Developing a Common Health Information Exchange Platform to Implement a Nationwide Health Information Network in South Korea

Article information

Healthc Inform Res. 2015;21(1):21-29
Publication date (electronic) : 2015 January 31
doi : https://doi.org/10.4258/hir.2015.21.1.21
1R&D Center, ezCaretech Co. Ltd., Seoul, Korea.
2Center for Medical Informatics, Seoul National University Bundang Hospital, Seongnam, Korea.
3IT Convergence Policy Team, National IT Industry Promotion Agency, Seoul, Korea.
Corresponding Author: Sooyoung Yoo, PhD. Center for Medical Informatics, Seoul National University Bundang Hospital, 82 Gumi-ro 173beon-gil, Bundang-gu, Seongnam 463-707, Korea. Tel: +82-31-787-1151, Fax: +82-31-787-4004, yoosoo0@snu.ac.kr
Received 2014 December 08; Revised 2015 January 26; Accepted 2015 January 26.

Abstract

Objectives

We aimed to develop a common health information exchange (HIE) platform that can provide integrated services for implementing the HIE infrastructure in addition to guidelines for participating in an HIE network in South Korea.

Methods

By exploiting the Health Level 7 (HL7) Clinical Document Architecture (CDA) and Integrating the Healthcare Enterprise (IHE) Cross-enterprise Document Sharing-b (XDS.b) profile, we defined the architectural model, exchanging data items and their standardization, messaging standards, and privacy and security guidelines, for a secure, nationwide, interoperable HIE. We then developed a service-oriented common HIE platform to minimize the effort and difficulty of fulfilling the standard requirements for participating in the HIE network. The common platform supports open application program interfaces (APIs) for implementing a document registry, a document repository, a document consumer, and a master patient index. It could also be used for testing environments for the implementation of standard requirements.

Results

As the initial phase of implementing a nationwide HIE network in South Korea, we built a regional network for workers' compensation (WC) hospitals and their collaborating clinics to share referral and care record summaries to ensure the continuity of care for industrially injured workers, using the common HIE platform and verifying the feasibility of our technologies.

Conclusions

We expect to expand the HIE network on a national scale with rapid support for implementing HL7 and IHE standards in South Korea.

I. Introduction

In South Korea, most hospitals and clinics still refer patients using paper documents; only a few tertiary hospitals have implemented an electronic referral system, that is, a Web portal that enables access to patients' lab test results by network clinics. This referral system has the limitations of offering only one-way information, limited scalability and expandability, as well as the provision of information access to only a specific hospital. Additionally, because the system depends on a specific vendor and organization, it is difficult to compile and access patients' longitudinal data, which are stored in scattered silos.

Thus, there has been growing demand for a health information exchange (HIE) between hospitals and clinics to reduce healthcare costs and improve quality by sharing patients' clinical information and preventing duplicate testing; this exchange would require a number of standards for interoperability. Prior studies have found that HIE provides benefits in improving coordination of care [1], improving the accuracy of diagnosis, preventing hospital readmissions and medication errors [2], enhancing public health surveillance [3], and increasing the efficiency and quality of public health reporting [4], with higher patient satisfaction [5,6].

In this study, as a Korean HIE initiative, we began creating a nationwide HIE network early this year, as a first step towards exchanging clinical information on industrially injured workers between workers' compensation (WC) hospitals and their collaborating clinics. In cooperation with Korea's Workers' Compensation & Welfare Service (COMWEL), we aimed at verifying our concepts and platform for those hospitals and clinics. Our final goal is to extend the coverage of HIE across the nation in stages. To accelerate the adoption of interoperable technologies for implementing a nationwide HIE network, we developed a common HIE platform that provides standard terminology, documents, and messaging tools to support hospitals and vendors in easily participating in the network. The implementation guidelines and tools will be able to mitigate some technical barriers and challenges to engaging in the exchange of health information [6].

This paper describes the common HIE platform and our architectural and security strategies for implementing the HIE network in WC hospitals and their collaborating clinics using the platform.

