1 / 56

SINTEF Health Research Current IT solutions and challenges at the

SINTEF Health Research Current IT solutions and challenges at the Norwegian patient register, NPR Lecture in Health informatics Dep of computer and information science 2005-10-26 Bjørn Buan Director Morten Haugseggen Siv ing SINTEF Health Research Register and Classification.

jorden-park
Download Presentation

SINTEF Health Research Current IT solutions and challenges at the

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SINTEF Health Research Current IT solutions and challenges at the Norwegian patient register, NPR Lecture in Health informatics Dep of computer and information science 2005-10-26 Bjørn Buan Director Morten Haugseggen Siv ing SINTEF Health Research Register and Classification

  2. Content Part One (Bjørn Buan MD) Information technology issues at a health register • Introduction What to learn ?Organisation, mission and tasks • Overview of data collection, storage and publication Part Two (Morten Haugseggen, Siv ing) (presented in Norwegian) Registers, exchange of information and security • IT-related issues on the ”Common denominator problem in hospital statistics”: Coding and registration of actual organisation : RESH • Health data filing systems and communication

  3. Introduction-What to learn ? • Introduction to one of the largest research foundations in Europe • Introduction of new technology in an organisation may depend on: - Leadership and employees acceptance for change - Dependence on external partners - Economy - Laws & regulations - Personal interests and enthusiasm • Examples on possible technical solutions to meet needs within and outside organisation

  4. Introduction: About SINTEF • The SINTEF Group is the largest independent research organisation in Scandinavia. Every year, SINTEF supports the development of 2000 or so Norwegian and overseas companies via our research and development activity. • The abbreviation SINTEF means The Foundation for Scientific and Industrial Research at the Norwegian Institute of Technology (NTNU).

  5. Introduction: More about SINTEF… • LocationsSINTEF has approximately 1700 employees, 1300 of which are located in Trondheim and 350 in Oslo. We have offices in Bergen, Stavanger and Ålesund, in addition to offices in Houston, Texas (USA), Skopje (Republic of Macedonia) and a laboratory in Hirtshals (Denmark). SINTEF's head office is in Trondheim. • OrganisationThe SINTEF Group consists of the SINTEF Foundation and five limited companies. On January 1, 2004 the SINTEF Group was restructured into six research divisions, which have been defined in terms of value chains and industrial market clusters.

  6. Introduction: About SINTEFA market oriented organisation: • SINTEF Health Research • SINTEF ICT • SINTEF Marine - consists of MARINTEK and SINTEF Fishery and Aquaculture • SINTEF Materials and Chemistry • SINTEF Petroleum and Energy - consists of SINTEF Energy Research and SINTEF Petroleum Research • SINTEF Technology and Society

  7. Introduction: About SINTEF Health Research • SINTEF Health Research will conduct research and development with the aim of rising standards of health and quality of life, in close collaboration with the authorities, the health sector and users of the health and social services. About 130 people employed, most researchers. 33% at Ph D level. • Departments: Norwegian Patient Register Patient Classification and Financing Epidemiological research Health Services Research Hospital planning Living Conditions and Service Delivery Medical technology Mental Health Services Research Work Physiology

  8. Introduction: SINTEF Health ResearchNorwegian Patient Register (NPR) • NPR collects and verifies patient data from both inpatient and outpatient visits at all public somatic hospitals and all psychiatric institutions in Norway, as well as from most private owned hospitals. • NPR is a national service organisation of 20 employees providing high quality statistics and data from the Norwegian hospital sector. NPR offers services to public authorities such as the Ministry of Health as well as to hospitals, researchers, media and to the public. • The tasks at NPR is mainly financed by the Norwegian Ministry of Health and Care • NPR group patient data into DRGs (Diagnosis Related Groups, Nordic version) for financing and management purposes. • Visit our website http://www.npr.no/english.asp

  9. Introduction: SINTEF Health ResearchPatient Classification and Financing (PaFi) • PaFi is conducting national programmes for the Norwegian Ministry of Health and Care Services, related to management and refinement of current DRG-system used for hospital financing. • PaFi has been deeply involved in the developement and implementation of DRGs and hospital cost accounting in Norway since year 1986. • Projects for patient classification systems for outpatients, rehabilitation and psychiatry are now planned. • PaFi has experience in long term hospital planning • 10 employees mainly educated in social economics • For further information, visit the website http://www.drginfo.info/english.htm

  10. Facts about Norway Population 4.6 millions 84 somatic hospitals 32 psychiatric hospitals • Somatic sector: • 13 000 beds • 1 250 000 admissions • 3 250 000 outpatient • visits

  11. Mission of NPR: • Collect, store and present patient data of high quality for management, financing, research and more without delay.. • That means:High quality of documentation at hospital level (coding, EHCR) • Standardized use of common coding systems and administrative definitions and metadata (www.volven.no) • Proper integration in IT-systems • IT-solutions and routines for national collection, storage and publication of data/statistics at quarterly basis

