Coordination among healthcare workers is vital for providing unified and wholistic care to patients. Australia’s My Health Record was introduced in 2019 to help with the distribution of digital records among healthcare professionals. However, the My Health system is primarily for pathology or imaging providers and most public or private hospitals. However, it does not allow for coordination among all disciplines of medicine like pharmacy, general practitioners and other specialists. I propose a unified system that allows for simple interdisciplinary communications while allowing patients agency over their sensitive health data.
The system will prioritise interoperability to ensure that the system is able to work with a variety of clinical settings. Secondly, due to the sensitivity of patient data the security of the system is paramount. Finally, the system has to be highly available and scalable to ensure vital information is accessible to healthcare professionals at all times no matter the amount of system traffic.
The system will help healthcare teams to make more informed clinical decisions, prevent errors due to lack of information and therefore help improve care for patients.
Name: Charlotte Birkinshaw
Student number: 47028474
It will be a fully comprehensive system that allows for the exchange of information across diciplines, different organisations and patients.
The system will provide a single place for patients’ medical history including all interactions with healthcare providers including clinical notes, prescribed medications, patient allergies and other key health data.
The system must have a secure messaging system to allow healthcare providers to have direct communication with one another. This allows for easy referral between teams and allows teams to coordinate care across a variety of organisations and diciplines.
The system should also include a patient facing UI to allow patients the abbility to access their health record. Through this patients can manage consent for sharing their data, book appointments with healthcare professionals, and request prescriptions or care information from their healthcare providers.
There will be comprehensive logging for all access to data through the system to ensure there is compliance with any regulations as well as ensuring patient privacy. Logging should track all user interactions with the system and monitor the flow of information for auditing purposes.
This project aims to deliver a Minimum Viable Product (MVP) of the unified record system to ensure the functionality of the core infrastructure.
The MVP should include the following functionalities:
Core patient record storage: This is the implementation of the main database for storing and accessing all key patient data. This should be easily modifiable.
This MVP scoped system will represent a feasible implementation that will demonstrate the infrastructure components while confirming the necessary quality attributes.
The record system should easily allow for the exchange of health information as well as the integration of exisiting systems and their data. Interoperability is the key quality attribute in this system since without it we are unable to bridge the gaps between healthcare disciplines. Lots of these different healthcare disciplines use different systems which are often legacy systems.
The new record system will need to interface with exisisting systems, since during the MVP access to these systems for testing is not possible an extensive set of APIs should be created in unit tested. Within the MVP 2 different UI’s will be created to simulate access from different systems.
Since this system is dealing with sensitive patient health data it is important to ensure there is no unauthorised access.
The system will require the implementation of role-based access control (RBAC) to ensure those allowed will be able to access patient data with preventing nefarious access of sensitive patient information. The authentification system should also comply with some industry standards such as session timeouts. Additionally, all data should be end-to-end encrypted.
The system must allow for constant availability of health data for authorised users under a variety of levels of user traffic. The system should perform as expected with limited downtime. The often time-sensitive nature of healthcare situations means that if the system is unavailable or unable to process requests in a timely manner it could potentially be life threatening.
The system should have an uptime of at least 98% and an average recovery time of less than 5 minutes. Response times should be under around 3 seconds and should not vary vastly during times of high traffic
The evaluation plan will ensure that the system delivers on the required quality attributes.
Implement a variety of automated tests with simulation data to validate the exchange of data in a real life scenarios. This will help validate the connection between healthcare systems ensuring the flow of data in and out.
We will create 10-15 patient scenarios that require information to be send across healthcare disciplines. For example, discharging a patient from hospital with required prescriptions and necessary follow-up appointments with specialists or general practitioners.
To ensure the security of the system we should conduct a variety of tests to identify any security vulnerabilities. For example, there should be extensive testing of the RBAC to ensure only users of the appropriate authorisation should be able to authorise certain data.
The access logging should also be extensively tested to ensure there is a log of all system operations. It is important to research specific healthcare privacy regulations to verify the logging complies with required privacy laws.
The system should have high availability at all times and should therefore be tested by simulating 1.5 times the expected number concurrent users.
The system must include failure mechanisms to measure and limit recovery times. These mechanisms can be tested by simulating a controlled failure in the system.