Implementation of Medical Information Exchange System Based on EHR Standard
Article information
Abstract
Objectives
To develop effective ways of sharing patients' medical information, we developed a new medical information exchange system (MIES) based on a registry server, which enabled us to exchange different types of data generated by various systems.
Methods
To assure that patient's medical information can be effectively exchanged under different system environments, we adopted the standardized data transfer methods and terminologies suggested by the Center for Interoperable Electronic Healthcare Record (CIEHR) of Korea in order to guarantee interoperability. Regarding information security, MIES followed the security guidelines suggested by the CIEHR of Korea. This study aimed to develop essential security systems for the implementation of online services, such as encryption of communication, server security, database security, protection against hacking, contents, and network security.
Results
The registry server managed information exchange as well as the registration information of the clinical document architecture (CDA) documents, and the CDA Transfer Server was used to locate and transmit the proper CDA document from the relevant repository. The CDA viewer showed the CDA documents via connection with the information systems of related hospitals.
Conclusions
This research chooses transfer items and defines document standards that follow CDA standards, such that exchange of CDA documents between different systems became possible through ebXML. The proposed MIES was designed as an independent central registry server model in order to guarantee the essential security of patients' medical information.
I. Introduction
Since now, when a patient is transferred to another hospital, the patient needs to bring his/her own records and submits to the newly assigned doctors [1]. To lessen this inconvenience, data transferring, or data exchanging techniques have been developed. The biggest limitation on this issue is that the records are in various forms by each doctor or each institution. To overcome this barrier, some web-based information sharing systems have been developed in some General Hospitals to communicate with their affiliated clinics to eliminate manual procedures recently. However, these kind of systems are not proper for the nation-wide standard model but for their affiliated medical facilities [2]. The electronic healthcare record (EHR) is an information system that integrates electronic medical record (EMR) maintained by individual hospitals to effectively exchange histories of patient's treatment record scattered around medical facilities [3].
In terms of improved medical service quality, better accessibility and enhanced safety for patients, EHR provides various benefits. Based on the electronic treatment information and clinical decision support system, EHR can check drug interactions to reduce prescription errors and constantly monitor pharmaceutical side-effects of safe medical services. Moreover, by making individual treatment information available regardless of time and location, EHR can increase patient's right to know, improve the ability to manage diseases, and alleviate the asymmetry between the medical staff and the patient [3]. EHR can also intensify personal information protection by implementing managerial, technical and physical measures against misuse and abuse of patient's treatment information [4].
The primary aim of this research was to build a medical information exchange system (MIES) which made it possible to exchange medical information between various medical information systems of hospitals and also guarantees the interoperability between medical information systems of the participating institutions.
II. Methods
To enhance the reliability and effectiveness of the medical information exchange between different medical institutions, the following factors is considered importantly: well screened items, data transmission methods, standardized terminologies and security of data and system.
Considering the above issues, this study adopted ebXML as data transmission standard suggested by Center for Interoperable Electronic Healthcare Record (CIEHR) of Korea in order to transmit messages between various systems. Furthermore, in this study, the Web Service technique was adopted to connect EMR systems of each hospital. In addition, the international standard of the clinical document architecture (CDA) R2 was used to enable nationwide transfer of medical records for the information exchange. We implemented the centralized EHR Registry Server which contains information to share. As a result, it enabled users to retrieve and distribute the CDA document from CDA Repository by patient's index.
The EHR Registry Server is the center to store and manage information on hospitals, patient's medical information and their consent to release of their medical records.
1. System Process and Architecture
The MIES developed through this study have been tested by Seoul National University Bundang Hospital (SNUBH) as a general hospital and 33 nearby physician's clinics. Figure 1 shows the delivery process model of referral from a physician's clinic to a general hospital. The physician's clinic sends a referral message to the Registry Server when referring the patient and it will store the CDA document at its CDA Repository. Then it sends referral message to a requested hospital. The requested hospital sends the patient's information to the Registry Server and retrieves the CDA document after checking the registry information. Also referral reply and Information for Request are delivered as reverse way. Figure 1 focuses on system architecture and technical approach of the MIES for medical information exchange process.
The MIES was designed to exchange CDA documents between designated medical facilities through the CDA Transfer Server with helping of Central Registry Server. The main function of this server is to manage the index information of patients subject to information exchange and facilitate the exchange of CDA documents via the CDA Transfer Server with this index information [5].
