Transcript Your Presentation Title

Software Group
Security and Privacy in
Telemedicine
Soren Duus Ostergaard
senior eGovernment Advisor
IBM Europe, Middle East & Africa
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Objective
 Discuss key privacy/security items in
Telemedicine
 Focus on key ethical Dilemmas
 Look for ‘best Practices’ and adequate
Technology
 Do we need to change Legislation?
2
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Security & Privacy in Telemedicine
 Introduction & Background
 Telemedicine – Experiences so far
–Aarhus ElderTech
–The ECHO Project
 Trends in Telemedicine – where are we heading?
 Where is the dilemma?
What IS Privacy??
Personalized Care
Value Chain quality degradation ?
 Data Governance and Privacy Enhancing
technologies
 Recommendations, Summary
3
[email protected]
© 2005, 2006 IBM Corporation
Software Group
The PRISE Project will:
Develop Criteria and Guidelines for Privacy and
Security Research and Technology Development in FP 7
Transform the results into civil rights and
Create Scenarios that present
different Applications of Security
Technologies and Measures
Test these Scenarios in a Set of
Participatory Procedures in different
European States
Elaborate the sets of Criteria and Guidelines
with direct involvement of Providers,
Users, Implementers, Institutions
and Bodies shaping Policies
Disseminate Results to Actors
4
[email protected]
www.prise.oeaw.ac.at
© 2005, 2006 IBM Corporation
Software Group
The ElderTech project: (City of Aarhus, IBM,
Alexandra Institute/Aarhus University 2006)
… in 3-way innovation partnership with City and
University of Aarhus to develop user-centered
design principles and sample solution for
eldercare…
Leverages pervasive technology
including Personal Care
Connect Solution developed by
IBM …
Provider Portal
Citizen Portal
… to
improve quality
of life for elderly
citizens through
empowerment and
adaptive
interaction…
5
[email protected]
… enhance
Personal
Care
Connect
Database
and
unify care
through
overview and
alerts...
… and face
anticipated age
wave issues for a
large care
provider.
© 2005, 2006 IBM Corporation
Software Group
Traditional care delivery is challenged - leading to suboptimization and a frustrating consumer experience
Hospital/
Ambulatory
Pharmacy
Doctor
Home nurses
Care Providers
Friends &
Relatives
6
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Citizen Portal: Involving and Supporting
Citizens in their own Care
7
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Provider Portal: Improving Quality through
Overview of Care
8
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Citizens and Providers together:
Close up on Issues – from a Distance
9
[email protected]
© 2005, 2006 IBM Corporation
Software Group
”It’s a Brilliant Idea!”,
says Knud Dalgaard at age 82, who has been using ElderTech for 4 months.
”I measure my blood pressure and weight every day, and it makes you think twice,
because it also involves you more in managing your own health.
And this is just the beginning; I expect a lot more information can be entered.
Looking forward, the loop will be closed and allow both homecare and your general
practitioner to check how things are. And if you enter hospital, the specialists there
will also be able to retrieve your history from the computer.”
10
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Eldercare Perspectives
Technology
Society
11
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Safety Devices (Examples)
[email protected]
© 2005, 2006 IBM Corporation
Software Group
ECHO Target Group/Challenge 5 – IP Project
 Elderly people (over 65) with one or more Chronic diseases
living in their own HOmes
– Diabetes
– COPD
– Tendency to fall
Case
Mgmt
Participants:
Tallinn, South Wales NHS,
Valencia, Næstved, /DK)
Disease
Region South DK, Solvesborg, (SW)
Management
Amaroussion (Gr)
Leeuwarden (NL)
Alexandra Institute (DK)
Supported Self Care
Valencia University,
North Holland University
Blekinge Techn. High School
Healthy People:
IBM Zurich Lab &
Prevention and Wellness
IBM Health Care SVS Europe
Toumaz Technologies +
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Telemedicine:
Generic
Scenario
Emergency
Dispatch
<
Drug store
GP
Mobile
Hub
Portal
Expert
System
Nurse
Social Worker
Sundhedscenter
Friends & relatives
[email protected]
Hospital
EPR
© 2005, 2006 IBM Corporation
Software Group
What do you understand by Privacy?
