Demographics service
Karsten You will see from the attestation class that it is possible to add an image with a digital signature - allowing compositions to be pixelmaps for legal purposes if required. Cheers, Sam Heard The EHR is rather a unique document and a layered approach is necessary as old data must never be altered - may not necessarily be accessible but must never be altered. Errors can be corrected but the error must remain totally accessible in the manner it was presented to the clinician when it was relied upon - eg clinical results, medications. That is not feasible as it would amount to taking physical pictures of the screen as it looked when displayed. And even this would only prove what the user *might have seen had she tried* - certainly not what she *saw*. Karsten - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Demographics service
That is not feasible And that's the problem that will keep the technical people in money for years to come. Not only must it be feasible it will be demanded by judges and courts if the EHR is to ever be truly adopted. Even now we have rules that all e-mails where a decision is made must be printed out! The paperless world has never been to court. It is feasible of course but complex. Flags are set when pages are viewed, there are intricate audit trails (terabytes). The fact that no one is doing it yet is that the litigation costs haven't risen high enough to balance the need to do it. Once a few specialists are sued for activities that can not be supported by the record and they known they were innocent then we will see some very interesting changes, either a reappearance of paper records (personal) or a new paradigm of image capture. IMHO of course. David -Original Message- From: owner-openehr-techni...@openehr.org [mailto:owner-openehr-technical at openehr.org] On Behalf Of Karsten Hilbert Sent: Saturday, 5 March 2005 8:22 AM To: openehr-technical at openehr.org Subject: Re: Demographics service The EHR is rather a unique document and a layered approach is necessary as old data must never be altered - may not necessarily be accessible but must never be altered. Errors can be corrected but the error must remain totally accessible in the manner it was presented to the clinician when it was relied upon - eg clinical results, medications. That is not feasible as it would amount to taking physical pictures of the screen as it looked when displayed. And even this would only prove what the user *might have seen had she tried* - certainly not what she *saw*. Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Demographics service
You speak much sense!! The Legal environment in particular requires reconstruction. Oh that was the best one I heard today - it's in the order of when the warp drive emerges. Need to think more on your wise thoughts though. David -Original Message- From: owner-openehr-techni...@openehr.org [mailto:owner-openehr-technical at openehr.org] On Behalf Of lakewood at copper.net Sent: Saturday, 5 March 2005 3:36 AM To: openehr-technical at openehr.org Subject: Re: Demographics service Hi David, Significant problem! However, software configuration management has solved this before. In the Legal or secure OS environments the contributions of individuals are in fact part of the record even through the 'end-game' is an update that merges the contributions of all, e.g., a composite record. It is critical that 'information' is not lost nor corrupted. Efforts to 'crunch' multiple records into a satisfactory record usually fail this requirement at some point. A reasonable objective is to permit multiple Practitioners to enter information simultaneously, maintain original context and content, build a composite record that is compatible with the target record-handling system, and support 100% re-assembly of all sources of information. A 'build-and-submit' or 'interactive-entry' architecture can yield multiple 'composite' records that may also be linked by one or more events, e.g., surgery and lab work. It may also be necessary to declare a higher-order event (in a record) to which subsequent events can be linked (extra-record, meaning the event can transcend a collection of records, e.g., multiple contacts-same cause). Information organization is a virtue; lack of it may well impact information retrieval. Try coordinating the activities and results of 20+ Software Engineers working on a release. Things happen in parallel. The Legal environment in particular requires reconstruction. Regards! -Thomas Clark Bigpond wrote: The EHR is rather a unique document and a layered approach is necessary as old data must never be altered - may not necessarily be accessible but must never be altered. Errors can be corrected but the error must remain totally accessible in the manner it was presented to the clinician when it was relied upon - eg clinical results, medications. The concept of layering new information on old is important. There does have to be lock outs or transaction controls when new data is being entered in but there is no need for old material (old may be seconds of course)to be locked out cause it can't or shouldn't be changed. If two doctors are entering elements of say a discharge summary then one cannot edit while another is adding - it needs a message indicating someone else is working on the current document and wait. It is more complex than that but the basic principle applies old data never changes even old addresses must stay. Legally it is important to be able to reproduce exactly the circumstances that the computer presented to the clinician at any point in time for inquests, litigation etc. We are dealing with these issues today with our CIS and it is a challenge. David Evans Brisbane Australia - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Governance and Legal Demographics services?