The MIES has two servers and needs to be connected to an adaptor. This adaptor plays a role of intermediary to transmit the CDA document and messages. The Registry Server stores the patient's information according to predefined schema and generates the index of patient, and it is used for searching CDA documents. Using the produced index of the patient, the CDA Transfer Server extracts the relevant CDA documents from the CDA Repository of the physician's clinic for transmission. Then, the transmitted data is stored at the repository of the requested hospital (Figure 2).
The MIES is composed of three categories of services: The registry server manages information exchange and the registration information of the CDA documents, and the CDA Transfer Server is used for the registration information, locates the proper CDA document from the relevant repository and transmits it [6]. The CDA viewer shows the CDA documents through connection with information systems of hospitals related (Figure 3).
2. Application Methodology of CDA
To share medical information between medical institutions, it is necessary to determine items to be exchanged. The items are defined in 'HL7 CDA' format which is the standard for XML-based CDA exchange. The used version is release 2 version.
As a result, three templates can be generated: Referral Form, Referral Reply, and Information Release Request. In this study, lab test result, medication order and health summary are summed up into an integrated template, and reproduced into a standardized XML format.
A CDA document basically consists of two parts: Header and Body [7]. The former contains patient's personal information and the latter contains medical information.
In this study, the CDA Body was constructed in the Structured Body type and was written out in the XML format. The Body encompassed items regarding lab test results, medication orders and treatment summaries and was constructed in accordance with the CDA standard, as shown in Figure 4.
We structuralized diagnosis, injection history, and test results. In addition, we adopted 'entry' concept to achieve interoperability between different terms that have same meanings, so that the loss of information is reduced, and the value of information is raised [8]. More details are mentioned in 4. Application of Standard Terminology.
3. Application Methodology of Data Transfer
The Document Registry Framework (DRF) suggested by CIEHR of Korea is used to connect the Registry Server, which registers and manages information categories subject to exchange, and the Repository, which stores and manages the CDA documents (Figure 5).
A CDA document is stored at the Repository upon creation, and registration information is stored at the Registry in the form of a message. To retrieve the generated CDA document, the Document Consumer obtains the CDA ID and information on the location of the Repository from the Registry, and finally gets the CDA document through ebXML.
The DRF was provided in the format of Web service definition language (WSDL) along with the API of a transmitting module in order to be applied to various platforms easily. The system in this study was developed on ".NET" platform, and the API was applied by using the "Visual studio .net."
4. Application of Standard Terminology
Since a standardized terminology needs to be employed to transfer information of a diagnosis and medication from different systems, the code for the standardized terminology was adopted. The description of the standard code was made into CDA Entry level. To notate the diagnosis of a patient, ICD-10 codes were used and marked into the Entry in a CDA document. The medication was represented in the Entry level of CDA document by using the main ingredient electronic data interchange (EDI) codes.
For diagnosis code ICD-10, the codeSystem sets 2.16.840.1. 113883.6.3 at the Entry Observation (Figure 6).
The EDI code for medication is employed without alternation and the codeSystem is set for 2.16.410.1.10000.4, along with the information on ingredients, dosages and manufacturers of the drugs in use (Figure 7).
5. Application of Security
The security guidelines proposed by the CIEHR of Korea was used to ensure the information security. In this study, we aimed at building essential security systems for implementation of online services, such as encryption in the communication section, server security, and database security, protection against hacking, contents and network security.
For this purpose, the VPN was implemented to encode packet in each middleware section. To protect the database and the server, an encryption solution was applied. A web firewall was installed to protect hacking. Especially, to secure the data, all the transmitted data were sent out after encoding and decoded after receiving by using public-key cryptography.
The communication through the Web Service mounted on the middleware is conducted by managing the certification codes for the middleware of each hospital so the access to the service is blocked if certification failed.
When sending a message, each packet is encoded for transmission within VPN-controlled section. As the message calls the Web Service on the Registry Server; the paging call is verified against the Web Service Security Enhanced (WSE) for passage. Also, the Token in SOAP-type is checked for verification. Specifically, the ID and the password are checked. The password is encoded and stored in the database for verification. Finally, after certification, the encoded message is decoded and delivered to the final recipient.
Furthermore, access control was accomplished by monitoring user's IP and Mac address on internal network in the security policy.
III. Results
1. Registry Server
The Registry Server stores meta-information for exchanging the patient's medical information to referral. It provides two types of services: messaging service which facilitates sending and receiving the meta-information, and the registry service which registers and manages information on exchange.
