Printer Friendly


1. Introduction

Interoperability represents the ability of two or more computer systems or components to exchange information and use the information that has been changed [1]. In the medical field, interoperability is the ability of different information technological systems and communication software applications to exchange data and use the exchanged information. Changed data layouts and standards should allow data sharing between clinicians, laboratories, pharmacy hospitals and patients regardless of the application provider [2].

Through interoperability, the medical data is securely and correctly shared with specific architectures, using international standards accepted in all medical fields, including with the owners of this data.

The interoperability of the medical data aims to obtain better quality health services, as a result of the correct and rapid information of the medical service providers (doctors, etc) regarding all the medical data of his patient, which ultimately leads to making a correct medical decision in a shorter period of time. Obtaining interoperability in the medical field is a goal that is currently not fully achieved in any country, it is currently implemented in various stages, depending on the degree of economic and informational development of each country. Internationally, huge efforts are needed to achieve the interoperability of medical data, which translates into high costs. Currently, there are difficulties in integrating health information systems, either because of the large number of system and technology providers, or because there are many programs used to exchange clinical and administrative information between applications within the same organization, as well as the fact that each application can support multiple communication interfaces that need constant maintenance and updating [3].

Why do we need interoperability? Achieving interoperability between heterogeneous health information systems is very important, as it reduces the associated health costs and contributes to more effective treatment of patients. So, the benefits of medical data interoperability consist in:

* increasing the efficiency of medical and administrative personnel;

* elimination of redundant data from the system;

* streamlining the process of providing medical services;

* avoidance, to a very large extent, of medical errors;

* obtaining important information for doctors by conducting research with modern machine learning or deep learning techniques, information that may represent future diagnostic methods or correlations between previously unknown medical data. This actually means advancement in medical research, so a better future in treating patients;

* producing reports and statistics at local or national level regarding the health status of population at a given time.

Looking ahead, the development of medicine and future patient-care technologies will surely require a great deal of information that will need to be rapidly exchanged between existing IT systems, which is easily achievable through interoperability. In order to achieve interoperability, we should talk about standardization. Without the existence of standardization, it is impossible to achieve interoperability in the medical field. This is the key element that can make interoperability possible both in Romania and between Romania and the rest of the EU member states.

What does standardization of medical data represent and what standards are available in order to achieve interoperability of medical data? The standard is a technical document designed to be used as a rule, orientation or definition. It is a consensual built and repeatable way of doing something [4]. The standards used in the medical field include methods, protocols, terminologies and specifications that are used for the collection, exchange, storage and retrieval of medical information, EHR, medicines, radiological or other medical imaging, patient monitoring devices, etc. There are also standards used for administrative processes in the health field (billing, payment, reimbursement, etc) [5]. There are four types of standards of medical data [6]:

- Content standards - these refer to the medical documents, to the content of the data in the exchange of information. They define the structure and organization of the content of the electronic message of the documents. They also include the definition of common data sets for certain types of messages. Examples of such standards are HL7(Health Level Seven) v2 and HL7-CDA (Clinical Document Architecture)

- Transport standards - these refer to the format of messages exchanged between different computer systems. Examples of such standards are: HL7, HL7-FHIR (Fast Healthcare Interoperability Resources) and DICOM (Digital Imaging and Communications in Medicine).

- Terminology standards - these are based on sets of codes, qualification systems, structural vocabulary and terminologies used in medical fields. Examples of such standards are: LOINC (Logical Observation Identifiers Names and Codes), SNOMED-CT (Systematized Nomenclature of Medicine-Clinical Terms), MEDCIN, ICD-9/10 (International Statistical Classification of Diseases and Related Health Problems), RxNorm, etc.

- Security and confidentiality standards - Confidentiality standards refer to the protection of the patient's rights. He has the right to know if, why, when, where, by whom and for what purpose his medical data is collected or used. Security standards define a set of administrative, physical and technical actions to protect health information. There are therefore two types of standards, the first are the HIPAA (Health Insurance Portability and Accountability Act) Security Rules, and the other are security standards (ISO, COBIT - Control Objectives for Information and Related Technologies, HITRUST, NIST - National Institute of Standards and Technology and CIS-Centre for Internet Security) and technical security standards (ISO 27001).