 Privacy as confidentitality ?
 Privacy as anonymity ?
 Privacy of Identity ? (Separate from ‘public role’)
 Privacy as self-determination – non-interference in own
actions
 Freedom to be left (completely?) alone
 Privacy as control of personal data ?
15
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Where are the Dilemmas?
Feeling Safe – Revealing all Activities
Critical Illness – Who should know?
Continuous Monitoring – False Alarms
Automatic FeedBack – Misinterpretation?
Correlation between Measurements –
Quality of Staff/ Quality of Decisions?
Shared Care – Shared Data
Individualized Care – ‘Deep knowledge’
Legal Reqts – Research posibilities
16
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Importance of a trusted health data network operator
(Example: The Danish Health Network, sundhed.dk)
Compliance Support:
Consent Management solution
Role based access
Secured by
Digital Signatures
Extensive
Logging (access/changes)
17
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Actors & Technology Providers in Telemedicine
peakflow
body weight
activity
heart rate
inhalation
registration
Nurse
Service employee
blood pressure
injection
registration
Relative
auscultation
patient
glucose
ECG monitor
device
manufacturers
middleware
Bluetooth /
Zigbee IP
[email protected]
network Infrastructure
health care
• portal
professionals
• scalability
• privacy protection
• on-demand service
tablet dispensing
mobile
phone
Operator
(or Cable)
middleware,
on-demand
services
© 2005, 2006 IBM Corporation
Software Group
Technologies involved in the new Health Paradigm
 Sensor Technologies - From measurement to localization
 Biometrics – fingerprints, iris, facial recognition, DNA
 Video Surveillance – active/passive - storing
 Data Storing and DB Access control/Logging
 Data processing and analyzing – patterns, trends, Use,
re-use, research, commercialisation
 Communication systems – from PAN, Bluetooth, Zigby to
PSTN, Internet communication, GSM, wireless – logging,
storing
 Search Technologies, Grid computing, federated identity
resolution
19
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Hippocratic Database Solution – IBM Almaden Lab
HIPAA and its challenges
HIPAA, 1996
TITLE 2
2.1 The Privacy Rule
Indicate intention to use
Protected Health
Information policy
regarding sharing of
non-public personal
Information with affiliates
and third-parties
To disclose only the
minimum amount of
Protected Health
Information when reporting
adverse events to entities
outside of the partner
system...
20
[email protected]
Challenges in implementing HIPAA (Or EU Directive)
1. Determining the scope of the HIPAA rule
2. Risk Assessment
3. Cost of implementation
4. Ease of implementation
5. Information sharing
Satisfied by the
Hippocratic
database solution
There have been 22,664
privacy-related complaints
ever since the privacy rule
took effect in 2003….
- Department of Health and
Human Sciences
© 2005, 2006 IBM Corporation
Software Group
The Hippocratic Database solution
This solution consists of –
a)
Active Enforcement
Component
Policy
Creator
GUI
Enterprise
Applications
User
Preference
GUI
Preference
Parser
Policy
Translator
b) Compliance Auditing
Component
Log Retrieval
Layer
Policy-Preference
Negotiator
JDBC Wrapper / Driver
Compliance
Auditing GUI
HDB Active
Enforcement Engine
Data
Reconstruction
(‘Any’)
Database
Installed
Policies and
Preferences
LEGEND
21
[email protected]
Triggers
Legacy Software
Backlog
Tables
Query Logs
IBM Software
© 2005, 2006 IBM Corporation
Software Group
Give me the
names, incomes
& addresses of
your clients
The Hippocratic Database solution
1. Active Enforcement component
Enables the Hippocratic database to reveal only data
compliant with policy
STEP 1
STEP 2
STEP 3
Installation
Negotiation
Enforcement
Policy Parser
User Preferences and
Policy Matching
Database Query
Interface
Policy Metadata
I cannot disclose
names! I can give you
only incomes of clients
who have given
consent
User Data
Database Powered by HDB
DATABASE POWERED BY
HDB
22
[email protected]
© 2005, 2006 IBM Corporation
Software Group
The Hippocratic Database solution
Who read
J.Cherian’s
information in
1987?