Hello David and Thomas, You said: You speak much sense!! The Legal environment in particular requires reconstruction. When you combine these ideas of Sense Making and Reconstructing the legal environment's relationships to medical communities of _EHR practice we tickle the need for some common upper ontology for the domains of governance which includes the process by which the legal environments are created and maintained in various countries. Several of us involved in a US NHIN_EHR Request for Information process have begun muddling the question of governance in standards bodies such as OASIS and considering the processes by which XML evolved under Jon Bosak and others a decade ago as the basis for building some US Natl Health Info/Knowledge Networks to support standards for _EHR deployment and use. So an intenational awareness is essential, but how far has the openEHR community explored these dynamic issues? And how are the relationships being expressed? Bob -Original Message- From: owner-openehr-techni...@openehr.org [mailto:owner-openehr-technical at openehr.org] On Behalf Of Bigpond Sent: Saturday, March 05, 2005 4:25 AM To: openehr-technical at openehr.org Subject: RE: Demographics service You speak much sense!! The Legal environment in particular requires reconstruction. Oh that was the best one I heard today - it's in the order of when the warp drive emerges. Need to think more on your wise thoughts though. David -Original Message- From: owner-openehr-techni...@openehr.org [mailto:owner-openehr-technical at openehr.org] On Behalf Of lakewood at copper.net Sent: Saturday, 5 March 2005 3:36 AM To: openehr-technical at openehr.org Subject: Re: Demographics service Hi David, Significant problem! However, software configuration management has solved this before. In the Legal or secure OS environments the contributions of individuals are in fact part of the record even through the 'end-game' is an update that merges the contributions of all, e.g., a composite record. It is critical that 'information' is not lost nor corrupted. Efforts to 'crunch' multiple records into a satisfactory record usually fail this requirement at some point. A reasonable objective is to permit multiple Practitioners to enter information simultaneously, maintain original context and content, build a composite record that is compatible with the target record-handling system, and support 100% re-assembly of all sources of information. A 'build-and-submit' or 'interactive-entry' architecture can yield multiple 'composite' records that may also be linked by one or more events, e.g., surgery and lab work. It may also be necessary to declare a higher-order event (in a record) to which subsequent events can be linked (extra-record, meaning the event can transcend a collection of records, e.g., multiple contacts-same cause). Information organization is a virtue; lack of it may well impact information retrieval. Try coordinating the activities and results of 20+ Software Engineers working on a release. Things happen in parallel. The Legal environment in particular requires reconstruction. Regards! -Thomas Clark Bigpond wrote: The EHR is rather a unique document and a layered approach is necessary as old data must never be altered - may not necessarily be accessible but must never be altered. Errors can be corrected but the error must remain totally accessible in the manner it was presented to the clinician when it was relied upon - eg clinical results, medications. The concept of layering new information on old is important. There does have to be lock outs or transaction controls when new data is being entered in but there is no need for old material (old may be seconds of course)to be locked out cause it can't or shouldn't be changed. If two doctors are entering elements of say a discharge summary then one cannot edit while another is adding - it needs a message indicating someone else is working on the current document and wait. It is more complex than that but the basic principle applies old data never changes even old addresses must stay. Legally it is important to be able to reproduce exactly the circumstances that the computer presented to the clinician at any point in time for inquests, litigation etc. We are dealing with these issues today with our CIS and it is a challenge. David Evans Brisbane Australia - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Demographics service
Sam, You will see from the attestation class that it is possible to add an image with a digital signature - allowing compositions to be pixelmaps for legal purposes if required. Well, surely it's technically possible to track images of what was sent to the screen for display. But does that help any ? They screen may have been obscured for some reason or other at several layers (software, hardware, physical world). Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Demographics service
That is not feasible And that's the problem that will keep the technical people in money for years to come. I am not a technical person per se. I am an clinician. Not only must it be feasible it will be demanded by judges and courts Surely, courts and judges have been known to demand and accepts proofs that aren't proofs before. They'll learn, too, what things need to be taken to mean. if the EHR is to ever be truly adopted. Too pessimistic, IMO. Even now we have rules that all e-mails where a decision is made must be printed out! Which is akin to photographing every screen you view. The paperless world has never been to court. In a court one not always has to provide a waterproof trail of evidence. There is substantial evidence (is that what it's called ?). And there is demonstration of due course which adds a lot of weight to what otherwise are simple assertions. It is feasible of course but complex. Flags are set when pages are viewed, Those flags do not document what you want them to document. Such a flag only documents that it was set. Everything else is due course. Eg. if the flag is set it is reasonable to assume that it was set by the software the doctor claims to have used. Also it is reasonable to assume that the doctor thus saw what that program would display in conjunction with that flag being set. No hard proof there. there are intricate audit trails (terabytes). The fact that no one is doing it yet Why do you think this is a fact ? Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Demographics service