HL7 is the standard that is generally used all over the world and in all types of medical systems. This standard creates the framework for the exchange, sharing and use of electronic health information. They define how information is "packaged" and exchanged from one system to another, determining the language, structure and types of data needed for seamless integration between systems [7]. The HL7 standards define a series of messages that cover all the activities specific to the medical units. An HL7 message is made up of segments, domains, components, and sub-components and is characterized by the message type (a 3-character code). The types of messages are organized on different domains (for example: admission, discharge, transfer, scheduled clinical studies, etc) [8].

Interoperability of medical data can be obtained by using Electronical Health Records (EHR). For every medical services provider, in now days, there is an information system, where medical data are captured and stoked, but this information system is closed and it cannot communicate to each other if they are not designed to do that. This information system is called HIS (Hospital Information System) and there are many ways to make them interoperable, but in order to do that, we must take in consideration using the interoperability standards for documents and other medical information (images, etc).

2. The design concept of an interoperable system

At a national level, interoperability of medical data represents the ability of a national health information system to interchange medical information in every medical field, such as:

* Interoperability with medical equipment that captures (generates) medical information (for example- EKG, MRI, etc);

* Interoperability with the 112-emergency assistance system;

* Interoperability with the system of drug suppliers (pharmacies);

* Interoperability with the courier system that can quickly and efficiently provide the necessary medicines to immovable patients;

* Interoperability of medical information by creating medical social media portals for physicians, where they can access the latest medical news presented at congresses, studies, updated medical guides, etc.

In Romania was implemented a national information system Unique Integrated Informatic System (UIIS) and this system is functional and has three main branches: Health Card, Electronic Prescription and EHR (Electronic Health Record). This medical information system referees only to public healthcare providers [9].

For private medical providers exists only separate medical information systems, but they don't communicate to each other.

An interoperable system in medical health field, both private and public, can be achieved only by creating a private medical information system, which can be interoperable with UIIS (Figure 1).

This scheme represents a vision of the interoperable IT system that includes all health care providers in Romania. In the public health environment, there is an already implemented information system at national level as it was presented above. The proposed system provides interoperability with pharmacies (including drug stocks) and presents the way in which the flow of medical information, although in the private health environment there is nothing, no steps or premises from which to go in order to obtain interoperability, however, the two environments of the healthcare providers are presented in Figure 1 as interoperable.

It is the general scheme of an interoperable medical informatics system that could facilitate medical services in Romania. Also, at the level of the pharmaceutical field it can be very easily obtained(as can be seen in the diagram) with the help of interoperability both the supply of the necessary medicines and the transmission by courier of the necessary medicines to the patients, right from the moment the prescription was written in the cabinet doctor's cabinet. This interoperable system allows the patient to receive the medicine at home immediately after writing the prescription through a single agreement on the price of the prescription drugs.

This approach brings the following advantages:

* Reduction of data transfer time between private offices and / or hospitals;

* CNAS (National House of Health Insurance) has the possibility to reduce the errors of the increased medical data;

* Standardized communication - the same ontology as other medical entities in the EU;

* The security of data secrecy by using the proposed system;

* The possibility of eliminating any possible clarities regarding the medical decision making by using a portal or the services offered by the social media for doctors;

* Creation of a central area of stocks in which all pharmacies participate, and to which all medical units that issue prescriptions are addressed, developing an alert system regarding the medicines that can be delivered directly to the patient, if he wants this service;

* Use of interoperability for the exchange of necessary data within a hospital unit as well as with medical devices that generate information about patients (examples: MRI, Tomography, Ultrasound, etc);

* Transmission of medical data and video images in real time from the ambulances serving the 112 service, to the hospital units, absolutely necessary in making the medical decision and sending them to the ambulance, in order to be implemented by paramedics in the shortest time;

* Obligation of the standard implementation, on any type of manufactured car, of an alert system to the 112 service in case of a collision.

Romania is an European country and breaking it out of this European context is impossible nowadays, when Romanian citizens are also European citizens. That is why the interoperability of medical data with Europe is as necessary as in our country. Interoperability at European level involves solving certain issues related to ethics, security, utility, etc [10].

