So now let’s share …

Outline

Holistic Care
Holistic Care

After working in information sharing across the public sector for more than five years, the day is finally here when it seems a reality. For us we have been focusing on creating information sharing infrastructures with strong governance, and with a focus reducing risks and on holistic care (Figure 1). Unfortunately many barriers current exist within information sharing, especially within health and social care record, but now the Caldicott review has outlined that there need for more sharing across the public sectors. While the barriers will take a while to bring down, we can start to see a move towards citizens getting access to their own records.

The great thing about the new approach is that it will be an ‘opt-out‘, which means that citizens will have full rights, even without having to give their initial consent. This will hopefully drive forward the sharing of information between the citizen and their health and social care professionals, and also across the public. With more openness of data infrastructures within health care, social care, law enforcement and education, we need to make sure that data on us it not used for malicious purposes. One danger is that this sharing must be locked down by a known governance policy, as the sharing of information across the public sector can actually be damaging to the individual, if it is not done correctly, and within bounds.The Big Brother scenario is now possible, and must be overcome by those creating the policies, carefully defining how the data is used, and why? Overall the citizen should be at the heart of this, and have full rights to how their data is being used. We have been working within information sharing for many years, and, I must admit, we have seen a greater willingness of the public sector to share information, especially for the improvement in the health of the individual.

Barriers to Information Sharing

Barriers to Information Sharing
Barriers to Information Sharing

The barriers that we have found to information sharing are both technical and societal (as outlined in Figure 2). While the technical problems focus on legacy systems, poor access control methods (such as having to log into special portals) and the fact that most records are flat in their structure,  they can normally be overcome in these days of interconnected systems. The greatest barriers, though, are societal ones. This is highlighted by the current lack of sharing of information across the

We have done several surveys recently at dissemination events, and the major have said that they would be keen to not only see a summary of their record, but the full version. It is thus important that we plan the security of the records going on-line, as any flaw in this will probably cause the whole thing to fall apart. There will be many with vested interests in a failure of this type of initiative, so there need to be a careful management of it, and make sure that the citizen actually has some control over the access to their record. My key worry is that the initiative basically becomes a paper-based exercise, where the patient can see a paper version of their record, in the presence of their health care professional.

Integrating with citizens

Monitoring Risk
Monitoring Risk

We have done many surveys recently which focused on the barriers in integrating the general public into health and social care IT infrastructures. The two areas that most people think are the main barriers:

  • Legacy systems. This is a technical problem that can often be solved with an improved information architecture. Many health and social care systems exist within the same Cloud infrastructure, within a high security environment, and the data is thus able to be aggregated across the domains. The greatest barrier, though, is that data is also contained within isolated environments, such as within GP systems, and it is this barriers which is one of the most difficult to overcome.
  • Resistance from health and social care staff. As in many other organizations, it is the people within organizations that can be the greatest barrier, and it is key that the benefits of information sharing and the increased usage of IT systems for care, both in improving the care that they can deliver, and also provide cost savings.

In order not to disrupt the health and social system that we have, we must make sure that we create systems which take best practice, and then use information to enable and improve the system. It is difficult in these days that the postal system is still used as a conduit to send health and social care information between professionals in the public sector.

So what about Trust?

safi.re
safi.re

We have working in several project within information sharing over the last few years. In particular our early work focused on information sharing of the Police with their community partners. This focused was based on weaknesses in the sharing of information, especially around Baby P and Soham. One thing we were struck with was that the Scottish Police, in particular, actually had a very strong police on information sharing, and one that was based on single points-of-contacts (SPoCs), who were responsible for passing the information between one of the partners to the other. This approach makes perfect sense, as there is only one communication channel. While this works as a protocol in a human way, the communication often doesn’t go through an electronic channel. Our focus was then to implement an information system which mirrored the single-of-point of contacts, and defined ways of defining an information sharing policy between two domains. For this we have created the safi.re (Structured Analysis, Filtering and Integrated Rules Engine) architecture, which defines trust relationships, and then implements these with governance rules. Overall our work has been motivated by the way that a Cisco firewall works, where the Cisco ACL (Access Control Language) defines the abstraction of the firewall rules, and the implementation of them becomes the actual running rules on the system. Just like a Cisco firewall, there are static rules setup, and then dynamic rules are written for new trust relationships.

Big Data and Governance

Big Data Integration
Big Data Integration

In an increasing connected world, data is becoming a key asset, especially within a Big Data context, where data from different domains can be brought together to provide new in-sights. Most of the systems we have in-place, though, have been built to securely keep data behind highly secure environments, and have difficulty in integrating with other disparate systems. This is now a major barrier to using data in a wide range of applications. Along with this, information sharing has many regulatory constraints, which often disable information sharing across domains, but, with carefully managed information architectures, it is possible to overcome many of these problems. An important challenge is thus to support information sharing across different domains and groups across multiple information systems. In the context of this paper, a domain is defined as the governance (and possible ownership) of a set of data, which is exposed to others through well-managed services.

The problem of providing governance around trusted infrastructures is highlighted by Boris Evelson who outlines that:

Big data is such a new area that nobody has developed governance procedures 
and policies, there are more questions than answers.

A feature of any trusted infrastructure is that the owner of the data is clearly defined, and the entity can differ from the actual governance of it. For example, in a health care system, the owner of the data can be the citizen, and the governed of the data is defined by the health care provider (such as the NHS in the UK). In a full trust infrastructure, the citizen could have full rights to define who had access to their data. This paper outlines a trust and governance infrastructure known as safi.re architecture, and shows how into integrates into an information sharing infrastructure.

