電子病歷彙總工具之設計與實作 / Design and Implementation of a Content Aggregator for Electronic Medical Records

林柏維, Lin, Bo Wei

Unknown Date

臺灣電子病歷內容基本格式 (Taiwan Electronic Medical Record Template, TMT)是參考國際相關標準之後，專為臺灣本土需求而設計的電子病歷標準。為了進一步評估TMT的實用性與實施上可能遭遇到的問題，衛生署於民國96年推動了「建構以病人為中心之電子病歷跨院資訊交換環境案」，目前已完成參與該專案各醫院的實地測試工作。 在檢視專案執行的結果後，我們發現TMT資訊系統有三項主要的缺點：一、TMT病歷標準不易閱讀，難以撰寫從醫院醫療資訊系統彙總TMT所需資料的指令集；二、製作TMT系統所須的設定檔程序過於繁複，不但時間攏長而且容易出錯；三、線上實際產生個別病患的TMT資料的時間過長，執行效能有待提昇。有鑑於此，我們設計並實作了一套適用於TMT標準的電子病歷文件產生工具，我們重新設計了規格文件檔及輔助設定檔，並提供了Schema Processor自動化工具產生這些檔案；同時，我們也改進了病歷資料彙總程序，搭配高便利性的設定檔，病歷文件產生工具在執行效能上了有明顯的改善。 在詳細、完整的規格文件檔協助下，資訊人員能更快的了解病歷標準架構及撰寫病歷資料查詢語法，以利產出正確的電子病歷文件；透過自動化工具的輔助，簡化了設定檔的製作程序，改善了耗時且容易出錯的缺點；相較於目前的TMT系統，我們的工具執行效能提昇了80%以上，產出電子病歷文件的時間只要原來的五分之一。 / The Taiwan Electronic Medical Record Template (TMT) proposed by Taiwan Association for Medical Informatics (TAMI) aims to provide a suite of standard forms that will become the common basis for developing electronic medical record (EMR) systems in Taiwan. It is specified in the XML standard for facilitating data interchange. In order to further assess the usefulness of TMT, in 2007 the Department of Health lauched the project "Building of an Information Exchange Environment for Cross-Hospital Digital Medical Record" to put the TMT to a filed test. There are in total eleven hospitals in the project and they all successfully implemented a significant subset of TMT using their hospital information systems (HIS). / However, towards the end of the project, we have identified three major shortcomings of the content aggregator for TMT provided by the TAMI: First, as the TMT Schema is rather complex, it is very difficult for hospital IT staff to prepare the required query instructions to retrieve the data stored in the HIS database. Although there is a XML data mapping tool provided to simplify the mapping process, we found that it did not ease the mapping task as the TAMI staff had expected. Second, the configuration files for preparing a patient’s EMR are too complicated, making the implementation process not only long time but also error-prone. Third, the time required to produce a single sheet of TMT is much longer than planned. There is an urgent need to improve the performance of the content aggregator. / Therefore, we propose to re-engineer the content aggregator of TMT for retrieving the required data from the HIS database. Specifically, we redesigned the specification document files and configuration files, and provided a Schema Processor tool to generate these files in a semi-automatically manner. As a result, the IT staff of hospitals can more quickly understand the structure of TMT Schema and prepare the query instructions effectively. Finally, with the powerful configuration files, our TMT document generator runs much faster than the existing one. According to our experimental results, it enhances the performance of generating a TMT sheet more than 80 percent.

TMT

電子病歷

XML文件產生器

TMT

EMR

XML Document Generator

設計易調整的電子病歷存取控管機制 / Using Aspects to Implement Adaptable Access Control for Electronic Medical Records

張淵鈞, Chang, Yuan-chun

Unknown Date

存取控管是電子病歷 (Electronic Medical Records, EMR)安全防護的核心課題。為了因應醫病關係的變動及確保病患隱私，EMR的存取控管必須滿足動態和細緻化這兩大需求。但這樣的需求並不容易實現，因為負責存取控管的程式碼具有橫跨 (cross-cutting)的特性，必須嵌入到應用系統的各個模組，很容易與應用邏輯發生夾雜不清的現象。礙於現有的程式機制和開發工具對於這樣的安全需求無法提供有效的支援，因此本研究將以剖面導向程式設計 (Aspect Oriented Programming，AOP)技術為基礎，設計一個宣告式EMR安全控管方法，。 在我們的方法中，安全控管邏輯將從EMR系統的核心抽離，並且匯集到單一的剖面 (Aspect)模組，使原有的系統更加模組化 (modularity)。此外，利用我們開發的存取控管程式碼產生器，安全管理者可以藉由宣告組態檔的方式產生EMR的存取控管程式碼。如此一來，安全管理者不僅可以容易地掌握全局、減少分散管理可能造成的疏失，更可以大幅減少維護EMR存取安全所需的時間及成本。 / This paper presents an aspect-oriented approach to providing adaptable access control framework for Electronic Medical Records (EMR) on Web-based platform. In our scheme, access control logic is decoupled from the core of application and collected into separate aspect modules which are automatically synthesized from access control rules in XML format and properly designed aspect templates. The generated aspect modules will then be compiled and integrated into the underlying application using standard aspect tools. At runtime, these aspect codes will be executed to enforce the required access control without any runtime interpretation overhead. Future changes of access control rules can also be effectively realized through these mechanisms without actual coding. This will not only improve the system’s modularity but also make the task of enforcing comprehensive access control more adaptable.