The model of interoperability of medical data with EU Member States can be realized by using Point of Single Contact (PSC); medical data (provided by public hospitals) can be easily exchanged between EU countries (starting December 2009), all EU countries being invited to implement this PSC. The Point of Single Contact is actually an online platform where economic agents from all European countries can find the information needed to carry out any economic activity in that country. PSC's are e-government portals for businesses operating in the services sector.

Starting from this idea, we can use the PSC to achieve the interoperability of medical data between European countries. As it can be seen even in the definition on the PSC website, it is addressed to the companies that operate in the field of services. Health is a vital service for any society, so the PSC can be easily adapted to enable the interoperability of medical data [11].

To finalize the proposal of an interoperable system with the concept of one completely interoperable medical system it is necessary to involve the Ministry of Health, where all this concept can be fulfilled. As it can be seen in Figure 2, this ministry must be in the centre of this concept.

At the PSC RO level, the aggregation of the medical data from the two sectors: EHR1 and HER 2 is done, in order to be able to be accessed by the medical clinics in Europe through the PSC.

Both sectors communicate via Internet with the Ministry of Health which is the top forum at which the qualified electronic signature is performed by the doctor, this being the most efficient way of authenticating and identifying all participants in the elaboration of the two files related to any patient highlighted in Figure 2. Medical files who reach the ministry will have to be signed by all the participants at the medical in a hierarchical order.

At the ministry level there is the Specialty Commission that can analyse and approve the medical applications of the Romanian patients who need medical care performed in medical units from other European states (example: a surgery that cannot be performed in Romania). This commission has the role of requesting all the medical data necessary to make the decision to approve the transfer of the patient. After analysis, the commission's response to the patient may be affirmative or negative. In case of negation, the reason for this should be clearly explained. In conclusion, the patient submits the request online and receives the answer all online, without having to move it with all the necessary medical documents.

After the medical file has been notified, it reaches Romanian PSC (Figure 2), where all the medical files related to a patient will be aggregated (those from the public and from the private health). From PSC RO through VPN the aggregate file will arrive in Bridge PKI (the Bridge PKI system in Romania contains its own signature which marks the validated or invalidated documents to clearly determine who did the verification of the qualified electronic signature) where the RO file is signed, further by SSL transfer the file reaches PSC IT (Italy) where the RO signature is verified by STORK (Secure Identity Across Borders Linked) and the file is accepted or not. STORK is a platform used to achieve the interoperability of existing European IDs [12].

The exchange of personal data (by transfer) implies, first of all, the ability to understand the significance of this data in all the countries (14) covered by this program. STORK is a European project dating back to 2009, which guarantees that data can be used correctly and safely in the country of destination, allowing a European citizen to register for a service first and be able to authenticate later. This protocol describes which common functionalities will be implemented, the functionalities being specified for each Member State, as well as the links between them, as well as the way of obtaining the interconnection of the interface between the common parts and the specific parts. For European data transferred at European level, this European project can be adapted and used or other ways of pseudonymizing the data can be found, using European standards in this regard or by designing an interoperable system to provide this facility. If the file is approved, it will go directly to the medical unit that made the request in the first instance, the medical unit where the patient for whom the application is made is located [13].

3. Application proposal in order to create an interoperable system

For the private medical environment, an interoperable system has a unique purpose: the secure transfer of all types of data between all participants in this system.

Data transfer within the system between any two entities participating in the system is performed using specific technologies for machine-machine communication.

As a practical implementation, the subsystem of the private medical field in Romania was chosen. Here there is no interoperability of the medical data and a computer application was created to demonstrate the benefits of interoperability for this subsystem.

This application has in the centre a Central Authority (CA), where are enrolling all the participants of the system: patients and healthcare providers (Medical Units-MU). When the participants at this system are enrolling in CA they are offering all personal data, and the system will assignee to each participant a code. This code provides the acceptance in the system and the identification of the participant. The personal data of the participants are stored in the CA database, and the medical information are stored at every medical services provider database. So, when the medical data are interchange, they will not carry the personal data of the patient, just his ID, which is different for every medical unit that is enrolled in the system [14].

This application was created in Python, and has two logical levels: Backend and Frontend.

The Backend part consists of the following modules:

* the database module (as PostgreSQL database was chosen)

* level of data abstraction

* the level of business logic.