II. Methods

We defined the architectural model, the exchange's data items and their standardization, messaging standards, and privacy and security guidelines for a secure, interoperable HIE across South Korea. In essence, we used the HL7 Clinical Document Architecture (CDA) [7] standards to generate clinical documents and the IHE Cross-enterprise Document Sharing-b (XDS.b) profile for the communication infrastructure.

1. HIE Architecture Models

Based on the IHE XDS.b profile, we defined four architecture models that would be feasible for an HIE network in South Korea (Figure 1). The models depend on the location of each registry and repository, focusing on security issues at the physical locations where health information will be shared.

Figure 1

Health information exchange architecture models. (A) Integrated Registry - Repository, (B) One Registry - Multiple Repositories, (C) Federated Registry - Multiple Repositories, and (D) Peer-to-Peer. EHR: Electronic Health Record.

The Integrated Registry - Repository model is a central architecture in which all shared clinical documents (the repository) and the metadata (the registry) for searching them are stored in a central cloud server. The One Registry - Multiple Repositories model is a distributed architecture in which the repository is located within each healthcare organization or in its Electronic Health Record (EHR) vendor's server, with a registry for linking documents between locations maintained in a central server. The Federated Registry - Multiple Repositories model supports information exchange through communication between the regional registries. Finally, the Peer-to-Peer model is based on direct exchange between healthcare organizations using socket communication or secure email.

In this study, we focused on developing a common HIE platform that would support the Integrated Registry - Repository and the One Registry - Multiple Repositories models. We considered the two architecture models because, at the time of our study, there was no requirement to integrate other registries and there were not even other regional registries to connect to make a federated registry in South Korea. In addition, we pursued sharing of patients' care record summaries among healthcare organizations; therefore, we did not consider the Peer-to-Peer model. However, the architecture models would depend on the EHR infrastructure, the healthcare environment, and the cultural environment.

2. The Common HIE Platform

Based on the IHE XDS.b profile, we derived common HIE functions and services for each actor, including a document repository, document registry, and document consumer. Based on the service-oriented architecture (SOA), we developed a common HIE platform that provides these functions and services to minimize the effort and difficulty in implementing the IHE XDS.b profile, CDA standards, and common terminology set.

The common HIE platform supports open application program interfaces (APIs) for implementing the document registry, document repository, document consumer, and master patient index. The document registry receives the metadata from clinical documents generated by healthcare organizations, stores the metadata, and supports searches for the documents. The document repository stores clinical documents, requests indexing in the document registry, and provides the documents when they are requested by other healthcare organizations. The master patient index (MPI) maintains patient identifiers and patient consent information. In addition to providing the services needed for sharing documents, we also included supportive HIE services that allow the standardization of local terminologies to international terminologies, the management of the master data of participating healthcare organizations and departments, and the regulation of transaction logs.

To design the common HIE platform, we derived atomic services based on the IHE XDS.b profile and then designed atomic services and derived the functional service requirements of the HIE applications, enabling the definition of a composite service by the combination of multiple atomic services. For healthcare organizations and EHR vendors to easily utilize the platform, we developed these functions and services in the form of open APIs, as shown in Figure 2.

Figure 2

Architecture for the common health information exchange platform. CDA: Clinical Document Architecture, CRS: Care Record Summary, PIX: Patient Identifier Cross-Referencing, PDQ: Patient Demographics Query, HIE: health information exchange, HIS: hospital information system, API: application programming interface, IHE: Integrating the Healthcare Enterprise, ATNA: Audit Trail and Node Authentication, WCF: Windows Communication Foundation.

We developed a number of services for CDA documents with open APIs, for example, CDA Viewer, which displays CDA documents in readable format by applying the XSLT style sheet. The 'CRS and Referral Generate' API supports the automatic generation of CDA documents based on the corresponding values of data elements that were extracted from the EHR system. The terminology mapping can be used to generate CDA entries by automatically mapping local terms to structured coded terms.

3. CDA Contents

As a standard for clinical documents to be exchanged among healthcare organizations, we adopted HL7 CDA Release 2 (R2) Level 3. Based on CDA R2 and some of the IHE CDA content modules, we defined the data elements and templates for the referral and care record summaries to support collaborative care.