1) Messaging service
The messaging service is composed of the services of storing and inquiring the transmitted message. When transmitted, each message is made in the XML format.
The meta-information contains data of the sending and receiving medical institutions, medical staff in charge, reservations, diagnosis and meta ID. Especially, the meta ID is transmitted as a message produced by the OID rules. This OID is unique to each message, and serves as an index to search the relevant CDA document [9,10].
When receiving a message, it is delivered via the Web Service which known as the CDARegService. This web service uses the message decryption for decoding, and uses the message parser for interpretation, and stores the meta data to the database.
2) Information exchange registry service
For patient or hospital to subscribe this service, it needs to sign up for the service at the MIES Server for certification. The registration procedure is provided by Web Service at the EHR Registry Server. The procedure is tailored for the each stage of information exchange, and contains information on Referral, Reply, and Request. In addition, two other services are provided: one that verifies the consent to the release of the medical information, and the other that stores the registry information. The fields managed by Registry Server are shown in Table 1.
A certification message in a XML format is sent out, which activates the Registry Service from the MIES Server. The final authentication undergoes the processes such as verification of consent, certification and EHR registration. The certification message conveys the information on the ID code of the medical institution and the patient's social security number. These two pieces of information are used to check whether the EHR registration has been done or not. During transmission, the certification information is encrypted.
When the consent information is absent, the Registry Web Service sends an "Authentication Fail" message to the original sender. Upon receiving it, the sender sends back the registry information. When the registry information arrives at the MIES Server, its Registry Service activates and registers the information. Once the information on the patient and the hospital are registered, the Registry Service sends an "Authentication Success" message to the original sender, and the sender is now able to access the information exchange service and start the medical information exchange process.
2. CDA Transfer Server
When a hospital transfers patient to another institution, the requesting institutions send a referral message to the Registry Server and the CDA document is stored at the CDA Repository. To transmit the stored CDA document, the Transfer Server searches the CDA documents produced at the requesting institution or the receiving institution, and sends the relevant information to the requesting institutions.
To search a document stored at the CDA Repository of the hospital, the unique index of the document is required to facilitate this process. Thus, a unique ID is assigned to each CDA document, and the unique ID is transferred as the meta ID upon message transmission.
When requesting for transfer of a CDA document, the requesting hospital sends to the requested hospital, the OID generated from the messaging Web Service. The link service, which searches the CDA record, is registered at the registry through the CDA Search Service, and the CDA Document is stored at the CDA Repository.
The requested hospital finds out the location in the Registry in reference to the meta ID of the received message. Upon receipt of the request, the DRF Server searches the indexed document stored at the CDA Repository by the meta ID and transfers to the requested hospital.
3. CDA Viewer
When a hospital or a clinic refers or replies to another institution, including medication information, LAB test results and the patient profiles the CDA document is generated.
The requesting hospital needs a program to make the CDA document, CDA generator. Also, to see the CDA document, you need the CDA viewer which changes the CDA document into the document applied XML Style Sheet (XSLT) (Figure 8).
IV. Discussion
We developed a CDA standard-based medical information exchange system which electronically exchanges the medical information items defined in accordance with the CDA document standard, adopting the standard transmission method and security devices. The security and standardization approaches covered all processes.
To provide the better protection and security of the patient's information, the MIES established a Registry Server and a CDA Transfer Server separately in order to divide patient information and medical information. The Registry Server contains the patient profile and the indexes of the medical information only. Therefore it is possible to reduce the burden arising from management of the entire medical data. Each CDA document is maintained in the CDA Repository of each medical institution.
The interaction between heterogeneous systems became possible by using middleware. Since MIES was constructed based on the exchange standard suggested by CIEHR of Korea, any system can be accessed.
Table 2 shows comparison of the old "Prototype of the Information Exchange System" and the new "MIES" developed in this study. The "Prototype of Information Exchange System" was implemented to check possibility of medical information exchange between nearby several clinics and SNUBH.
Currently, there's a lot of Hospital's demand to adopt this instant system for effective information exchange in Korea. To meet these demands, following study must be pursued to build an advanced system enabling information exchange between multiple Hospitals and clinics.
By applying international standards to exchange of information between different medical information systems, this study will expectedly contribute to medical information exchange not only between domestic medical institutions, but also international medical institutions.
Acknowledgements
This study was sponsored by the Ministry of Health & Welfare of Korea (Assignment No.: A050909).
Notes
No potential conflict of interest to this article was reported.