2. Compliance Auditing component
Enables verification of compliance with policy
The component -
 Determines who accessed designated data, for
what purpose, when it was accessed and what
changes were made.
Is agnostic to enterprise applications and database
systems
 Has minimal impact on the company’s operations.
 Tracks disclosures down to the cell level in the
database.
Here is a list:
S.Sampath got his
financial details..
S.Purohit asked for
his medical records
 Has a security advantage over logging systems.
 Reduces audit time.
Role Based Access Control can ONLY protect data
At the DB Record Level, not at Cell level – PGP ???
23
[email protected]
DATABASE
POWERED
BY HDB
© 2005, 2006 IBM Corporation
Software Group
ACADEMIC MEDICAL CENTER (AMC),
AMSTERDAM
Medical centers in the Netherlands have a wealth of information that can be
leveraged to drive breakthroughs and deliver innovation in healthcare. However,
data sensitivity, the fragmentation of records and complexity in retrieving the
same have inhibited advances in this area. In order to open up this data to
researchers,
AMC has setup a framework that addresses problems outlined, mitigates risks for
practitioners and patients and enables medical innovation to proceed.
ISSUES ADDRESSED BY THE SOLUTION
1. Data Integration through WebSphere Information Integrator
(WSII)
2. Disclosure Control through Hippocratic database
technology
3. User Interface to facilitate querying provided by Data
Discovery and Query Builder
SYSTEM BENEFITS
 Efficient data management
 Privacy and security issues enforced by the system.
Solution Architecture
24
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Legal Requirements and growing demand for personal data:
Technology & Tools
SW Development tools and techniques
SOA and Federated Security
Identity Management
Role Based Access
Privacy/Policy Management
> 60% is organization & procedures
Regulatory compliance
• Ensuring software systems comply with
HIPAA, SOX, EU Data Protection Directive,
etc.
• ISO 9000, COBIT, ITIL, CMMI or 6-SIGMA
process standardization and improvement
initiatives
Legislation always reflects current
understanding and Ethical trade-off
Consumerism and pervasive medicine
• Pressure for individualized information management and efficiency
• Handheld and wireless devices are taking medical practice beyond hospital and clinic walls
Meeting the rising costs of more patients/less service manpower
• Need to migrate tasks from highly educated to normal care personal with no clinical training
• Need to include relatives, neighbours in service chain – and to press for self management
• Holisitic approach does not only cover health and wellness but also safety & security
25
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Principles for Data Governance in Telemedicine
Recommendations:
Basic Principles as defined in the
Directive 95/46/ECand subsequent
Data Governance Basic Principles
country legislation
 Legitimacy (= Consent)
Documented Policies
Identity Mgmt
based on
Qualified
Digital
Signatures
 Necessity
 Purpose Binding
Fine Grained Access Control:
Identity - Role - Policy
 Transparency (Informed
user)
 Quality of Data
Logging and auditing of
all access by policy
 Security of Data
.. But many countries need to revisit legislation on ‘registers’ – we need
access to a variety of data sources to optimize treatment and reduce cost
26
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Links, references
 PRISE:
http://prise.oeaw.ac.at/
 Papers adopted by the Data
Protection Working Party/29
http://ec.europa.eu/justice_home/fsj/priv
acy/workinggroup/wpdocs/2006_en.htm
 Dilemmas on Privacy and
Surveillance – report:
http://www.raeng.org.uk/policy/reports/p
df/dilemmas_of_privacy_and_surveillan
ce_report.pdf
 Privacy International organisation:
http://www.privacyinternational.org/
 Remote Health – IBM Systems
Journal (referring to Aarhus project):
http://www.research.ibm.com/journal/sj/4
61/blount.html
27
[email protected]
 Journal of Surveillance and Society:
http://www.surveillance-andsociety.org/journal.htm
 Implementation of e-Consent
Mechanism in 3 Countries:
http://ihcrp.georgetown.edu/pdfs/prittseconsent.pdf
 IBM Zurich Lab: Enterprise Privacy
Authorization Language:
http://xml.coverpages.org/ni2003-05-09a.html
 Article 29 Working Group Paper on
RFID and Privacy:
http://ec.europa.eu/justice_home/fsj/priv
acy/docs/wpdocs/2005/wp105_en.pdf
© 2005, 2006 IBM Corporation
Software Group
Additional IBM References/Hippocrates DB
Contacts



28
Documents
Soren Duus Ostergaard
senior eGovt Advisor
IBM Europe
[email protected]
Tyrone Grandison,
IBM Almaden Research Manager,
Data Disclosure Research
[email protected]
Deon Glajchen,
IBM Almaden Research,
Business Development
[email protected]
[email protected]
 Managing Disclosure of Private Healthcare Data
with HDB A white paper detailing the HDB solution
Link:
www.almaden.ibm.com/software/projects/iis/hdb/Publi
cations/papers/nc_hdb_white_paper_health.pdf
 Enabling Biomedical Research in Europe: Using
the Dutch Experience as a Template
This document details the HDB solution deployed for
Academic Medical Center, Amsterdam
Mail Request to: [email protected]
A National Healthcare Data Network for India
This document details the HDB solution deployed for
the National Healthcare Data Network, India
Mail Request to: [email protected]
HDB User Guides
These documents outline how to install and use HDB
Active Enforcement and HDB Compliance Auditing
solutions.
Link:
http://www.almaden.ibm.com/cs/projects/iis/hdb/user_
docs.shtml
© 2005, 2006 IBM Corporation
Software Group
Back Up Slides
29
[email protected]
© 2005, 2006 IBM Corporation
Software Group
DRAFT for client review 2006-12-22
Pervasive computing enables preventative care
EXTERNAL
Aarhus Kommune
Business challenge
Aarhus Kommune was determined to improve the quality of life of its
elderly citizens, and wanted to explore recent technological advancements
to improve quality of care and better sustain the health of its aging
populace. The key challenge was to involve elderly citizens actively in
coordinated care and improve management of the chronic ailments of this
growing demographic.
Solution
In a collaborative innovation process with Aarhus Kommune and
University, IBM Global Business Services developed the “ElderTech”
solution for pilot use. Eight elderly citizens volunteered to use the solution
which included IBM Personal Care Connect mobile devices and Lenovo
ThinkPad X Series Tablet devices to automatically capture and monitor
their status. Vital-signs data were fed back via the Citizen Portal, as well
as care plans and convenient reminders about medications and
appointments.
“"The city of Aarhus
collaborated closely with
public researchers and
private companies to
explore and develop
technology in pervasive
computing. This project will
help us meet the challenge
of supporting our aging
population by empowering
our elderly citizens and
improving their quality of
life." -- District Manager,
Aarhus Kommune
Benefits
 Demonstrated the potential of a flexible healthcare ecosystem
solution to support the empowerment of elderly citizens and the
coordinated delivery of care, which is essential to enable preventative
chronic care
30
[email protected]
© 2005, 2006 IBM Corporation
Software Group
New developments (part of ECHO- Project) – Intelligent Plaster
[email protected]
© 2005, 2006 IBM Corporation
Software Group
Need for User-centric Design/IBM PCC projects
Easy to understand and relate to
Wearable, non-intrusive
[email protected]
User Friendly & inclusive design
Zero configuration
Fashion?
© 2005, 2006 IBM Corporation