In this study, the referral summary was defined as a type of document created to support collaborative care by referring patients from clinics or hospitals to specialists. It is used for referrals and replies between two healthcare organizations. The care record summary (CRS) was defined as a document that summarizes hospital visits and hospitalizations; it is automatically created and stored for the purpose of the continuity of patient care. A CRS contains a patient's relevant health history for one or more encounters, and it is intended to share a core set of the patient's medical records between healthcare providers. The HL7 Care Record Summary [8], Continuity of Care Document [9], and Consolidated CDA [10] were referenced in the process of designing the CRS.

Table 1 shows the major CDA data items in the headers and bodies of two types of documents, including coded entries with standard terminology for ensuring semantic interoperability.

Table 1

CDA data elements of the referral summary and the care record summary

Regarding the data items for problems, medications, and test results, we created coded entries for each data item with the international terminologies. We used the International Classification of Disease (ICD-10; translated, and known as KCD-6 in Korea) and Logical Observation Identifiers Names and Codes (LOINC) for the diagnoses and the examination names, respectively. For medications, we allowed for the use of multiple code sets, including the Korean Electronic Data Interchange (EDI) drug codes used for insurance claims and the international Anatomical Therapeutic Chemical (ATC) codes. In South Korea, the Korea Health and Welfare Information Service [11] has developed and published the Korea Standard Terminology of Medicine (KOSTOM), which is the integrated system of terminologies practically used by and collected from the actual health and medical fields; their terms were mapped to the international terminology, such as ICD and LOINC. Therefore, we also adopted KOSTOM in addition to ICD and LOINC for the secondary use of data for both domestic and international purposes.

Because most hospitals and clinics do not use LOINC codes for tests, manual mapping from the local test codes to the LOINC codes was necessary for creating the CDA entries. Thus, we included a terminology mapping service and tool in the common HIE platform.

4. Master Patient Index

For privacy and security reasons, only patients who agreed to participate in HIE using an informed consent were initiated to share their medical records. The consent stated the purpose of HIE and the scope of data items for sharing. In the HIE system, a scanned copy of the patient's consent was transferred and registered to the registry server in the form of binary data of the <StructuredBody> element of a CDA document. Once a patient's consent was registered in the HIE system, the patient's universal unique identifier was created.

In South Korea, there is no unique patient identifier that can be used only for medical purposes. Although all Koreans have their own Resident Registration Numbers (RRNs), there have been increasing issues with the use of RRNs for HIE because of privacy and security concerns.

Because most hospitals and clinics have their own local patient identifiers, we created and assigned universal unique identifiers (UUIDs) to each patient who agreed to participate in the HIE using a MPI based on the IHE Patient Identifier Cross-referencing (PIX) and Patient Demographics Query (PDQ) profiles.

We used HL7 V3 ADT messaging to transmit each hospital's local patient identifier to the MPI system, enabling searches for patients and their UUIDs. Using the MPI system, we managed patient demographic information, including UUID, name, birth date, and address.

5. Security Architecture

To support the implementation of a secure HIE network, we provided the required security guidelines after investigating the current security conditions and the solutions that were being used at the participating healthcare organizations. The security guidelines, in essence, comprised both technical and administrative security. Technical security considered medical information (e.g., life cycles of data) and storage (e.g., passwords and access control). Administrative security focused on integrated management (e.g., organizational policies, backup and restore, and documentation) and auditing (e.g., audit record policies and reports).

We considered security with regard to accessing devices, the network, the platform, and the content necessary for implementing a nationwide HIE network using our common platform.

6. Pilot Implementation of the HIE Network

As part of a nationwide initiative, our first phase was to implement an HIE network for WC hospitals and their collaborating hospitals and clinics because industrially injured workers typically require long-term collaborative care, and their medical costs are covered by industrial accident insurance; we found that HIE outcomes can be used to evaluate insurance reimbursement to promote HIE participation.