Life is simple. Once we physicians know what to ask and why. Gerard -- private -- Gerard Freriks, arts Huigsloterdijk 378 2158 LR Buitenkaag The Netherlands +31 252 544896 +31 654 792800 On 05 Mar 2005, at 13:22, Bigpond wrote: And that's the problem that will keep the technical people in money for years to come. Not only must it be feasible it will be demanded by judges and courts if the EHR is to ever be truly adopted. Even now we have rules that all e-mails where a decision is made must be printed out! The paperless world has never been to court. It is feasible of course but complex. Flags are set when pages are viewed, there are intricate audit trails (terabytes). The fact that no one is doing it yet is that the litigation costs haven't risen high enough to balance the need to do it. Once a few specialists are sued for activities that can not be supported by the record and they known they were innocent then we will see some very interesting changes, either a reappearance of paper records (personal) or a new paradigm of image capture. IMHO of course. David -- next part -- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1174 bytes Desc: not available URL: http://lists.openehr.org/mailman/private/openehr-technical_lists.openehr.org/attachments/20050305/55b087ca/attachment.bin
Authenticity Issues [was: Re: Demographics service]
On Sat, Mar 05, 2005 at 10:22:27PM +1000, Bigpond wrote: That is not feasible And that's the problem that will keep the technical people in money for years to come. $$$ Cheers $$$ ;-) Not only must it be feasible it will be demanded by judges and courts if the EHR is to ever be truly adopted. Even now we have rules that all e-mails where a decision is made must be printed out! The paperless world has never been to court. It is, but a matter of time. In this case, may take varying amount of time in different countries, but then technology will finally prevail. Do you recall a few decades ago when ball point pens first made an appearance in the market ? It took some time for banks and courts to accept documents signed in ball pens ! But then, that was a relatively minor thing when compared with a digital transition. And we have all forgotten ! The main issue here is varification of authenticity of digital data entry. There must be some mechanism to ensure that every entry placed in the EHR must be authenticated by the signitory, even if the entry is made by a secretary, DEO or transcription- ist. Once a fail proof method is evolved, the legal process would gradually yeild. The value of the signed hard copy is aithenticity, not content. It is this issue that we need to address. It is feasible of course but complex. Authentication must be ensured in spite of the complexity. There is no alternate recourse. Flags are set when pages are viewed, there are intricate audit trails (terabytes). Audit trails of visits are only to ensure read access by authorised agencies. What is more important is 'write access' authentication, by best means as commensurate with available technology. No doctor should be in a position to deny that 'this medicine was not prescribed by me' or 'this is not my report' at any stage. The fact that no one is doing it yet is that the litigation costs haven't risen high enough to balance the need to do it. Once a few specialists are sued for activities that can not be supported by the record and they known they were innocent then we will see some very interesting changes, either a reappearance of paper records (personal) or a new paradigm of image capture. IMHO of course. It would be inappropriate to wait for litigation processes to bring in the change. The thought process would have to be built in right from scratch, and refined as technology advances. For a start we could start with password/ paraphrase protected write access, or GPG/ PGP or maybe thumb imprint ... But then this is an important issue, and you just can't bypass the Law anywhere ... Dr USM Bish Bangalore - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Authenticity Issues [was: Re: Demographics service]
The main issue here is varification of authenticity of digital data entry. There must be some mechanism to ensure that every entry placed in the EHR must be authenticated by the signitory, even if the entry is made by a secretary, DEO or transcription- ist. A first-step solution might be this: - writes are tracked (author, timestamp) - regular clear-text database dumps are taken (say, twice daily) this includes the tracked writes (eg audit logs) - dumps are signed to be authentic by a, say, CMO - dump hashes are timestamp-signed by non-affiliated third parties (say, digital notary servers provided by medical faculties, etc.) This is kept for later presentation to a court. It shows proper care and due course (we aim at doing this - and partially already do - in GnuMed). In a second step writes might not just be tracked but also required to be digitally signed off which would add non-repudiation to the data in the authenticated dump. Audit trails of visits are only to ensure read access by authorised agencies. Even that does not really add any value. IF access occurred it must have occurred with proper credentials (barring bugs in the software). The question is whether those credentials were abused by someone who wasn't supposed to know them or by someone in the know but who wasn't supposed to access that part of the data. One study showed a decrease in the latter when tracking reads was announced to the regular users. Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Demographics service
Hi Gerard, Wish you were right. Comment: Changes in the legal system can be used to prove the continuing existance of Evolution. Regards! -Thomas Clark Gerard Freriks wrote: Life is simple. Once we physicians know what to ask and why. Gerard -- private -- Gerard Freriks, arts Huigsloterdijk 378 2158 LR Buitenkaag The Netherlands +31 252 544896 +31 654 792800 On 05 Mar 2005, at 13:22, Bigpond wrote: And that's the problem that will keep the technical people in money for years to come. Not only must it be feasible it will be demanded by judges and courts if the EHR is to ever be truly adopted. Even now we have rules that all e-mails where a decision is made must be printed out! The paperless world has never been to court. It is feasible of course but complex. Flags are set when pages are viewed, there are intricate audit trails (terabytes). The fact that no one is doing it yet is that the litigation costs haven't risen high enough to balance the need to do it. Once a few specialists are sued for activities that can not be supported by the record and they known they were innocent then we will see some very interesting changes, either a reappearance of paper records (personal) or a new paradigm of image capture. IMHO of course. David - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
Governance and Legal Demographics services?
