Nathan Lea

Implementation of a query interface for a generic record server

INTRODUCTION This paper presents work to define a representation for clinical research queries that can be used for the design of generic interfaces to electronic healthcare record (EHR) systems. Given the increasing prevalence of EHR systems, with the potential to accumulate life-long health records, opportunities exist to analyse and mine these for new knowledge. This potential is presently limited by many factors, one of which is the challenge of extracting information from them in order to execute a research query. METHOD There is limited pre-existing work on the generic specification of clinical queries. Sets of example queries were obtained from published studies and clinician reference groups. These were re-represented as structured logical expressions, from which a generalisable pattern (information model) was inferred. An iterative design and implementation approach was then pursued to refine the model and evaluate it. RESULTS This paper presents a set of requirements for the generic representation of clinical research queries, and an information model to represent any arbitrary such query. A middleware component was implemented as an interface to an existing system that holds 20,000 anonymised cancer EHRs in order to validate the model. This component was interfaced in turn to a query design and results presentation tool developed by the Open University, to permit end user demonstrations and feedback as part of the evaluation. CONCLUSION Although it is difficult to separate cleanly the evaluation of a theoretical model from its implementation, the empirical evaluation of the query-execution interface revealed that clinical queries of the kinds studied could all be represented and executed successfully. However, performance was a problem and this paper outlines some of the challenges faced in building generic components to handle specialised data structures on a large scale. The limitations of this work are also discussed. The work complements many years of European research and standardisation on the interoperable communication of electronic health records, by proposing a way in which one or more EHR systems might be queried in a standardised way.

On moving targets and magic bullets: Can the UK lead the way with responsible data linkage for health research?

Highlights • We explore key elements of good governance in health linkage.• Adaptive reflexive governance models are essential.• Two examples illustrate how we can achieve standardisation of practice.• Distinct elements of governance compiled in a composite fashion tend to challenges.

Data Safe Havens and Trust: Toward a Common Understanding of Trusted Research Platforms for Governing Secure and Ethical Health Research.

In parallel with the advances in big data-driven clinical research, the data safe haven concept has evolved over the last decade. It has led to the development of a framework to support the secure handling of health care information used for clinical research that balances compliance with legal and regulatory controls and ethical requirements while engaging with the public as a partner in its governance. We describe the evolution of 4 separately developed clinical research platforms into services throughout the United Kingdom-wide Farr Institute and their common deployment features in practice. The Farr Institute is a case study from which we propose a common definition of data safe havens as trusted platforms for clinical academic research. We use this common definition to discuss the challenges and dilemmas faced by the clinical academic research community, to help promote a consistent understanding of them and how they might best be handled in practice. We conclude by questioning whether the common definition represents a safe and trustworthy model for conducting clinical research that can stand the test of time and ongoing technical advances while paying heed to evolving public and professional concerns.

An Electronic Healthcare Record Server Implemented in PostgreSQL

This paper describes the implementation of an Electronic Healthcare Record server inside a PostgreSQL relational database without dependency on any further middleware infrastructure. The five-part international standard for communicating healthcare records (ISO EN 13606) is used as the information basis for the design of the server. We describe some of the features that this standard demands that are provided by the server, and other areas where assumptions about the durability of communications or the presence of middleware lead to a poor fit. Finally, we discuss the use of the server in two real-world scenarios including a commercial application.

Analysis of Clinical Record Data for Anticoagulation Management within an EHR System

Objectives: This paper reports an evaluation of the properties of a generic electronic health record information model that were actually required and used when importing an existing clinical application into a generic EHR repository. Method: A generic EHR repository and system were developed as part of the EU Projects Synapses and SynEx. A Web application to support the management of anticoagulation therapy was developed to interface to the EHR system, and deployed within a north London hospital with five years of cumulative clinical data from the previous existing anticoagulation management application. This offered the opportunity to critique those parts of the generic EHR that were actually needed to represent the legacy data. Results: The anticoagulation records from 3,226 patients were imported and represented using over 900,000 Record Components (i.e. each patient’s record contained on average 289 nodes), of which around two thirds were Element Items (i.e. value-containing leaf nodes), the remainder being container nodes (i.e. headings and sub-headings). Each node is capable of incorporating a rich set of context properties, but in reality it was found that many properties were not used at all, and some infrequently (e.g. only around 0.5% of Record Components had ever been revised). Conclusions: The process of developing generic EHR information models, arising from research and embodied within new-generation interoperability standards and specifications, has been strongly driven by requirements. These requirements have been gathered primarily by collecting use cases and examples from clinical communities, and been added to successive generations of these models. A priority setting approach has not to date been pursued - all requirements have been received and almost invariably met. This work has shown how little of the resulting model is actually needed to represent useful and usable clinical data. A wider range of such evaluations, looking at different kinds of existing clinical system, is needed to balance the theoretical requirements gathering processes, in order to result in EHR information models of an ideal level of complexity.

Clinical advantages of decision support tool for anticoagulation control

Computer-based decision support (CDSS) systems can deliver real patient care and increase chances of long-term survival in areas of chronic disease management prone to poor control. Computer-based Decision Support Systems (CDSS) can provide candidate opinions based on available data that clinicians can use (or not) to shape their strategy for managing the condition. One such CDSS, for the management of warfarin for anticoagulation, is described in this paper and the outcomes shown. Data is derived from the system implemented and running and show a performance consistently around 20% better than the applicable guidelines.