In our pilot implementation of the network, two WC hospitals, one in Incheon and the other in Ansan, participated. The hospitals are located in metropolitan areas and have approximately 500 beds, and there were six collaborating clinics near the WC hospitals. The two hospitals had recently adopted an EHR system developed by a domestic EHR vendor. The six participating clinics used two different EHR systems. The WC hospitals are public healthcare organizations that provide rehabilitation for workers, but their medical service is not limited to injured workers.

III. Results

1. HIE Network Implementation Results

Our participating WC hospitals and clinics had different IT infrastructures and environments. The WC hospitals had their own network infrastructures and managed their EHR systems through an IDC center of Korea COMWEL. However, the clinics' EHR systems were connected through a broadband network, indicating the weakness of security.

Therefore, as shown in Figure 3, we chose an hybrid architecture of, physically, the Integrated Registry - Repository model and, logically, the One Registry - Multiple Repositories model. Using the common HIE platform, we implemented the HIE registry, repository, and MPI system components in Korea COMWEL's IDC center, called the HIE IDC center; for each EHR vendor in the center, there was one registry with distributing repositories. Both WC hospitals and the clinics communicated with the HIE IDC center through their gateway servers and encrypted network connections. The gateway server for the clinics, located on a DMZ network, provided open APIs and bridged service between the healthcare organizations.

Figure 3

Health information exchange (HIE) system architecture for exchanges between the workers' compensation (WC) hospitals and clinics. MPI: master patient index, EHR: Electronic Health Record, VPN: virtual private network, DLP: data loss prevention, DMZ: demilitarized zone, SSL: secure sockets layer, IPS: intrusion prevention system.

Our security guidelines required that each doctor's PC have a vaccine program, a PC firewall, and a data loss prevention solution. Regarding network security, a virtual private network (VPN), a secure sockets layer (SSL) protocol, an intrusion prevention system (IPS), a Web firewall, and server dualization were applied to prevent hacking and system errors. Server security was reinforced by the installation of a secure OS, a server vaccine program, a database encryption solution, and a storage backup solution.

2. Workflow for Exchanging the Health Information of Injured Workers

The common HIE platform was used to support the transfer of referral summaries from a clinic to a WC hospital and vice versa and the sharing of patients' care record summaries among the participating healthcare organizations. Figure 4 shows the workflow and scenarios implemented in our HIE network for injured workers.

Figure 4

Workflow for exchanging referral and care record summaries among the workers' compensation (WC) hospitals and clinics (A) referral process from a clinic to a WC hospital, (B) generate and access the Care Record Summary (CRS) for the continuity of care. HIE: health information exchange, CDA: Clinical Document Architecture.

Regarding the transfer of referral summaries, when a patient visits a clinic near his or her workplace and the patient needs to be transferred to a WC hospital, a doctor creates a referral summary using the clinic's EHR system. The referral summary is automatically generated in CDA format and stored in the repository, and its metadata are entered into the registry. The WC hospital will be automatically notified of the referral. After the referred hospital confirms the referral and checks the CDA document, a specialist views the referral summary during the patient's visit. The doctor can then also send the reply documents to a clinic on completion of the patient's treatment through the HIE network (Figure 4A).

To share care record summaries, a CDA CRS is automatically generated in the event of a patient's hospital visit and discharge, and it is stored and entered into the repository and the registry. When the patient requires emergency treatment or receives treatment from multiple hospitals and clinics, the CRS can be used to share that patient's health information among the facilities, supporting continuity of care (Figure 4B).

Since the HIE system should be incorporated into the organization's workflow and the doctor's workflow in order be successful [12], HIE service scenarios were developed by analyzing intra and interorganizational workflows of patient's care.

3. Packaging the Common HIE Platform

To accelerate the interoperability between different EHR systems, we adopted international standards, such as HL7 CDA and HIE profiles, and we developed a common HIE platform that supports the implementation of the standards, thus enabling participation in the HIE network and connection between EHR systems. We packaged together the components of the common HIE platform that were required for the registry, repository, and MPI servers. In addition to the HIE system packages, we packaged useful tools that support CDA content generation, standard terminology management, and master data management.