The Frontend part is composed of the following modules:

* the module / level of data communication within the subsystem;

* the module for the web services that make possible to communicate the data between the various actors;

* Application module (fully developed).

Thus, the application will contain for each participant in the system the frontend part as well as the backend part (for the central authority and the medical offices).

In the CA the patients are registered, as well as the medical units. This module defines the participants in the system and will automatically generate a unique identity, with which each of them will be recognized by the CA.

Thus, in the Frontend part of the CA, patients have access to view their personal medical information as well as all the actions taken by a MU. The information that is viewed by the patient when he / she has been authenticated in the system with his / her credentials the following:

* the date and time when he was admitted in a MU;

* the unique code that is automatically assigned by the system when enlisted. This unique code is only known to the patient and the CA;

* the private cabinets / hospitals where the patient requested medical services;

* the medical investigations that the patient has been benefited from;

* the status of medical information (approved or rejected by the patient). Any request to view the patient's medical data must be approved or denied by the patient in order to protect his medical data.

In the BACKEND part of the Central Authority, it is possible to enrol patients and medical offices and to automatically assign unique codes that give them identity in the system. This approach complies with the BPMN scheme for enrolling a medical unit in the system [14].

Once logged in, the system administrator will have access to the administration part for groups and users.

The authentication and authorization part refer to:

* creation of user groups based on criteria established by the CA (cardiology cabinet group, group of patients who have had a heart attack);

* adding / deleting groups;

* enrolment of users (which may be patients or MU). Given the complexity of the system generated by the large number of patients, it is preferable for this enrolment to be made at birth by delegating this responsibility to the system administrators within the maternities. An example of registered users in the system can be seen in Figure 3.

This application was created in Romanian language and Figure 3 is just one example of the layout of this application.

The medical information flow depends on requests for medical data. In the Backend of CA, the medical data requests are displayed having a unique code generated automatically by the system, the MU where the data was requested, the patient for whom the data were requested, and the status of the request. It can be approved by the patient or waiting to be approved by the patient. It also can be seen what kind of documents were requested, their unique code, their status, the cabinet from which they were requested and the patient to whom the request is allocated.

The basic rule of CA is to not be involved in the medical system. So far, there has been no more interoperable medical information system, which does not allow the physician to know the patient's identity, to keep the patient's personal data in a location other than the one where the medical data is, which complies with all the required data protection regulations implemented at European level.

This interoperable system allows absolute control of the flow of medical data, the transfer is made automatically, without the involvement of the human factor and without focusing on this. The medical documents are created identical as a structure for all patients of a medical specialty, being able to be improved whenever the doctors in the offices of the system are needed.

Regarding the medical offices, in the proposed model, a medical unit is any healthcare provider that offers health services to patients, services that are not settled at the Insurance House, regardless of whether these are called hospitals, medical analysis units, cabinets dentists, medical imaging centres, ambulances or any kind of medical services in the private health system. Moreover, in this system, the pharmaceutical units can be integrated, although they were not introduced in the designed model; this step can be easily carried out, the pharmaceutical units being treated in the system like any medical office.

For medical units there is, as in CA, a component of FRONTEND and one of BACKEND.

For FRONTEND component, the user can only be the doctor from the respective medical unit that consults the patient. Doctors who can access this system receive a username and password when entering a practice. If a doctor works in several offices, he will have a different username and obviously a different password for each practice. This distribution of physicians is beneficial for both the system and the patient, who can thus find out which doctor consulted him and which medical data were acquired, shared or viewed.

After identification, the doctor can only see patients consulted by a code. He does not know to which patient the medical data belongs to. There is also a field where you can pass the patient code to be consulted. This code is entered by the patient or can be done by a card scan, or by a phone application that allows the patient to be identified in the system. The doctor does not know the patient's personal data, whatever the method of entering the code for access to the system.

Each request for medical data automatically receives a unique identification number of the request and the patient can view all requests for data that have been made, as well as the date and time at which they were made and at which office they were requested. After approval, the data requested by the doctor appear in the frontend MU1. Before the data will be transferred, the system needs the approval of the patient. After the approval, the system sends requests for those specific medical data needed for the patient, to all MUs, and automatically MU1 will receive the data needed if they are available in any MU even MU1.

