Business process management enabled compliance-aware medical record sharing

Jovan Stevovic, Jun Li, Hamid R. Motahari-Nezhad, Fabio Casati, Giampaolo Armellin

Результат исследований: Материалы для журналаСтатья

2 Цитирования (Scopus)

Выдержка

Data sharing about electronic health records (EHRs) across healthcare organisations is still a challenging task due to compliance requirements with regulatory policies that can vary across states and countries, and organisations' internal business requirements. Even when adopting the same regulatory policies, each organisation can interpret and implement these policies and requirements differently in its internal IT environments. This paper proposes a compliance-aware data management solution for EHR systems. It allows healthcare organisations to define their own security and regulatory compliance requirements for accessing and sharing healthcare data, and enables policy enforcement while sharing data with other organisations. The policy requirements are expressed in the form of business processes that govern the access and sharing of data between people and systems. The business process operations are mapped into low-level operations on internal and remote record stores and policy enforcement points. We have implemented a prototype system that supports the proposed approach and integrated it with OpenMRS, an open source electronic medical record system, using which we have defined and enforced some real-world regulations and organisations' policies for data sharing.

Язык оригиналаАнглийский
Страницы (с-по)201-223
Число страниц23
ЖурналInternational Journal of Business Process Integration and Management
Том6
Номер выпуска3
DOI
СостояниеОпубликовано - 2013
Опубликовано для внешнего пользованияДа

Отпечаток

Medical records
Business process management
Data sharing
Enforcement
Health care organization
Regulatory policy
Electronic health record
Business process
Internal organization
Healthcare
Open source
Prototype
Regulatory compliance
Data management
Electronic medical record
Integrated

ASJC Scopus subject areas

  • Business and International Management
  • Strategy and Management
  • Management Science and Operations Research

Цитировать

Business process management enabled compliance-aware medical record sharing. / Stevovic, Jovan; Li, Jun; Motahari-Nezhad, Hamid R.; Casati, Fabio; Armellin, Giampaolo.

В: International Journal of Business Process Integration and Management, Том 6, № 3, 2013, стр. 201-223.

Результат исследований: Материалы для журналаСтатья

Stevovic, Jovan ; Li, Jun ; Motahari-Nezhad, Hamid R. ; Casati, Fabio ; Armellin, Giampaolo. / Business process management enabled compliance-aware medical record sharing. В: International Journal of Business Process Integration and Management. 2013 ; Том 6, № 3. стр. 201-223.
@article{db61cb02742740068f43e0b262091ea7,
title = "Business process management enabled compliance-aware medical record sharing",
abstract = "Data sharing about electronic health records (EHRs) across healthcare organisations is still a challenging task due to compliance requirements with regulatory policies that can vary across states and countries, and organisations' internal business requirements. Even when adopting the same regulatory policies, each organisation can interpret and implement these policies and requirements differently in its internal IT environments. This paper proposes a compliance-aware data management solution for EHR systems. It allows healthcare organisations to define their own security and regulatory compliance requirements for accessing and sharing healthcare data, and enables policy enforcement while sharing data with other organisations. The policy requirements are expressed in the form of business processes that govern the access and sharing of data between people and systems. The business process operations are mapped into low-level operations on internal and remote record stores and policy enforcement points. We have implemented a prototype system that supports the proposed approach and integrated it with OpenMRS, an open source electronic medical record system, using which we have defined and enforced some real-world regulations and organisations' policies for data sharing.",
keywords = "Business process execution, Cross-organisation data sharing, EHRs, Electronic health records, Regulatory compliance",
author = "Jovan Stevovic and Jun Li and Motahari-Nezhad, {Hamid R.} and Fabio Casati and Giampaolo Armellin",
year = "2013",
doi = "10.1504/IJBPIM.2013.056961",
language = "English",
volume = "6",
pages = "201--223",
journal = "International Journal of Business Process Integration and Management",
issn = "1741-8763",
publisher = "Inderscience Enterprises Ltd",
number = "3",

}

TY - JOUR

T1 - Business process management enabled compliance-aware medical record sharing

AU - Stevovic, Jovan

AU - Li, Jun

AU - Motahari-Nezhad, Hamid R.

AU - Casati, Fabio

AU - Armellin, Giampaolo

PY - 2013

Y1 - 2013

N2 - Data sharing about electronic health records (EHRs) across healthcare organisations is still a challenging task due to compliance requirements with regulatory policies that can vary across states and countries, and organisations' internal business requirements. Even when adopting the same regulatory policies, each organisation can interpret and implement these policies and requirements differently in its internal IT environments. This paper proposes a compliance-aware data management solution for EHR systems. It allows healthcare organisations to define their own security and regulatory compliance requirements for accessing and sharing healthcare data, and enables policy enforcement while sharing data with other organisations. The policy requirements are expressed in the form of business processes that govern the access and sharing of data between people and systems. The business process operations are mapped into low-level operations on internal and remote record stores and policy enforcement points. We have implemented a prototype system that supports the proposed approach and integrated it with OpenMRS, an open source electronic medical record system, using which we have defined and enforced some real-world regulations and organisations' policies for data sharing.

AB - Data sharing about electronic health records (EHRs) across healthcare organisations is still a challenging task due to compliance requirements with regulatory policies that can vary across states and countries, and organisations' internal business requirements. Even when adopting the same regulatory policies, each organisation can interpret and implement these policies and requirements differently in its internal IT environments. This paper proposes a compliance-aware data management solution for EHR systems. It allows healthcare organisations to define their own security and regulatory compliance requirements for accessing and sharing healthcare data, and enables policy enforcement while sharing data with other organisations. The policy requirements are expressed in the form of business processes that govern the access and sharing of data between people and systems. The business process operations are mapped into low-level operations on internal and remote record stores and policy enforcement points. We have implemented a prototype system that supports the proposed approach and integrated it with OpenMRS, an open source electronic medical record system, using which we have defined and enforced some real-world regulations and organisations' policies for data sharing.

KW - Business process execution

KW - Cross-organisation data sharing

KW - EHRs

KW - Electronic health records

KW - Regulatory compliance

UR - http://www.scopus.com/inward/record.url?scp=84885652504&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84885652504&partnerID=8YFLogxK

U2 - 10.1504/IJBPIM.2013.056961

DO - 10.1504/IJBPIM.2013.056961

M3 - Article

AN - SCOPUS:84885652504

VL - 6

SP - 201

EP - 223

JO - International Journal of Business Process Integration and Management

JF - International Journal of Business Process Integration and Management

SN - 1741-8763

IS - 3

ER -