

• eHR data standard

– Importance of accurate patient registration (PMI) data

– Multi standards compliance level for sharable data

• Level 1 : free-text / PDF document

• Level 2 : structured data with local value

• Level 3 : structured data with standard value

– Computer generated data only (including PDF), no

scanning of manual records

(22)

Phased Approach

eHR Section Level 1 Level 2 Level 3

eHR Participant Encounter

Referral

Clinical note / summary Adverse reaction / allergy Clinical alert

Problem Procedure Birth record

Assessment / physical exam Social history

Past medical history Family history

Drug – prescription record Drug – dispensary record Immunization

Clinical request

Diagnostic test result – Laboratory Diagnostic test result – Radiology

Diagnostic test result – Other investigation Care & treatment plan

Phase 1 Phase 2 Phase 3 Phase 4 Phase 5

(23)

Phase 1 eHR

eHR Section Level 1 Level 2 Level 3

eHR Participant Encounter

Referral

Clinical note / summary Adverse reaction / allergy Clinical alert

Problem Procedure Birth record

Assessment / physical exam Social history

Past medical history Family history

Drug – prescription record Drug – dispensary record Immunization

Clinical request

Diagnostic test result – Laboratory Diagnostic test result – Radiology

Diagnostic test result – Other investigation

Care & treatment plan

Phase 1 Phase 2 Phase 3 Phase 4 Phase 5

(24)

Technical Preparation

• Data Upload to eHRSS

– Determine data domain to be shared & compliance level

for each domain

– If code mapping is used, establish sustainable mechanism

(people, system, workflow) to maintain the mapping

– Determine the interface mechanism:

• Online message or batch interface

• Interface Frequency

• Communication channel and Network set up

– Develop interface programs and test with eHRSS

– Register domain & compliance level with eHRSS

– Mechanism and workflow for on-going exception handling

and reconciliation

(25)

Technical Preparation

• Data Download from eHRSS

– PMI and Allergy data only

– Via Batch interface or online web services, interface channel

• PMI data download

– Need to ensure accurate identification of individual patient

– Interface with eHRSS to communicate PMI data (HKID, name ...)

– Enhance EMR system to store eHR no. for communication and

data interfaces with eHRSS

– Enhance EMR system to store relationship, including date,

information to ensure correct data upload

– Establish processes (system and manual) for exception handling

• Allergy data download

– Enhance EMR system to interface with eHRSS

– Enhance EMR system to facilitate integration of downloaded

allergy data with local EMR data

(26)

Summary

• Connection Modes

– Determine type of connection modes

– Complete Security assessment checklist

– Complete SRA if applicable

– Develop EMR system integration for modes A & B

• User Account Management

– Collect users data and determine related roles

– Develop batch interface for user accounts if necessary

– System enhancement to store & use eHRUID

(27)

Summary

• Data Interfaces

– Determine domain, compliance level & interface

method

– Develop interface programs

– Establish network infrastructure for data interface

• PMI data

– Determine interface method

– Enhance system to process / submit PMI data

downloaded from eHRSS

– Enhance system to store eHR no. & relationship

information

(28)

References

Related documents

current. Rather than &#34;superfluous,&#34; federal revenues provide an important source of funding to support the educational programs in a district. Evidence of these

produkty Sony, 90 respondentov nekupuje produkty Sony percentuálne zastúpenie oboch skupín torí produkty Sony nekupujú.. 1) Najviac štvrtina respondentov nevie, kto

The number of women who had to be referred to colposcopy to detect one case of high-grade disease (referral value) was significantly increased for both CIN2 þ and CIN3 þ in

 Users are responsible for ensuring that the use of eHR Viewer data is on a need-to-know basis for the purpose of their health care work and is in accordance with their

Figure 5.2: Number of study segments by highway type ...80 Figure 5.3: Number and classification of existing roadside features in the study ...83 Figure 5.4: Cost distribution

It is important to ensure that you regularly review who has user rights to your school’s Leeds for Learning site, what level of access they have and, if they have left your

Table-based or Column-based NoSQL databases such as BigTable, Cassandra and Amazon SimpleDB allow data to be stored as sparse tables, meaning that each row in a table can have a

Note: If you are looking for a date with two appointments available at the same time, change the number of appointments (slots) desired to 2 from the drop-down next to TIME