Patterns: a simple but expressive data modelling formalism

The creation of a clinical application requires models that describe the structure of data in a way that can be displayed, exchanged and stored. A number of approaches for this have been proposed and are in widespread use. However, these are often complex and/or have shortcomings in the breadth of data that they are able to represent. The annotations facility provided by many computer languages could be used to include information shaping the development and run-time behaviour of a clinical application. If this were comprehensive, then annotations alone would be sufficient for conceptual modelling. A model for representing such annotations is presented and some examples shown and discussed. The paper concludes that such a formalism is simple to use while developing semantic concepts but is capable of representing information from many models simultaneously. It is well suited to the needs of clinical teams seeking consensus on the structure of records.

Are patient relationships the driver for information governance

The confidential relationship between patients and their practitioners is the foundation of clinical practice and is predicated on trust. Both parties develop expectations about how information shared in the therapeutic setting will be used and protected. However, as contemporary clinical practice is rapidly evolving through the use of digital technologies, our understanding and assumptions around those expectations are being tested while their importance in protecting a trusting relationship is becoming paramount. We illustrate this in this editorial by exploring how the technology-driven evolution in practice increases the risks of information disclosure outside the confidential relationship by accident while directly enabling it with the support of legislation by design. In the direct care setting, doctors and nurses are finding the use of smartphones and the apps that run on them particularly useful for providing care to their patients. They are also realising that this emerging practice poses risks to patient privacy and raises their concerns about the accidental disclosure of confidential information if it is not carefully governed.1 But the extent to which any concerns around accidental disclosure are affecting patients’ trust in the confidential relationship is not clear. This issue becomes more pressing as we consider other digital (or eHealth) interventions, including electronic health record and advisory systems, which are also an important part of evolving practice and face their own governance challenges. Such interventions are targeted at practitioners as well as patients and the public to help them engage with managing their own care. They also enable the sharing of more information outside the doctor–patient relationship with researchers, commissioners, managers and policy makers,2 often for uses that may not have been envisaged by patient or practitioner when it was first shared and recorded in confidence. But as information is more routinely shared electronically outside the confidential relationship, sometimes even without patient consent by design, another factor is emerging that is compounding the uncertainty around the effects of evolving practice on the confidential therapeutic relationship. It is becoming clearer that information governance legislation and strategy have been developed without regard for the expectations that form within that relationship. There is frequently a mismatch between confidentiality as a driver for protecting the relationship between patients and their practitioners, and the focus of information law and governance on the protection of information itself. This can be illustrated with use of examples where the relationship of trust is being overlooked by the current governance approach to evolving practice and new uses of healthcare information. We are unaware of the extent to which these issues are undermining trust in the confidential relationship and encouraging patients to withhold information from their practitioner, or indeed the practitioner from recording everything that they are told. We therefore propose a greater focus on understanding the relationship of trust and the expectations formed therein as a means to address these concerns.

Key Ethical Challenges in the European Medical Information Framework

The European Medical Information Framework (EMIF) project, funded through the IMI programme (Innovative Medicines Initiative Joint Undertaking under Grant Agreement No. 115372), has designed and implemented a federated platform to connect health data from a variety of sources across Europe, to facilitate large scale clinical and life sciences research. It enables approved users to analyse securely multiple, diverse, data via a single portal, thereby mediating research opportunities across a large quantity of research data. EMIF developed a code of practice (ECoP) to ensure the privacy protection of data subjects, protect the interests of data sharing parties, comply with legislation and various organisational policies on data protection, uphold best practices in the protection of personal privacy and information governance, and eventually promote these best practices more widely. EMIF convened an Ethics Advisory Board (EAB), to provide feedback on its approach, platform, and the EcoP. The most important challenges the ECoP team faced were: how to define, control and monitor the purposes (kinds of research) for which federated health data are used; the kinds of organisation that should be permitted to conduct permitted research; and how to monitor this. This manuscript explores those issues, offering the combined insights of the EAB and EMIF core ECoP team. For some issues, a consensus on how to approach them is proposed. For other issues, a singular approach may be premature but the challenges are summarised to help the community to debate the topic further. Arguably, the issues and their analyses have application beyond EMIF, to many research infrastructures connected to health data sources.

How Will the General Data Protection Regulation Affect Healthcare

What is GDPR and what is its scope? GDPR2 is a Regulation that covers the protection of personal data – that being any data that identifies an individual. This could include anything from names and addresses to IP Addresses. GDPR also defines special categories of personal data, including health records, genetic data, biometrics, political opinions, trade union memberships, ethnicity and sexuality amongst others where additional provisions must be satisfied to handle it. GDPR applies to all industries, including health, across the EU. It applies to all European Union (EU) citizens and any organisation handling their personal data regardless of where they may be in the world – it is extraterritorial in scope. The older Data Protection Directive from 1995, which GDPR replaces, was a Directive where Member States had to implement laws that met its goals. As a Regulation, GDPR has to be applied directly in Member State Law, but there are various ‘derogations’ (or relaxations) of the law where Member States can adapt it to how their local laws, public services including health and so forth work. This means that GDPR will need to be implemented by Member States by drafting their own laws for data protection. These implementing laws must also achieve the requirements of GDPR’s Law Enforcement Directive, so will have specific provision for law enforcement in addition to the derogations. The new Portuguese Data Protection Act has not been enacted in law at time of writing.