Sensitive Data Discovery in Care Pathways using Business Process Modelling and HL7-CDA

Essefi, Intidhar; Boussi Rahmouni, Hanene; Ladeb, Mohamed Fethi

Home // International Journal On Advances in Life Sciences, volume 11, numbers 1 and 2, 2019 // View article

Sensitive Data Discovery in Care Pathways using Business Process Modelling and HL7-CDA

Authors:
Intidhar Essefi
Hanene Boussi Rahmouni
Mohamed Fethi Ladeb

Keywords: business process modeling; clinical pathways; data driven; legally HL7 structured medical data; HIPAA legislation; ontology; patient privacy; privacy requirements; CDA

Abstract:
Medical data communication is an important process enabling collaboration between healthcare professionals. The use of patient Electronic Health Record (EHR) ensures an enhanced continuity of care since it provides a centralized patient information access in a seamless way. In data protection law, the electronic exchange of medical data should comply with privacy obligations and data security safeguards. It is therefore a legal requirement for hospitals to ensure that patient information are processed and shared throughout clinical business processes in a standardized and structured form in order to be able to clearly discover and highlight the patient protected information manipulated in each process. In this work, we propose a clinical pathway specification methodology that is at the same time data driven and privacy aware. Our model gives special attention to the structure and the data content of shared medical documents. These documents are usually structured following the Health Level 7 (HL7)-Clinical Document Architecture (CDA). This research aims to define a legally shared HL7 structure of medical data ought to be processed and exchanged within clinical processes. Throughout the use of an ontology information model of medical data, we are aiming to capture and classify the data used in each clinical process into categories. We put special emphases on the level of protection required by each category of data in respect of the international health data legislation namely, the Health Insurance and Accountability Act (HIPAA). Particularly, our model ensures the implementation of the privacy by design principle since it ensures the adoption of data protection requirements starting from a very early stage of Hospital Information Systems (HIS) design.

Pages: 56 to 67

Publication date: June 30, 2019

Published in: journal

ISSN: 1942-2660