Slide10Within new information sharing architectures the definition of federated identity provision is likely to become a key factor, especially within application areas which span different domains, such as information sharing across the public sector, and in system which integrate with the citizen and 3rd sector organisations. The integration of trusted identity providers such as Microsoft Live, LinkedIn, Twitter, and so on, are likely to be one method which could allow wide scale adoption of services within the trust infrastructure. With the large-scale adoption of the OAuth 2.0 protocol, there are now many identity and services providers integrating their systems to support their systems into an overall trust framework. If you want to see how OAuth 2.0 works, try this link:

http://www.asecuritysite.com/id/twitter

where you should be able to login with your Twitter, Linkedin, Facebook and Microsoft account. In this way citizens can define the identity provider that they must trust, and then, as long as the information infrastructure trusts that one, the citizen is able to integrate with the system. The days of having a login for the government system, and having to remember it, are going, as we move into an era of interconnected infrastructures.

Along with this the move towards restful Web Services allows for access to data to be well managed, and implemented through Web calls which can Create, Read, Update, or Delete (CRUD) the data. For example a GP, as a role, might be define with Read access for patients within a given health trust, but the specific GP of a patient would be given Update records for a patient. The administrator of the practice might be the only one with Create and Delete rights of the patient record.

The safi.re architecture, which we have created from a number of research projects, thus  defines the trust relationships which are required to access information, such as for the credentials and attributes that are required to access any information. Based on this trust relationship abstraction, a range of governance rules are created by on the abstract. These define the actual details of the access requirements. Within a public sector type environment this type of approach will enable the real-time implementation of polices across disparate domains.

Holistic Care

Project integration
Project integration

The safi.re architecture has been used in a number of projects including with health and social care, including with the TSB-funded DACAR project with Chelsea and Westminster Hospital in London which focused on creating an e-Health Cloud within a hospital environment. This used a novel method of defining the ownership of the data, and providing rights infrastructure for the citizen (or patient) to define the rights of access to their data. This work has since been extended within a number of projects including the TSB Trusted Service project, and which has focused on integrating both digital and human trust, to provide a fully integrated and holistic care infrastructure, which integrates primary and secondary health care with assisted living.

Another important area for information sharing is within the holistic care, where information from different public sector agencies can be used to improve the care of citizens. This might relate to sharing information on a child for concerns posted within health, social care, education and policing, where concerns within just one of these domains would not be seen as a major concern, but when aggregated across several of these, it might result in the concerns being escalated to the point where an action plan is initiated. The work has thus into projects which involve information sharing for Child Protection, and which involve a multi-agency approach. As there is information held within each of the public sector agencies, it is important that accesses are well managed and controlled for the rights for the access to data.

So what is identity … and why is it so important in accessing health and social care records?

miiCard

No one thing on the Internet can be truly trusted to provide our identity, but it is something that is key to us being safe on-line. Unfortunately the identity infrastructure that we have created is based on digital certificates – known as the PKI (Public Key Infrastructure), and it is flawed as very few people actually understands how it works. When was the last time that you check a digital certificate for a secure site that you access? The user is supposed to check the creditability of the digital certificate, and make sure that it has been signed correctly.

So we need new types of systems which we can integrate with public sector infrastructures. One way is to use companies which can identify the user, such as from their email access, or from social networking activity. Google and Microsoft are very strong in providing identity through their cloud-based email system, while Facebook, Twitter and Linkedin provide identity verification for their social network infrastructure. While these companies have fairly good security infrastructures, unfortunately, through things like one-time passwords, they can be compromised. We thus integrate our work with companies such as miiCard, who provide highly credible identity checks. In the cases of access to highly sensitive information, it is companies such as this that will be required, especially in providing multiple factors in proving someones identity. A white paper on the importance of identity in accessing health care records is here.

The end game, though, is that citizens will take much more control of their own data, and thus personal storage providers, such as mydex, and personal health records, such as with Sitekit’s e-Red Book, will sure show the way for a future where the citizen will have more control of their own health. With a more citizen’s focused approach, the citizen will actually own the data, and then can define who they trust to get access to it. This type of approach overcomes many of the concerns around security and privacy. This move might actually see us progress from the electronic health record (EHR) to the personal health record (PHR).

Role, relationship, delegation and consentHere, with our research, we have taken identity one step forward, in that we have tried to understand how we can build trust infrastructures around role, relationship, delegation and consent, which are key to any scaleable health and social care infrastructure. For example, a citizen might give consent for the decision on resuscitation to a next-of-kin. This storage of the consent is likely to come from a personal storage system, rather than being resisted on a formal data infrastructure.

Conclusion … it’s just doing what we are all doing

Integrating All
Integrating All

In the past 10 years there has been a massive revolution in the way that the Internet has integrated with both our work and our social lives. Industries have been transformed, and, in most cases, could not exist in their current form. Within of Cloud Computing and mobile devices, we have never been so connected. Thus banking, oil and gas, education, and so on, have all changed through the usage of the Internet. Without email and the Web, it would be very difficult for me to teach. I communicate with my students over email, I put lecture notes on Dropbox, I put all my lectures on-line, and I run labs which are virtualised in the Cloud. So I see the benefits of the Internet, as it helps me to improve my teaching. It is thus in health and social care that professionals need to see the benefits of this new age, and start to use information to improve our lives.

And for the ownership of the data … well surely the end game is that it is our data, and we must have some rights on how it is to be used? For just now, that seems one step to far, but in this Information Age we need to start to move to a place where, at least, we can have access to it, and then move to a point that we can have ownership of it, and actually define who we trust to access it. That is a quantum leap, but it is a natural one for the future. It is a massive leap, but it will surely be worth it!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s