Interoperability and Medical Communication Using "Patient Envelope"-Based Secure Messaging

Transcription

1 Interoperability and Medical Communication Using "Patient Envelope"-Based Secure Messaging Emmanuel Cordonnier a, Stéphane Croci a, Jean-François Laurent b, Bernard Gibaud c a Etiam, France b Cancer Regional Centre of Rennes, France c University of Rennes1, France Abstract Keywords: The process of transmitting patient medical information between different healthcare parties involves harmonizing multiple elements: addresses, certificates, patient IDs, communication protocol, message format, and documents/epr to be exchanged. Beyond the work done at the "information structure level" within CEN TC251, ISO TC215, HL7 and DICOM, it is necessary to focus on the "basic medical communication level." An original approach, based on the "Patient Envelope", has been developed and successfully implemented for Oncology. The operator of the National "Réseau Santé Social" is now proposing a new "secure messaging" service supporting the "Envelope"-based communication. The authors are actively involved in standardization organizations' works, including EDI Santé, DICOM, IETF, and ISO TC 215. The current format is compatible with all the clients. It will evolve to be based on the ebxml envelope, extended with a "medical header" containing HL7/EHRCOM Data Types and C-METS/GPICs. This document describes the results from a 3-year experience, as well as the different steps included in the project. Healthcare Telematics, Electronic Healthcare Record, Communication Standards, Internet, HL7; DICOM; EHRCOM, IHE, MPI. 1. Introduction Probably more in European countries than in North America, transmitting patient medical information involves different organizations: hospital, clinics, ambulatory specialists, or general practitioners. In some contexts, "shared patient folder" is justified (e.g. disease management network); however, in most cases, healthcare professionals "exchange" information more frequently than they "share" it. The limited success of e-health initiatives, where patient data were supposed to be centralized in a common database has proven that healthcare actors are not ready (yet) to experience a very formalized system. In fact, this gap between the technology capabilities and the actual use the technology is even visible inside medical institutions: only a small part of the actual medical information is stored in databases, although computers are widely used for data input, mainly using word processing applications. The delay in the adoption of a common electronic medical/patient/healthcare record, after more than 30 years of active work, worldwide, is probably the most perceptible effect.

2 Computing has two main impacts: on management and on communication. Probably the first one has been too much emphasized. Communicating well and quickly medical information to another physician or to the patient herself/himself has more impact on the healthcare practice than the ability to retrieve all the patient s previous examinations. Thus, in many developed countries (not to say emerging ones), physicians communicate more and more patient medical information through in a "free way", and often an unsecured way, because they think it is crucial for the patient, and, as a result, for their own activity. So, harmonizing electronic patient records, which is required to improve medical practices, should first focus on the "exchanging" process than on "management" databases. The main medical standards to be widely used (e.g. HL7, DICOM and some "national EDI" formats) define how to exchange information and messages, and not how to structure the database. EHRCOM and HL7 v3 are heading in that direction. But both of them sometimes forget that a major part of medical information, even in a digital form (RTF, HTML, PDF ) is not structured. The objective of the work done for more than fives years, has to focus on filling the gap between "free" communication, using standard and generic Internet tools, and "totally structured" communication, managing every single field of the document to be exchanged. The purpose of "patient envelope", also called "Medical exchange Folder", is to encapsulate this "free" or "structured" information, grouped into documents, to be transmitted in a secure way on existing communication networks. 2. Materials and Methods State of the Art in Europe Some projects have been driven in Europe to address the communication of medical data between different healthcare parties: Coco in Scandinavia C-CARE in the United Kingdom xdt in Germany, Medibridge in Belgium and H.P.R.I.M. in France. These projects are in general evolving either on EHRCOM standard, following some advanced projects like HARC [1], or in the direction to HL7 v3, like GP2GP in UK. Projects are more credible now as the two standards seem to converge [2]. If all of these projects show the medium-term future, they only apply to a restricted sort of medical data flow (e.g. lab results) and/or context (e.g. diabetics), and they require that all the data are totally structured on both sides. Before this is widespread, people are looking for a more flexible solution. Web Versus In 1997, when the project first started, many actors (researchers, users, industry) were focusing on the Web server technology. Some parameters encouraged authors of this document not to investigate too deeply in that direction:

3 More than 50% of the overall traffic on the Internet is based on (SMTP ), even if the Web is more on the front of the scene. So authors anticipated that it would be also apply to Medicine. The method currently used to communicate medical information is mail, which is adjusted to the organization of healthcare "asynchronous mode", "aligned" on the physical movements of the patient. Sharing information on a server involves sharing responsibilities (and power?), and it is well known that in Medicine, people are usually directly responsible of their contribution in the treatment given to the patients. To be actionable, information shared on a server should be more structured than when they are transmitted through . But the use of generic tools has many intrinsic limitations: No capabilities to communicate directly with existing professional applications (EPR, HIS ), especially on the recipient side. "chaotic" mixture of personal messages and patient professional messages, making it impossible to easily retrieve information received for a particular patient. Lack of security (privacy, audit trails ), or, if any, impact on the time it takes to send/receive a message. "Patient Envelope" Approach After a worldwide analysis of existing standards, authors are now convinced that an "intermediate" structure of information, related to ONE patient, and storing the minimum amount of data (i.e. exclusively useful data) to facilitate the interoperability between communicating peers, will solve those three issues. Existing standards have been selected, provided they are compatible with existing tools (even less adjusted to that context, they should be usable). The SMTP/POP3 protocol was selected because it is supported by all servers. The security is S/MIME with triple DES encryption based on X509 certificates. The certification process was to be compatible with the use of the Carte Professionnelle de Santé (CPS) which contains the PKI signature and protects the encryption certificate(s)stored on the local computer. All the messages are structured with two MIME attachments: the description file (encoded in ".INI") and a ZIP file created from all the documents included, in order to enable easy management of (related) links between sent files, necessary especially for HTML and XML files. Some documents formats have been recommended (but not in an exclusive way): XML/HTML for structured documents, DICOM for images, RTF for reports and letters, WAV for vocal comments and TXT for notes and annotations. The format has been published in EDI Santé [3]. The crucial point of having multiple IDs for patients has been addressed by putting into the envelope the list of Patient IDs, indexed by Health Care Parties IDs, in a way that is compatible with Master Patient Index [4]. Contribution to Standards and Prospects of Evolution At the same time as the project is deployed (see section 3, "Results"), significant efforts have been made to contribute to international standards, with the objective to get the

4 "patient envelope" format adopted widely, which requires to take into account the latest available standards and recommendations. In France, active contribution to the Electronic Data Interchange for Healthcare group (EDI Santé) has already prepared the evolution of the format to be based on ebxml, with a "patient" and "medical" application-header using HL7 v3 and/or EHRCOM data types and C-METs / GPICs. A proposal has been made and accepted to recognize officially DICOM as a MIME type [5], and to develop the concept of a standard way for the "Web Access to DICOM Persistent Objects" enabling to put "persistent" reference to images into text document attached to the same message, in an original cooperation between ISO TC 215/WG2 and DICOM. Finally, the IHE (Integrating the Healthcare Enterprise) initiative has been promoted in Europe, and it could serve has a good context for the test of interoperability between "patient envelope"-based messaging in the future, after the new profile "Master Patient Index" has been developed and implemented. 3. Results The deployment of the project has been very long because the "client" approach requires every healthcare actor to be compatible, and each computer to be extended with new software applications to support the secure messaging protocol. A significant milestone was reached in October 2002, with the distribution by Cegetel.rss of a new medical messaging service, called "Sentinelle", fully supporting the "patient envelope" protocol and adapted tools. The secure protocol is fully compatible with the secure messaging proposed by its competitor France Telecom (altogether servicing 100,000 healthcare professionals and more than 500 medical centres), and with the evolution of HPRIM, called HprimNet, mainly for the distribution of lab results. At the same time, more regional/local projects were deployed, including the distribution of pathology reports to the Cancer Regional Centre of Rennes. Over three years, 2,771 reports have been received by the Centre from an external Pathology Centre, and the Regional University Hospital and a private Clinic have decided in October 2002, to use the "patient envelop" protocol to send and receive pathology reports. The users provided a very positive feedback: Security (privacy, signature) "I can quickly check and trust the report origin." Tractability (advice requests, logs). Efficiency "Clinicians/surgeons, and patients, save at least half a day in the process". "I don t have to waste time calling the pathologist on the phone anymore. " Reliability (some of the mails sent at the same time were never received.) Quality and integration, thanks to the direct connection with the lab management system on the pathologist side, and "assisted and easy" integration on the recipient side (to be automated in the near future, the "requesting side" patient ID being input in the pathology system). They would like the software to evolve mainly to have a more extensive workflow management. The three medical centres, associated into an "Cancer Network" are aiming to generalize the use of the protocol and the associated tool ("mediem ") as a first step, compatible with the adoption in the future of a "Cancer EPR server".

