Security Infrastructure and National Patient Summary Mats Hagner

Security Infrastructure and National Patient Summary Mats Hagner. Project Manager Carelink AB Mats. hagner@carelink. se

Carelink A national association in Sweden, promoting e. Health Currently owned by the county councils and local authorities. Development Manage and coordinate national projects to develop common solutions – ICT support for health and social care System maintenance Maintain and further develop functionality and quality in already existing common ICT solutions.

BIP Basic services for Information Provision ”An important current development is the removal of individual functions from a large number of e-Health solutions and the development of general or national common solutions. ” National Strategy for e. Health

Vision A unified way to handle patient data with full information security within and between organisations.

Rules and regulations Legislation – New Patient Data Act Regulations – National Board on Health and welfare (Socialstyrelsen) – Data Inspection Board Patient data – Each health care principal is responsible for controlling access to patient data

Prerequisites • Securely identified user – e. ID + Health. Care Certificate • Need for patient data • Engagement in care activity • Consent • Log –follow up

Current security solutions • Users in every system • Heavy administration • Non dynamic Care professional

Tools Service Oriented Architecture SOA Service Request Service (consumer) (provider) Response Message Information exchange between separated services in a standardized, secure and controlled manner.

BIP – Web services • Authentication • Access control - ABAC • Consent • …… – Based on OASIS-standards as XACML, SAML – Builds on national security solution (SITHS) – Specified in national ”standard” – Developed in cooperation with IT-industry – First official version of the technical specifications ready in june 2007

ABAC - Attribute Based Access Control Resource Actor (Patient data) (Healthcare professional) Control Actor attributes Apply rules ID Organization Medical speciality Date Resource attributes Patient ID Organization Medical speciality Date Rules

Example of rule for patient data access Rule-ID=1 Actor Profession=Orthopedist Organizational unit=Division 3 Classification=Orthopaedia Activity Read Write Resource Organizational unit=Division 3 Classification=Orthopaedia Criteria Valid=2004 -11 -01 Decision by Unit manager NN

Authentication Log in Client al ation iz rgan O Ticket ID Attributes rie unda bo s Access Control IT-service Log

Local access decisions County Council B County Council A e-Health application Patient data transfer BIP Private Care prov. e-Health application BIP

BIP – Summary • Service Oriented Architecture • Strong authentication – PKI • Attribute Based Access Control – ABAC • Procurement process starts in june 2007 • Planning to start implementation 3 Q 2008

Swedish National Patient Summary • • • A summary of important patient information – warning, medication, lab tests etc. Viewing only – no updating. Integrated into care applications or used via separate client

Basic conditions Big sunk investment in electronic medical record Decentralized health-care and decision rights • 21 county councils/regions run hospitals and primary care • 290 local authorities provide at home services and ”special accommodations” • Large number of private care companies Highly diversified IT systems • Early adapters of electronic medical records • Limited coordination resulting in a highly diversified IT landscape with solitaire systems, many brands and limited ability to communicate High level of computer literacy • Almost all hospitals, primary care units and home care units fully digitalized • User computer literacy is high

Why a National Patient Summary? Patients • Increased wish to manage own healthcare and care processes • Increased Internet literacy Regional use • Exchange between county councils and municipalities. • Highly demanded from municipalities. Need for interoperability and access to patient data Increased mobility between regions and nations • Healthcare guarantees • Healthcare clusters Enhanced efficiency and healthcare quality • Enhanced healthcare security • Improved decision support and processes • Reduced admin and testing costs • Improved clinical outcomes

Design considerations Constraints A federated and distributed model • Legal restrictions to transfer patient data across organizational borders • Data remains at the source • Need for scalability and performance • Minimize changes in existing systems • Local data repositorites on the network rim • Existing local clinical systems and standards remain largely intact • Less legal and no ownership issues • High scalability and performance • No single point of failure • Fast implementation • Coordinate with other national initiatives

Based on industrial solution Reduced costs Utilization of thoroughly tested components Established base of existing reference installations Adapt to information model, security infrastructure and legislation Established methods and tools for implementation Prime contractor with clear service deliverables Prime contractor with strong balance sheet and R&D strengths Competence redundancy Adherence to industrial standards Reduced risk – won’t become test bed for new technology Improved stability Continuous improvements with reduced R&D costs Faster and simpler implementation Enable us to focus on using the solution to improve quality and clinical results

Key success factors 1 Build and develop for the healthcare profession 2 Don’t reinvent the wheel – look for what you can copy/buy from your neighbor and upcoming EU standards 3 Coordinate with other national initiatives such as security infrastructure, information model etc. 4 Develop step-wise rather than go for a big bang – there is a lot of learning on the way