Journal of Healthcare Engineering

Journal of Healthcare Engineering / 2010 / Article

Research Article | Open Access

Volume 1 |Article ID 738626 | 18 pages | https://doi.org/10.1260/2040-2295.1.4.637

Interoperable Medical Instrument Networking and Access System with Security Considerations for Critical Care

Abstract

The recent influx of electronic medical records in the health care field, coupled with the need of providing continuous care to patients in the critical care environment, has driven the need for interoperability of medical devices. Open standards are needed to support flexible processes and interoperability of medical devices, especially in intensive care units. In this paper, we present an interoperable networking and access architecture based on the CAN protocol. Predictability of the delay of medical data reports is a desirable attribute that can be realized using a tightly-coupled system architecture. Our simulations on network architecture demonstrate that a bounded delay for event reports offers predictability. In addition, we address security issues related to the storage of electronic medical records. We present a set of open source tools and tests to identify the security breaches, and appropriate measures that can be implemented to be compliant with the HIPAA rules.

References

  1. F. A. Mora, G. Carrault, and J.-P. Le Pichon, “Intelligent patient monitoring and management systems: a review,” IEEE Engineering in Medicine and Biology, 1993, Dec. View at: Google Scholar
  2. D. Panescu, “Emerging technologies: healthcare applications of RF identification,” IEEE Engineering in Medicine and Biology Magazine, 2006, May/June. View at: Google Scholar
  3. E. J. Manders and B. M. Dawant, “Data acquisition for an intelligent bedside monitoring system,” in 18th Intern. Conf. of IEEE Engineering in Medicine and Biology Society, 1996. View at: Google Scholar
  4. B. M. Dawant, S. Uckun, E. J. Manders, and D. P. Lindstrom, “The SIMON project: model-based signal acquisition, analysis, and interpretation in intelligent patient monitoring,” IEEE Engineering in Medicine and Biology, 1993, Dec. View at: Google Scholar
  5. S. Warren, J. Yao, R. Schmitz, and J. Lebak, “Reconfigurable point-of-care systems designed with interoperability standards,” in Proceedings of the 26th Annual International Conference of the IEEE EMBS, 2004. View at: Google Scholar
  6. J. Yao, R. Schmitz, and S. Warren, “A wearable point-of-care system for home use that incorporates plug-and-play and wireless standards,” IEEE Transactions on Information Technology in Biomedicine, vol. 9, no. 3, 2005, Sept. View at: Google Scholar
  7. P. Varady, Z. Benyo, and B. Benyo, “An open architecture patient monitoring system using standard technologies,” IEEE Transactions on Information Technology in Biomedicine, vol. 6, no. 1, 2002, March. View at: Google Scholar
  8. M. F. Freeman - chair of nomenclature maintenance agency, The global medical devices nomenclature: a summary, 2002.
  9. S. Price, R. Summers, and D. J. Williams, “Medical device databases: a scoping study,” in Proceedings of the IEEE Engineering in Medicine and Biology, 2005. View at: Google Scholar
  10. A. Prentza, S. Maglavera, N. Maglaveras, and D. Koutsouris, “Healthcare services towards individualized wellness (i-wellness),” in Proceedings of the IEEE Engineering in Medicine and Biology, 2005. View at: Google Scholar
  11. R. C. Watt, E. S. Maslana, and K. C. Mylrea, “Alarms and anesthesia: challenges in design of intelligent systems for patient monitoring,” IEEE Engineering in Medicine and Biology, Dec. 1993. View at: Google Scholar
  12. R. Summers, E. R. Carson, and D. G. Cramp, “Ventilator management: the role of knowledge-based technology,” IEEE Engineering in Medicine and Biology, 1993, Dec. View at: Google Scholar
  13. T. Sukuvaara, M. Sydänmaa, H. Nieminen, Arno, Heikelä, and E. M. J. Koski, “Object-oriented implementation of an architecture for patient monitoring,” IEEE Engineering in Medicine and Biology, 1993, Dec. View at: Google Scholar
  14. F. Lamberti and B. Montrucchio, “Ubiquitous real-time monitoring of critical-care patients in intensive care units,” in Proc. of the 4th IEEE Conf. on Information Technology Applications in Biomedicine, 2003. View at: Google Scholar
  15. D. Salamon, M. Grigoni, M. Gianni et al., “Indoor telemedicine in hospital: a PDA-based flexible solution for wireless monitoring and database integration,” in Proceedings of the IEEE Engineering in Medicine and Biology, 2005. View at: Google Scholar
  16. João Bosco da Mota Alves, Juarez Bento da Silva, and Suenoni Paladini, “A low cost model for patient monitoring in intensive care unit using a micro web-server,” in IADIS Virtual Multi Conference on Computer Science and Information Systems, MCCSIS, 2006. View at: Google Scholar
  17. I. Niubo, M. Mulet, T. Gual, and A. Rodriguez, “Designing a communication protocol for a central station monitoring system,” in Proceedings of the 25th Annual International Conference of the IEEE EMBS, 2003. View at: Google Scholar
  18. B. Wu, Y. Zhou, X. Zhu, Q. Yan, L. Zhu, and G. Li, “A novel mobile ECG telemonitoring system,” in Proceedings of the IEEE Engineering in Medicine and Biology, 2005. View at: Google Scholar
  19. J. W. Seo, M. S. Ryu, K. S. Park, and D.-U. Jeong, “A home-based bedside monitoring system of ECG via Bluetooth protocol,” IEEE, 2003. View at: Google Scholar
  20. D. Daglish and N. Archer, “Electronic Personal Health Record Systems: A Brief Review of Privacy, Security, and Architectural Issues, Congress,” in 2009 World Congress on Privacy, Security, Trust and the Management of e-Business, pp. 110–120, 2009. View at: Google Scholar
  21. ANSI, ISO/TR 18308 Health Informatics - Electronic Record Architecture, ISO 2003.
  22. J. Grimson, W. Grimson, D. Berry et al., “A CORBA-based integration of distributed electronic healthcare records using the synapses approach,” IEEE Trans. Inf. Technol. Biomed., vol. 2, pp. 124–138, 1998. View at: Google Scholar
  23. A. Shabo, “A global socio-economic-medico-legal model for the sustainability of longitudinal electronic health records. Part 2,” Methods Inf. Med., vol. 45, pp. 498–505, 2006. View at: Google Scholar
  24. C. Lovis, S. Spahni, N. Cassoni, and A. Geissbuhler, “Comprehensive management of the access to the electronic patient record: towards trans-institutional networks,” Int. J. Med. Inform., vol. 76, pp. 466–470, 2007. View at: Google Scholar
  25. A. R. Bakker, “The evolution of Health Information Systems, security in practice and open issues,” Stud. Health Technol. Inform., vol. 96, pp. 15–20, 2003. View at: Google Scholar
  26. B. Blobel, “Advanced and secure architectural EHR approaches,” Int. J. Med. Inform., vol. 75, pp. 185–190, 2006. View at: Google Scholar
  27. Helma van der Lindena, Dipak Kalrab, Arie Hasmanc, and Jan Talmona, “Inter-organizational future proof EHR systems: A review of the security and privacy related issues,” International journal of medical informatics, pp. 141–160, 2009. View at: Google Scholar
  28. A. K. Massey, P. N. Otto, L. J. Hayward, and A. I. Anton, “Evaluating existing security and privacy requirements for legal compliance,” Requirements Eng, vol. 15, pp. 119–137, 2010. View at: Google Scholar
  29. H. Farooqui, E. Crowley, D. Gurkan, and F. Merchant, “Open Source tools for optimizing HIPPA compliance,” in Biomedical Society Annual Conference, 2009, Oct. View at: Google Scholar
  30. M. Gallaraga et al., “Proposal of an ISO/IEEE 11073 platform for healthcare telemonitoring: plug-and-play solution with new use cases,” in 29th IEEE EMBS Annual International Conference, 2007. View at: Google Scholar
  31. S. Warren, J. Yao, R. Schmitz, and J. Lebak, “Reconfigurable point-of-care systems designed with interoperability standards,” IEEE EMBC, vol. 26, pp. 3270–3273, 2004. View at: Google Scholar
  32. IEEE Standards Association page: http://standards.ieee.org/.
  33. R. J. Kennelly and R. M. Gardner, “Perspectives on development of IEEE 1073: the medical information bus (MIB) standard,” Int. Journ. Clin. Monit. Comput., vol. 14, pp. 143–149, 1997. View at: Google Scholar
  34. P. K. McKneely, F. Chapman, and D. Gurkan, Plug-and-Play and Network-Capable Medical Instrumentation and Database with a Complete Healthcare Technology Suite: MediCAN, 2007 HCMDSS and Medical Device Plug-and-Play Interoperability.
  35. Suman Gumudavelli, Paul K. McKneely, Pongnarin Thongpithoonrat, D. Gurkan, and Frank M. Chapman, “Medical Instrument Data Exchange, IEEE EMBC 2008, 2008, August.
  36. Insecure.Org. Top 100 Network Security Tools. Retrieved May 2009, from http://sectools.org/: http://sectools.org/.
  37. Homeland Security. (N.A, N.A). National Vulnerability Database. Retrieved May 2009, from cve.mitre.org: http://cve.mitre.org/cve/.
  38. System Administration, Networking, and Security Institute. (2007). Top 20 Internet Security Problems, Threats and Risks. Retrieved July 2009, from www.sans.org: http://www.sans.org/top20/#s7.
  39. B. Grindlay and D. Litchfield, Database Hacker's Handbook: Defending Database Servers, Wiley, John & Sons, Incorporated, 2005.
  40. Microsoft. SQL Injection. Retrieved July 2009, from msdn.microsoft.com: http://msdn.microsoft.com/en-us/library/ms161953.aspx.
  41. Rapid7. (N.A, N.A). Dowload the Metaspoit Framework. Retrieved September 2009, from www.metasploit.com: http://www.metasploit.com/framework/download/.
  42. Bob Beauchemin, SQL Server 2005 Security Best Practices - Operational and Administrative Tasks, March 2007. Retrieved July 2010 from http://download.microsoft.com/download/8/5/e/85eea4fab3bb-4426-97d0-7f7151b2011c/SQL2005SecBestPract.doc.

Copyright © 2010 Hindawi Publishing Corporation. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

232 Views | 229 Downloads | 1 Citation
 PDF  Download Citation  Citation
 Order printed copiesOrder