  12. Implementation of new solutions and routines • How the use of modern technology and information systems plays a crucial part in running an efficient and high quality patient register

  13. The past • Floppy disks containing ASCII-files with hospital data • Sent to the NPR 3 times a year • One data record description for somatic hospital data, one for psychiatric hospital data and one for waiting list data. Psychiatric Waiting list Somatic

  14. Today • ONE data record description • Once a month • XML technology Somatic hospitals Psychiatric hospitals Waiting list data NPR XML

  15. The flow of data through NPR

  16. www.npr.no • We publish data on our website using OLAP cubes • Waiting list data are published 2 weeks after receiving the data • Activity data is published 8 weeks after receiving the data

  17. What have we gained? • Flexibility • Better utilization of the data • Better data quality • Better use of resources • Quick access to new data

  18. The future • Hospitals sending us data on XML-file via a dedicated network ”Norwegian Health Network” • Once a month? Once a week? Once every 24 hours? • Sniffers at NPR will detect the data (packages) on the Health Net and automatically send them through the processing routines – untouched by human hands • Publishing new data on the Internet within a month after reception

  19. Health data filing systems and law regulations • The standard for ECHR by KITH is in accordance to 40 laws • Health data filing systems are regulated by Personel data act and the Personal Health Data Filing System Act • The Data inspectorate is established to ensure enforcement Personal Data Act. The purpose of this Act is to protect persons from violation of their right to privacy through the processing of personal data. The Act shall help to ensure that personal data are processed in accordance with fundamental respect for the right to privacy, including the need to protect personal integrity and private life and ensure that personal data are of adequate quality.

  20. Health data filing systems and law regulations cont. • The Ministry of Health and Care has proposed NPR to become an encrypted register with possibility for reidentification at individual level. A proposition will be sent to Norwegian Parlament spring 2006. • NPR might be the most important health data filing system in the country • Combination of information on individuals might be of interest for research. The Data inspectorate is responsible for licencing studies after recommendation of regional ethical committees.

  21. Health data filing systems including personal identity • In the following personal health data filing systems , the name, personal identity number and other characteristics that directly identify a natural person may be processed without the consent of the data subject insofar as this is necessary to achieve the purpose of the filing system : • The Causes of Death Registry • The Cancer Registry • The Medical Birth Registry • The System of Surveillance of Infectious Diseases • The Central Tuberculosis Surveillance Registry • The System for Immunization Surveillance and Control (SYSVAK) • The King in Council may by regulations prescribe further rules regarding the processing of the personal health data in the personal health data filing systems.

  22. Health registers and law regulations cont • Data security is a serious issue for SINTEF and NPR • NPR a fortress (policy, technical, organisational aspects) • Physical zones • Electronical zones • Access control • Logging of traffic and work operations • Routines and roles well described, duty of confidentiality • Logging and informing of Data inspectorate if deviation/violation of regulations • Risk analyses/management

  23. Content of NPR • 20 mio records per year • All somatic and psychiatric (adult/child) hospital admissions • All hospital somatic and psychaitric outpatient visits • Waiting lists and expected waiting time • Plans for specialized drug abuse treatment and accidents • Register for organisation of hospitals (RESH)

  24. SINTEF Health ResearchQuality indicators routineously collected • Waiting time for first consultation and treatment • Number of corridor patients • Time for sending medical report after discharge • Number/% of unexpected delay for surgery • Waiting time for primary surgery for ca coli • Use of forced treatment in psychiatry • Percentage of ceasarean delivery • Pre-surgery waiting time for fractura colli femoris • Percentage use of long term individual medical plans for chronically ill patients (schizophrenia, ADHD, phys rehab

  25. SINTEF Health Services ResearchPublishing quality indicators • Internet site Free Hospital Choice Norwayhttp://www.frittsykehusvalg.no/ • The service offers patients, and clinical personnel up to date quality information concerning patient’s rights, waiting times and quality information about the different hospitals, as well as other relevant information i e patient satisfaction and more.

  26. Publishing quality indicators-more examples

  27. SINTEF Health Services ResearchSummary and conclusions • When it comes to all, documentation, data collections, data control, data processing and presentation/publishing are major tasks to handle. • There is a demand for more automatic processing to keep up with increase of information retriveal and demand for immediate statistic use/descision suppor based upon collected data. • Implementation of new technology involves organisational changes and new work patterns. These changes might take some time

  28. Registers, exchange of information and security Siv ing Morten Haugseggen SINTEF Health Research

  29. Working areas • Main focus on technical solutions. • RESH • TPF = Trusted pseudonym manager • Security

  30. RESH

  31. RESH • RESH = Database over units in the special health care. • Will include data over many of the units in the national health care. • Will offer these data to different organizations. • Each organization can have different systems.

  32. RESH • The work has already been started by the Regional Health Enterprise ”Health Mid-Norway”. • Testing supposed to start in the beginning of 2006. • The plan is to make it to a national register during 2007. • SINTEF NPR will have the final responsibility in running national RESH.

  33. RESH – organizational structure

  34. RESH – organizational structure • The register will store a tree containing the organizational structure of the units in the special health care. • The tree is estimated to contain about 4000 nodes.

  35. RESH – solution • These are parts of the solution: • Database that contains organizational data. • Database that contains user data. • Smartclient that visualize and modify data. • Web service that offers data to smartclients and other clients. • Web server that offers the data in XML format. • User authorization. • Sertification of clients.

  36. RESH - solution

  37. RESH – summing up • A rather simple system: • No sensitive information is stored. • Small amounts of data (25 – 50 MB). • Simple user administration. • Some challenges: • High number of clients means high load. • Many requests per client means higher load. • Uptime - 99% or more, perhaps as high as 99,8% (average 1 h downtime each month).

  38. TPFTrusted Pseudonym Manager

  39. TPF • TPF = ”Tiltrodd pseudonym forvalter” (trusted pseudonym manager). • Duty: Make personidentifiable information unreadable and personunambiguous. • Forms a basis for a personunidentifiable personunambiguous register. • Independent of the hospitals (providing the data) and the registers (storing the data).

  40. TPF - model • Ola Nordmann • ID: 01013012345 • Case A • Kari Nordmann • ID: 02023212345 • Case A • Ola Nordmann • ID: 01013012345 • Case B • Kari Nordmann • ID: 02023212345 • Case B TPF • Pseudonym: 1234567890 • Case A • Case B • Pseudonym: 1234567891 • Case A • Case B

  41. TPF - model

  42. TPF - model • Hospitals have personidentifiable information (it contains national identity numbers) • The hospitals split the data: • National identity numbers + case numbers are sent to the TPF. • Patient data + case numbers are sent directly to the registers. • TPF transforms national identity numbers into pseudonyms. • TPF sends the pseudonyms + case numbers to the register. • Case numbers are matched in the registers and pseudonyms are used as a key and stored along with the correct patient data.

  43. TPF - communication

  44. TPF - communication • Communicates large amounts of sensitive information. • Nobody that is not supposed to have access to the information can have or gain access to it. • Includes the personnel that has the responsibility of running the services (network, servers, etc.). • TCP/IP – insecure protocol. • Encryption is mandatory.

  45. TPF - encryption • Public/private key distribution. • Asymmetric algorithm for distribution of keys (RSA). • Symmetric algorithm for sending data (TDES) • Sending of data: • D – data to be sent. • RKPu – RSA public key. • RKPr – RSA private key. • TK – TDES key. • rsa(x, k) – encryption of x with key k, using the RSA algorithm. • tdes(x, k) – encryption of x with key k, using the TDES algorithm. • S – sender. • R – receiver.

  46. TPF - encryption • RKPu[R] -> S R’s public RSA key is sent to S • TK’[S] = rsa(TK[S], RKPu[R]) S encrypts TK with key RKPu using the RSA algorithm • TK’[S] -> R Encrypted TK is sent from S to R • TK[S] = rsa-1(TK’[S], RKPr[R]) R decrypts TK with RKPr using the RSA algorithm • D’[S] = tdes(D[S], TK[S]) S encrypts D with TK using the TDES algorithm • D’[S] -> R Encrypted D is sent from S to R • D[S] = tdes-1(D’[S], TK[S]) R decrypts D with TK using the TDES algorithm

  47. TPF - organizational

  48. TPF - organizational • Many different units are involved. • A simple interface is required. • Only the national identity numbers + case numbers are sent. • Transferred in XML format <?xml version="1.0" encoding="utf-8" ?> <Pasientliste> <Pasientsaksnr="1234567890" id="01013012345" /> <Pasientsaksnr="1234567891" id="02023212345" /></Pasientliste> <?xml version="1.0" encoding="utf-8" ?> <Pasientliste> <Pasientsaksnr="1234567890" p=”1234567890" /> <Pasientsaksnr="1234567891" p=”1234567891" /></Pasientliste>

  49. TPF – register to register • A TPF will make register to register communication simpler (less bureaucracy, hopefully). • Patient data will be selected by a set of criteria. • The pseudonyms will be sent from a register, through the TPF and to another register. • Patient data is sent directly from one register to another. • Patient data is stored in a database with the pseudonyms used as keys.

  50. TPF - advantages • Easier communication of patient data. • The process of storing the data will be simpler since no manual steps are needed. • Personal information is more secure since fewer persons have access (only hospitals have access to personidentifiable data).

More Related