In our HIE network, we installed the registry server and MPI server packages in a Korea COMWEL IDC center and built repository servers for each hospital and clinic using the repository package. These packages allowed the system to address changes in management authority and physical server location because they are simple to install and remove.

To easily deploy the common HIE platform in other healthcare organizations, the RESTFUL-based open API service, testing tools, and manuals will be provided to vendors and developers. After the pilot implementation and operation of a regional HIE network for two WC hospitals and their collaborating clinics is finished, the network will be expanded to other WC hospitals and healthcare organizations stage by stage.

IV. Discussion

In South Korea, the HIE project began in 2005; however, it stopped in 2010 at the level of a small regional HIE between one general hospital and its several clinics due to the lack of a continuous business model, motivational incentives, and technical support of standard adoption. At that time, the HIE was limited to a 1:1 exchange between a hospital and a clinic, and as a result, a lot of effort was required for EMR customization to implement HIE workflow and standards. Thus, a government-driven HIE project was initiated in 2014 under the Creative Vitamin Project which pursued the establishment of a healthcare ICT infrastructure with low-cost and high-efficiency by supporting the accumulation, sharing, and utilization of health information using wire-wireless networking, big data, and sensing technologies. This study was performed to develop a common infrastructure to accelerate the adoption of interoperability standards for HIE and reduce technical barriers to the implementation of an HIE system.

One of the greatest barriers to the adoption of HIE by more health organizations is the lack of an HIE business model [13]. This study addressed that problem by choosing WC hospitals for industrially injured workers as our test sites for the initial implementation of a nationwide HIE network. Most patients in WC hospitals have rehabilitation needs and require collaborative care at other hospitals. As our business model, we plan to provide HIE data to patients to allow them to check their health information using smartphones, with various mobile health services to improve their rehabilitation and treatment and self-monitor their health. The data will be able to be utilized for various applications, creating new value for the HIE system.

Common concerns for HIE include the safety and confidentiality of electronic information exchange and the reliability and quality of the data [14]. In this study, we aimed to separate patients' demographic information from their medical information, and we created UUIDs for the purpose of identifying patients in the medical domain. We also distributed the medical information into multiple repositories. By creating a separate repository for each hospital or EHR vendor, we reinforced the security and disaster recovery. Based on the IHE Audit Trail and Node Authentication (ATNA) profile, all access and retrieval logs were recorded.

Through this study, we aimed to accelerate the adoption of HIE using a common HIE platform. We have been implementing the regional HIE network in two WC hospitals and their six collaborating clinics, thereby enabling the exchange of referral and care record summaries in a standardized way. We plan to share medical images by adopting the IHE Crossenterprise Document Sharing for Imaging (XDS.b-I) profile and to increase the number of participating hospitals and clinics in our HIE network next year. In addition, we did not demonstrate the feasibility, applicability, and effectiveness of HIE, so this should be investigated in the future work.

Acknowledgments

This work was supported by the ICT R&D Program of MSIP (No. I0114-14-1016) and the Creative Vitamin Project.

Notes

No potential conflict of interest relevant to this article was reported.