5 4. Discussion The communication of medical data between healthcare actors will evolve in the next ten years, from a "free" to a "controlled and structured" way. A shown in Figure 1, the "patient envelope" approach is on the "main path" of the evolution. Figure 1 - Evolution of Medical Communication controlled HL7 CDA "shared" repository EHRCOM "shared" EPR Objective: Shared EPR "EAI" COMMUNICATION free "free XML" shared EPR server manual secured ing of free documents manual e- mailing of free documents manual of free documents of free documents secured e- mailing of HL7 v2 files DATA manual of CDA / DICOM of HL7 v3 / EHRCOM secured e- mailing of EHRCOM files structured Experience has shown that among "cost" and "freedom", users will always choose "freedom" (if there is now a "free and free" solution), especially where responsibility of individuals is implied. But short-term reaction is often to rush on out-of-the-box solutions, requiring no changes to the environment. Physicians have been positive about new "remote EPR" solutions which appear as a good and cheaper alternative to their sometimes limited and cost effective EPR. But after a few weeks using them, they discover the intrinsic limitations of the systems, requiring a permanent connection (incompatible with mobility), multiple login steps, and very limited capabilities to integrate local data and documents without multiple manual manipulations. However, the "medical " approach requires that all the correspondents use of the same exchange format, which involves the modification of their own environment, including the extension of their local EPR, with inferred expenses. The recent "offer" for an "integrated service" by a leading Healthcare network operator will probably boost the adoption of the standard, because it saves a lot of money and human resource time to process the "entry step". The same happened with cellular phones: their price was included in the subscription contract.

6 5. Conclusion The "patient envelope" approach seems to be more appropriate for large-scale medical communication. The "web server" approach better suits dedicated healthcare networks. The "patient envelope" approach is more on the "natural path" of the evolution from the current "free" communication to the future "integrated" healthcare system. The presentation that will take place in May 2003 will include a report of the feedback collected after a sixmonth large-scale experience in France. 6. Acknowledgments Thank you to all the actors (researchers, users, industrial companies) who have trusted early the "envelope approach", and actively contributed to its definition and promotion. Thank you as well to Public organizations which have supported the projects (Eureka/Itea European initiative, French Ministries, Brittany Regional Council, and ANVAR). 7. References [1] Bern Blobel. Secure Communication and Co-operation of Distributed Electronic Patient Records. Health Technology and Informatics 87. Amsterdam: IOS Press, 2002; pp [2] Tom Marley. Standards Supporting Interoperability and EHCR Communication - A CEN TC251 Perspective. Health Technology and Informatics 87. Amsterdam: IOS Press, 2002; pp [3] Bernard Hervault et al. Format "d'enveloppe d'échange medical". Paris : Edi Santé, [4] Geradr Freriks. Identification in Healthcare. Health Technology and Informatics 77. Amsterdam: IOS Press, 2000; pp [5] D. Clunie, E. Cordonnier, Digital Imaging and Communications in Medicine (DICOM) Application/dicom MIME Sub-type Registration. The Internet Society. 2002; 8. Address Emmanuel Cordonnier, ETIAM, 20 rue du Pr Jean Pecker, Rennes France, emmanuel.cordonnier@etiam.com,