MEDIS – A WEB BASED HEALTH INFORMATION SYSTEM - Implementing Integrated Secure Electronic Health Record

Snezana Sucurovic

2006

Abstract

In many countries there are initiatives for building an integrated patient-centric electronic health record. There are also initiatives for transnational integrations. These growing demands for integration result from the fact that it can provide improving healthcare treatments and reducing the cost of healthcare services. While in European highly developed countries computerisation in healthcare sector begun in the 70’s and reached a high level, some developing countries, and Serbia and Montenegro among them, have started computerisation recently. This is why MEDIS (MEDical Information System) is aimed at integration itself from the very beginning instead of integration of heterogeneous information systems on a middle layer or using HL7 protocol. MEDIS has been implemented as a federated system where the central server hosts basic EHCR information about a patient, and clinical servers contain their own part of patients’ EHCR. Clinical servers are connected to a central server through the Internet and the system can be accessed through a browser from a place that has an Internet connection. A user also has to have a public key certificate to be able to login. As health data are highly sensible, MEDIS implements solutions from recent years, such as Public Key Infrastructure and Privilege Management Infrastructure, SSL and Web Service security as well as pluggable, XML based access control policies.

References

  1. Beznosov K., 2004, On the Benefits of Decomposing Policy Engines into Components, In. 3rd Workshop on adaptive and Reflect Middleware, Toronto
  2. Blobel B. et. al., 2003, Using a privilege management infrastructure for secure Web-based e-health applications, Computer Communications, Elsevier
  3. Blobel B., 2004, Authorisation and access control for electronic health record system, Intern. Journal of Medical Informatics, Elsevier, No.73, pp. 251-257,
  4. Chadwick D. et. al., Role based access control with X.509 Attribute Certificates, IEEE Internet Computing, March/April 2003, pp. 62 - 69
  5. Commite Europen de Normalisation ENV 13606 Standard, 2002, Extended Architecture
  6. Commite Europen de Normalisation ENV 13729 Standard, 2002, Secure user identification
  7. Joshi J. et. al., Access Control Language for Multidomain Environments, IEEE Internet Computing, November/December 2004, pp. 40-50.
  8. MEDIS Technical Report, Retrieved September 28,2005 from http://www.imp.bg.ac.yu/dokumenti/MEDISTechnical Report.doc
  9. Microsoft and IBM White Paper, Security in Web service world: A Proposed Architecture and Roadmap, Retrieved September 28,2005 from http://www128.ibm.com/developerworks/webservices/library/wssecmap
  10. Sucurovic S., Jovanovic Z., February 2005, Java Cryptography & X.509 Authentication, Dr. Dobb's Journal, San Francisco
  11. Sucurovic S., Jovanovic Z., 2006, Java Cryptography & Attribute Certificate Management, Dr. Dobb's Journal, San Francisco
  12. XML Encryption Syntax and Processing, W3C Recommendation, 2002
  13. XML Signature Syntax and Processing, W3C Recommendation, 2002
  14. Wei Z. et. al., 2004, Implement role based access control with attribute certificates, ICACT 2004, International Conference on Advanced Communication Technology, Korea
Download


Paper Citation


in Harvard Style

Sucurovic S. (2006). MEDIS – A WEB BASED HEALTH INFORMATION SYSTEM - Implementing Integrated Secure Electronic Health Record . In Proceedings of the Eighth International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-972-8865-43-6, pages 160-164. DOI: 10.5220/0002444001600164


in Bibtex Style

@conference{iceis06,
author={Snezana Sucurovic},
title={MEDIS – A WEB BASED HEALTH INFORMATION SYSTEM - Implementing Integrated Secure Electronic Health Record},
booktitle={Proceedings of the Eighth International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2006},
pages={160-164},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002444001600164},
isbn={978-972-8865-43-6},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Eighth International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - MEDIS – A WEB BASED HEALTH INFORMATION SYSTEM - Implementing Integrated Secure Electronic Health Record
SN - 978-972-8865-43-6
AU - Sucurovic S.
PY - 2006
SP - 160
EP - 164
DO - 10.5220/0002444001600164