At the end the doctor can visualise the medical data needed and they will automatically be deleted after.

4. Conclusion

The application of the proposed interoperable system is a small part of a national informatic medical system that was presented in this article, but it can be a viable solution that can be adjusted in order to be completely viable. The benefits of this application consist in:

1. Sharing medical data in the system - the possibility that the patient's medical data can be viewed and used at any time is needed

2. Existence of multiple databases in which the medical data is stored; the medical data is dispersed to each medical service provider that a patient uses at a given time

3. Continuous completion and updating of medical information in real time - once a patient is consulted by a doctor, his/her medical data is automatically stored in the database and immediately visible in the system (of course with the patient's agreement)

4. Easily create reports at regional or national level regarding population health parameters at a given time - medical data can be used to obtain medical information at macro or micro level

5. Use of artificial intelligence for medical research and for establishing trends (prognoses) regarding the medical pathologies studied using the medical information from the system

6. Reduce costs for medical services for both patients and the national health system by accessing existing medical information, without having to repeat the same investigations in the case of a second medical opinion

7. The possibility of a correct prevention based on concrete medical data on different pathologies.

Additional advantages of the proposed interoperable medical information system:

1. It offers the highest degree of anonymization of the medical data that is the object of sharing in the medical system

2. The European regulations regarding the protection of personal data are fully respected, even by designing the system

3. The security of the medical data is obtained by clearly separating the two basic components of a system: personal data and medical data

4. The personal data of the patient are stored in a different location from the medical data, without a visible correlation between them

5. Due to its design, the system itself has the role of protecting the patient and his personal interests

6. The patient is the only entity in the system that has access to all the information. The doctor, the Medical Unit or the Central Authority, each have partial access to patient information or medical data.

5. References

[1] (Accessed at 20.11.2019)

[2] Interoperability%20Definition%20FINAL.pdf (Accessed at 20.11.2019)

[3] Walker J, Pan E, Johnston D, Adler-Milstein J, Bates DW, Middleton B: The Value of Health Care Information Exchange and Interoperability, Health Affairs, pp. 10-18, 2005.

[4] - European Committee for Standardization, (Accessed at 20.11.2019)

[5] Institute of Medicine (US) Committee on Data Standards for Patient Safety (book), Patient Safety/Achieving a New Standard for Care, National Academies Press (US), 2004

[6], (Accessed at 20.11.2019)

[7], (Accessed at 20.11.2019)

[8] Orza Bogdan, Cordos Alin, Vlaicu Aurel, Meza Serban," Integrated medical system using DICOM and HL7 standards - New, Advanced Technologies", Book Chapter, 2010

[9] Rac-Albu Madalina Elena, Ciobanu Vlad, Rac-Albu Marius, Popescu Nirvana "Interoperability of Medical Data Through e-Health Services in Romania" The 7th International Workshop on Exploring Service Science, Bucharest 2016

[10] Kouroubali A, Katehakis DG "The New European Interoperability Framework as a Facilitator of Digital Transformation for Citizen Empowerment", J Biomed Inform, 2019

[11] Madalina Elena Rac-Albu, "Point of Single Contact - The key to obtain CrossCountry Interoperability of Medical Data", Point of Single Contact - The key to obtain Cross- Country Interoperability of Medical Data, 2016

[12], (Accessed at 20.11.2019)

[13] Rac-Albu Madalina Elena, Ciobanu Vlad, Rac-Albu Marius, Popescu Nirvana "Interoperability of Medical Data Through e-Health Services in Romania", The 7th International Workshop on Exploring Service Science, 2016

[14] Rac-Albu Madalina Elena, Rac-Albu Marius, "A Model of Achieving Safe Interoperability of Medical Data in the Private Sector of Health Care in Romania", Revista- Informatica Economica vol. 23, no. 3/2019.

Madalina Elena RAC-ALBU (1)

(1) PhD student, Bucharest University of Economic Studies, Bucharest University of Economic Studies, Piata Romana nr. 6, sector 1, Bucuresti
COPYRIGHT 2019 Romanian-American University
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2019 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Rac-Albu, Madalina Elena
Publication:Journal of Information Systems & Operations Management
Geographic Code:4EXRO
Date:Dec 1, 2019

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters