A Modeling Environment for Patient Portals

Clinical Information Systems (CIS) are complex environments that integrate information technologies, humans, and patient data. Given the sensitivity of patient data, federal regulations require health care providers to define privacy and security policies and to deploy enforcement technologies. The introduction of model-based design techniques, combined with the development of high-level modeling abstractions and analysis methods, provide a mechanism to investigate these concerns by conceptually simplifying CIS without sacrificing expressive power. This work introduces the Model-based Design Environment for Clinical Information Systems (MODECIS), which is a graphical design environment that assists CIS architects in formalizing systems and services. MODECIS leverages Service-Oriented Architectures to create realistic system models as abstractions. MODECIS enables the analysis of legacy architectures and the design and simulation of future CIS. We present the feasibility of MODECIS by modeling operations, such as user authentication, of MyHealth@Vanderbilt, a real world patient portal in use at Vanderbilt University Medical Center.

[1]  Yaron Goland,et al.  Web Services Business Process Execution Language , 2009, Encyclopedia of Database Systems.

[2]  Gabor Karsai,et al.  Composing Domain-Specific Design Environments , 2001, Computer.

[3]  Gabor Karsai,et al.  Model-Integrated Computing , 1997, Computer.

[4]  Daniel R. Masys,et al.  PCASSO: A Secure Architecture for Access to Clinical Data via the Internet , 1998, MedInfo.

[5]  Daniel R. Masys,et al.  Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web , 1997, AMIA.

[6]  Dixie B. Baker,et al.  PCASSO: applying and extending state-of-the-art security in the healthcare domain , 1997, Proceedings 13th Annual Computer Security Applications Conference.

[7]  Michael A. Shepherd,et al.  Medical Portals: Web-based access to medical information , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[8]  Schahram Dustdar,et al.  Modeling and implementing medical Web services , 2005, Data Knowl. Eng..

[9]  Ricardo João Cruz Correia,et al.  Securing a Web-Based EPR: An Approach to Secure a Centralized EPR Within a Hospital , 2004, ICEIS.

[10]  Daniel R. Masys,et al.  PCASSO: a design for secure communication of personal health information via the internet , 1999, Int. J. Medical Informatics.

[11]  Kensaku Kawamoto,et al.  Viewpoint paper: Proposal for Fulfilling Strategic Objectives of the U.S. Roadmap for National Action on Decision Support through a Service-oriented Architecture Leveraging HL7 Services , 2007, J. Am. Medical Informatics Assoc..

[12]  Aniruddha S. Gokhale,et al.  Developing applications using model-driven design environments , 2006, Computer.

[13]  P. Clayton,et al.  Privacy, confidentiality, and electronic medical records. , 1996, Journal of the American Medical Informatics Association : JAMIA.

[14]  G. Nordstrom,et al.  Specifying graphical modeling systems using constraint-based meta models , 2000, CACSD. Conference Proceedings. IEEE International Symposium on Computer-Aided Control System Design (Cat. No.00TH8537).

[15]  Amy Butros,et al.  Research Paper: Giving Patients Access to Their Medical Records via the Internet: The PCASSO Experience , 2002, J. Am. Medical Informatics Assoc..

[16]  Daniel R. Masys,et al.  Protecting clinical data on Web client computers: the PCASSO approach , 1998, AMIA.

[17]  Randolph C. Barrows,et al.  Review: Privacy, Confidentiality, and Electronic Medical Records , 1996, J. Am. Medical Informatics Assoc..

[18]  Francisco Curbera,et al.  Web Services Business Process Execution Language Version 2.0 , 2007 .

[19]  Hhs Office for Civil Rights Standards for privacy of individually identifiable health information. Final rule. , 2002, Federal register.

[20]  Vimla L. Patel,et al.  The patient clinical information system (PatCIS): technical solutions for and experience with giving patients access to their electronic medical records , 2002, Int. J. Medical Informatics.