Hi Bob, An 'international awareness' must be developed in advance and evolved continuously. The EHR community is part of the bedrock of future Healthcare policies, procedures and practices. It must be based on facts and incorporate all available information. The Legal community requires facts in the form of admissible evidence and information in the form of testimony, inferences, deductions and interpretation. It renders judgments in accordance with established law and in some cases remedies for parties before the Court. In the presence of this certainty it makes 'big' mistakes and sometimes loses its way. As an example, Forensic Science has upset many judgments and caused the restructuring of many policies, procedures and practices. A complaint often heard is that Forensic Science, and genetics in particular, has in a short time caused more change than years of reasoned thought within the Community. With jurisdictions releasing prisoners from Death Row for crimes they did not commit to ineffective FDA-approved drugs, with fatal side effects, for specific conditions being withdrawn change is 'in the air'. A recent humorous complaint from the bench comments on juries demanding to have Forensic data and analysis prior to deliberations. It might be that 'fact-based outcome-oriented' Healthcare is becoming popular. ... tickle the need for some common upper ontology for the domains of governance which includes the process by which the legal environments are created and maintained in various countries ... the question of governance in standards bodies ... ... This is not an easy task due to the supremacy of the Administrative, Legislative and Judicial branches of governments plus the diversity and number of governments. The following is a simple example of how technology, science and legal processes can work in one jurisdiction. BRAIN FINGERPRINTING *IN THE SUPREME COURT OF IOWA** *No. 122 / 01-0653 Filed February 26, 2003 TERRY J. HARRINGTON, Appellant vs. STATE OF IOWA, Apellee http://www.judicial.state.ia.us/supreme/opinions/20030226/01-0653.asp ... Upon our review of the record and the arguments of the parties, we conclude (1) Harrington?s appeal is timely; (2) this action is not time barred; (3) Harrington is entitled to relief on the basis of a due process violation; and (4) Harrington?s motion for conditional remand is moot. Accordingly, we reverse the district court judgment, and remand for entry of an order vacating Harrington?s conviction and sentence, and granting him a new trial. We deny Harrington?s motion for remand on the basis of mootness ... Brain Fingerprinting Laboratories http://www.brainwavescience.com/Ruled%20Admissable.php ... In order to be admissible under the prevailing Daubert standard, the science utilized in a technology is evaluated based on the following four criteria: (The Iowa courts are not bound by the Daubert criteria used in the federal courts, but they do use them when determining the admissibility of novel scientific evidence.) 1. Has the science been tested? 2. Has the science been peer reviewed and published? 3. Is the science accurate? 4. Is the science well accepted in the scientific community? The judge ruled that Brain Fingerprinting testing met all four of the legal requirements for being admitted as valid scientific evidence. The ruling stated: The test is based on a 'P300 effect.'? The P300 effect has been studied by psycho-physiologists?The P300 effect has been recognized for nearly twenty years. The P300 effect has been subject to testing and peer review in the scientific community. The consensus in the community of psycho-physiologists is that the P300 effect is valid ... This example identifies one approach to modifying existing legal processes. There are close to 200 countries in the UN and each maintains significant diversity. An approach taken within the US is based upon a set of 'Model Codes' (see the Legal Information Institute at: http://www.law.cornell.edu/statutes.html ). A recommended approach to addressing Healthcare under the Law, Legal requirements, handling and interpretations of EHRs, and related Legal processes is to: 1)Expand the Model Codes to cover EHRs 2)Include appropriate provisions with the EHR standards to build-in compatibility with the Model Codes 3)Include processes to handle change. Separate Legislatures and Judicial systems reference the Model Codes now, i.e., When in doubt look at what others have built. Since Judicial systems interpret the laws that the Legislatures have enacted the opportunity to impact the system to achieve goals for the common good in the shortest time lie with the Model Codes. At least this approach can be considered foundational. Regards! -Thomas Clark Bob Smith wrote: Hello David and Thomas, You said: You speak much sense!! The Legal environment in particular requires reconstruction. When you