Abstract
The recent trends in the healthcare sector have catalyzed the emergence of several healthcare ecosystems. The inevitable and innate health data exchange amongst ecosystem components for provisioning of healthcare services as well as secondary use has raised several trust issues. The consent is a predominant mechanism to ensure privacy preserving, secure and ethical exchange, as well as sharing of health records of a patient by establishments. The proposed consent management system supports the life cycle of consent given by the patient or their authorized entity as well as validation and delegation of consent by a provider for health records requested by a user in an ecosystem. It reinforces different types as well as flavors of consent to strike a balance between privacy protection, ease of use, and patient safety. It supports the simple, flexible, and efficient management of consent at different granularity of health resource, user, and purpose. This is enabled by embedding consent structure in tree representation of EHR and a tree traversal algorithm for conflict resolution.
TopIntroduction
The emerging Healthcare Ecosystems (Shrivastava, Srikanth, & Dileep, 2020) comprise various healthcare establishments spread across different geographic locations as ecosystem components. Hospitals, pathology labs, clinics, blood banks and pharmacy stores are examples of healthcare establishments. In the ecosystem, they could play the role of either a health records user or a health records provider. The user is a healthcare establishment or healthcare professional (e.g. doctor, surgeon) at an establishment who wants to access health records of a patient in the custody of other establishments. In contrast, a provider is the establishment with whom the health records requested by the user reside. These components would dynamically interact amongst each other to support delivery of healthcare services e.g., consultation and therapy to a patient by a user. The service delivery process may require sharing of a patient's health records in the custody of one or more providers with the user. The exchange of health records enables unprecedented medical history generation, patient control, and coordinated care to the patient. The health records could also be shared with external entities for secondary use such as public health statistics, clinical research and insurance claims. This is enabled by Electronic Health Records (EHR) (Iakovidis,1998), a longitudinal view of health records of a patient that are generated as a result of clinical encounters undergone by them or clinical events that occur for them in different healthcare establishments during their lifetime.
In recent times, medical devices such as X-Ray machines and ultrasound devices are made online for fast sharing of patient’s health records. Smart devices like fitness bands and insulin pumps are direct and continuous sources of a patient's vital parameters. This increasing connectivity of establishments and devices supports easy access to health records as well as providing timely healthcare to anyone from anywhere. On the flip side, this real time open environment has raised several security challenges that could compromise privacy and integrity of health records. The virtual collapse of organizational boundaries and plugging of devices to the internet has expanded the attack surface by manifolds (Ahmed, Naqvi & Josephs, 2019). Over the past few years, cyber security incidents e.g., massive scale targeted attacks (Padmanabhan, 2017), data breaches (Davies, 2018) and insider attacks (Spanakis et al., 2020) are on the rise in the healthcare sector. They are believed to have adverse effects on patient safety as well as functioning and reputation of establishments. Hence there is need for novel security controls for the distributed setting of the ecosystem that could block unauthorized access and update of health records.
In this chapter the authors have discussed fortification of the healthcare ecosystem based on the concept of consent i.e. the agreement of the owner on sharing of their health records amongst ecosystem components. As per various privacy guidelines, the patient is the owner of their health records and healthcare establishments are the custodian of these records (GDPR, 2016). The proposed dynamic, online, fine-grained and comprehensive Consent Management System supports collection, updating, revocation, retrieval, storage, delegation and validation of patient’s Informed Consent on their EHR in the purview of the healthcare ecosystem. The Informed Consent is specific and bounded in terms of provider, user, health resource, purpose, operation, access right and validity. In some exceptional scenarios where a patient is unable to express preferences, the consent is given on their behalf by an Authorized Entity. The authors believe that seamless design and implementation of Consent Management System in a Healthcare Ecosystem should be an amalgamation of building foolproof privacy protection measures, minimizing laborious consent collection and validation for clinical activities and ensuring patient safety. These three dimensions of the proposed system are explained below.
Key Terms in this Chapter
Electronic Health Records (EHR): It is the longitudinal collection of the health records of a patient that are physically stored in healthcare establishments they visited to avail healthcare services.
Health Resource Provider (HRP): The healthcare establishment where the health records of a patient are created and stored. It is also known as Health Information Provider.
Healthcare Ecosystem: It comprises healthcare establishments as ecosystem components that dynamically interconnect at the time of healthcare service delivery to an individual that requires health data exchange.
Purpose: The reason for which the user can perform operations on health records of a patient. The healthcare services like Consultation and Surgery are examples of purpose.
Health Resource User (HRU): The healthcare professional, role, department at an establishment or establishment itself requesting for past health records of a patient stored in another establishment. It is also called as Health Information User.
Healthcare Establishment: It is an entity that offers healthcare services such as consultation and surgery to the individuals. A hospital, pathology lab and clinic are examples of health establishments.
Informed Consent: It is the expressed agreement given by the patient or their authorized entity to HRP on sharing of specified health records with a HRU that includes contextual information like operation, intended purpose(s) and validity of consent.