References

1. Shade SB, Chakravarty D, Koester KA, Steward WT, Myers JJ. Health information exchange interventions can enhance quality and continuity of HIV care. Int J Med Inform 2012;81(10):e1–e9. 22854158.
2. Kaelber DC, Bates DW. Health information exchange and patient safety. J Biomed Inform 2007;40(6 Suppl):S40–S45. 17950041.
3. Dobbs D, Trebatoski M, Revere D. The Northwest public health information exchange's accomplishments in connecting a health information exchange with public health. Online J Public Health Inform 2010;2(2):e5.
4. Shapiro JS, Mostashari F, Hripcsak G, Soulakis N, Kuperman G. Using health information exchange to improve public health. Am J Public Health 2011;101(4):616–623. 21330598.
5. Vest JR, Miller TR. The association between health information exchange and measures of patient satisfaction. Appl Clin Inform 2011;2(4):447–459. 23616887.
6. Feldman SS, Schooley BL, Bhavsar GP. Health information exchange implementation: lessons learned and critical success factors from a case study. JMIR Med Inform 2014;2(2):e19. 25599991.
7. Dolin RH, Alschuler L, Boyer S, Beebe C, Behlen FM, Biron PV, et al. HL7 Clinical Document Architecture, Release 2. J Am Med Inform Assoc 2006;13(1):30–39. 16221939.
8. Health Level Seven International. HL7 Implementation Guide for CDA Release 2 - Level 1 and 2 - Care Record Summary (US realm) [Internet] Ann Arbor (MI): Health Level Seven International; 2006. cited at 2015 Jan 5. Available from: http://www.hl7.org/implement/standards/product_brief.cfm?product_id=29.
9. Health Level Seven International. HL7 Implementation Guide: CDA Release 2 - Continuity of Care Document (CCD) [Internet] Ann Arbor (MI): Health Level Seven International; 2007. cited at 2015 Jan 5. Available from: ftp://ftp.ihe.net/TF_Implementation_Material/PCC/schemas/ccd/CCD-final.pdf.
10. HL7. HL7 Impementation Guide for CDA Release 2: IHE Health Story Consolidation, Release 1.1 (US realm) [Internet] Ann Arbor (MI): Health Level Seven International; 2011. cited at 2015 Jan 5. Available from: http://wiki.siframework.org/file/view/CDAR2_IG_IHE_CONSOL_R1_DSTU_2011DEC.pdf/322738944/CDAR2_IG_IHE_CONSOL_R1_DSTU_2011DEC.pdf.
11. Korea Health and Welfare Information Service [Internet] Seoul: Korea Health and Welfare Information Service; c2014. cited at 2015 Jan 5. Available from: http://www.khwis.or.kr/eng/main.do.
12. Thorn SA, Carter MA, Bailey JE. Emergency physicians' perspectives on their use of health information exchange. Ann Emerg Med 2014;63(3):329–337. 24161840.
13. Vest JR, Gamm LD. Health information exchange: persistent challenges and new strategies. J Am Med Inform Assoc 2010;17(3):288–294. 20442146.
14. Zwaanswijk M, Verheij RA, Wiesman FJ, Friele RD. Benefits and problems of electronic information exchange as perceived by health care professionals: an interview study. BMC Health Serv Res 2011;11:256. 21982395.

Article information Continued

Funded by : MSIP
Award ID : I0114-14-1016

Figure 1

Health information exchange architecture models. (A) Integrated Registry - Repository, (B) One Registry - Multiple Repositories, (C) Federated Registry - Multiple Repositories, and (D) Peer-to-Peer. EHR: Electronic Health Record.

Figure 2

Architecture for the common health information exchange platform. CDA: Clinical Document Architecture, CRS: Care Record Summary, PIX: Patient Identifier Cross-Referencing, PDQ: Patient Demographics Query, HIE: health information exchange, HIS: hospital information system, API: application programming interface, IHE: Integrating the Healthcare Enterprise, ATNA: Audit Trail and Node Authentication, WCF: Windows Communication Foundation.

Figure 3

Health information exchange (HIE) system architecture for exchanges between the workers' compensation (WC) hospitals and clinics. MPI: master patient index, EHR: Electronic Health Record, VPN: virtual private network, DLP: data loss prevention, DMZ: demilitarized zone, SSL: secure sockets layer, IPS: intrusion prevention system.

Figure 4

Workflow for exchanging referral and care record summaries among the workers' compensation (WC) hospitals and clinics (A) referral process from a clinic to a WC hospital, (B) generate and access the Care Record Summary (CRS) for the continuity of care. HIE: health information exchange, CDA: Clinical Document Architecture.

Table 1

CDA data elements of the referral summary and the care record summary

Table 1

CDA: Clinical Document Architecture, SSN: social security number, KOSTOM: Korea Standard Terminology of Medicine, ICD: International Classification of Diseases, LOINC: Logical Observation Identifiers Names and Codes, EDI: Electronic Data Interchange, ATC: Anatomical Therapeutic Chemical.