剖面導向程式設計

電子病歷

存取控管

Aspect Oriented Programming

Electronic Medical Records

Access Control

由病人資訊隱私權觀點論我國全民電子病歷政策 / An analysis for Taiwan national electronic medical record system: from the perspective of patients' information privacy

劉汗曦, Liu, Han Hsi Indy

Unknown Date

我國全民健康保險制度自2004年1月1日開始使用健保IC卡後，醫療資訊電子化的趨勢，某種意義上來說，已經如凱撒（Gaius Julius Caesar）渡過盧比孔河（Crossing the Ribucon）時所說：「骰子已經投下（the die is cast）」一般，只能前進不能後退了！ 時至今日，電腦、網路連線、憑證簽章已經成為任何一間醫療院所從事醫療行為時的開門七件事之一，民眾用健保IC掛號、醫師用電腦下診斷作病歷、行政人員用健保VPN申報費用等，皆成為醫療實務中的標準模式。而我國衛生署也信心滿滿地希望能於2011年達到全國80%醫院實施電子病歷、60%醫院可為院際交換互動之目標。在此「全民電子病歷」旋將施行之當下，相關隱私權之配套對於病人之保障是否足夠，即成為該政策是否受到國人支持之關鍵所在。 本研究透過整理衛生署自2000年迄今所有與電子病歷相關之專案計畫，以及與電子病歷領域，產、官、學界共9位受訪者進行深度訪談後發現，我國現行電子病歷政策推廣有架構、標準、法制、補助、動機等五大問題，其中關於法制規範及隱私保障不足所造成的民眾疑慮與醫事人員躊躇，已成為電子病歷發展上的一大阻礙，而其中計畫推行的電子病歷索引交互中心，更可能對於病人資訊隱私權產生重大危害與影響。另一方面，若回頭省視司法院大法官釋字第603號解釋，大法官們其實已對涵蓋電子病歷等個人資料之資訊隱私權，有過相當明確的闡釋。其所強調「個人自主控制其個人資料之資訊隱私權」，若能配合2010年5月26日修正通過但尚未施行之個人資料保護法，並非不能為電子病歷提供一個基本、框架式的法律基礎。 在此前提之下，本文提出「電子病歷自主控制機制」之概念，主張在現行憲法資訊隱私權之精神下，應該讓病人在充分瞭解到其權益後，得以選擇「是否將病歷電子化」、「電子病歷儲存場所」、「是否放於交換區」、「是否留存索引紀錄」、「是否允目的外利用」，並能透過管道隨時查詢其「電子病歷使用紀錄」。本文並認為，藉由「推力理論（Nudge）」中「自動加入（Opt-in）」與「主動加入（Opt-out）」等「預設值（Default）」概念之運用，資訊科技中「隱私偏好選項（Privacy Preference）」與「電子病歷使用紀錄明細」等系統之設立與使用，以及國際相關隱私及安全規範之借鏡，與我國健保IC卡推行之在地經驗，或許能夠解決論者對於電子病歷自主控制機制，在參與度、決定能力、行政成本、法規及技術架構、多元價值上的各項疑慮與爭論，並進而證明該構想之初步可行性。 / After implementation of the National Health Insurance (NHI) IC Card on January 1, 2004, the trend of e-health, including enforcing a national electronic medical record (EMR) system in Taiwan, is reminiscent of Julius Caesar’s words when he crossed the Rubicon, “The die is cast.” The return point has been passed; there is no return. Nowadays in Taiwan it has become routine in hospitals and clinics for medical practitioners to use a digital authentication or signature transmitted via a computer scan of an NHI IC card to register patients for diagnosis and treatment, and for administrtive staff using Virtual Private Network (VPN) to file fee claims. Furthermore, the Taiwan Department of Health has announced its implementation of the EMR system and has pledged that, in 2011, 80 percent of hospitals and clinics will start to use a more comprehensive EMR system and 60 percent of hospitals will be able to exchange EMRs. However, while Taiwan’s government is very proud and eager to enforce the EMR system, an increasing number of people doubt that adequate regulations have been put in place to protect against the violation of patients’ information privacy rights. This paper first reviews all former DOH projects related to EMRs, and interviews nine industry, government, and academic professionals who have EMR experience. It next argues that the current laws and regulations in Taiwan cannot provide sufficient protection of patients’ privacy rights, especially with regard to information privacy and autonomy. This is a cause for concern for patients and practitioners who are leery of further EMR implementation or development. This paper proposes a controlling mechanism for patients’ autonomy that will empower patients to determine if they want to electronize their medical records, where they will store their EMRs, and if it is in their best interests to set up an index and allow the transmission of additional EMRs. Moreover, patients will have unrestricted access to a log of all users and uses made of their EMRs and be able to set up their own privacy preferences with opt-in and opt-out choices. This paper concludes that the controlling mechanism for patients’ autonomy will solve the current concerns about the implemenation of a national EMR system and improve patients’ ability to enforce their information privacy and information autonomy rights.

全民電子病歷

資訊隱私權

資訊自決權

電子病歷自主控制機制

隱私偏好選項

Information Privacy

Information Autonomy

Privacy Preference