Hi Paul, hi the list, Thanks for your post - I thought nobody took the time to read mine ;o)
I tried to keep my post in the range of openEHR, however, since you are pushing me one step further, I need to tell that, from my point of view, continuity of care is probably a step to cross, but not the ultimate goal. Once you agree that the patient is the owner of a system (say the EHR in the taxonomy you are proposing), you have to ask yourself : "when, why and by who shall this system get used ?". If you think that Electronic Health Record is the right concept for continuity of care, it is probably because you realized that Health doesn't mean "no disease", and that even people with chronic disease are most often managing their health than they are subject of care. The conclusion we made is that if the system belongs to the patient, it must be a tool for the person (and not only the patient). So, this very tool must be a he "health capital" manager. Since the system we are working on is problem oriented, and it allows to establish health objectives - and not only records, we called it : Individual Health Project. Now the taxinomy is richer, with three acronyms EMR, EHR and IHP ;o) Philippe >Philippe, > >The approach you have identified makes a lot of sense to me and goes a >long ways toward clarifying "ownership" of the record. I do think it >would be helpful to develop standard taxonomy for distinguishing the two: >EMR signifying within a closed health care system, and EHR signifying the >continuity of care record which is the property of the patient. It seems >to me that if this distinction is not made, "ownership" is going to boil >down to issues like "intellectual property." The way I see it, ownership >and access are two, separate, albeit, overlappying issues. Did I hear >somebody mention Napster? > > >>> Philippe AMELINE <philippe.ameline at nautilus-info.com> 04/29/03 > 12:54AM >>> >Hi, > >I must confess I didn't read very carefully each message on this thread ; >however, I think that I may contribute by explaining the direction we are >currently following. > >First I think we must distinguish between care coordination (inside an >openEHR node) and continuity of care. >Continuity of care means that you manage to index every contributions for >a single patient (these contributions can be openEHR contributions or other >systems contribution, or even data here and there). > >The acces rules must be very different in both cases since : >- inside a node (care coordination) the system belongs to the team and/or >the careplace (say it is a domain, maybe a meta-domain) and see patients >passing through (from in to out). >- a continuity of care system necesseraly belongs to the patient (when you >consider a wide period of time, it is the only stable user) and see medical >teams passing through. > >To adress this change of point of view (from a steady referential to a >moving referential), we are building a system with the following rules : >- the continuity of care system is an index of existing contributions and >is granted access rights to the nodes >- inside the continuity of care system, people that may access data are >given a position inside the patient "health team" : the position depends on >the people "job" (doctor, other health professional, family, social worker) >and depends on his "distance" from the patient (usual care giver vs unusual >one). > >Hence the access rights to the contribution are determined for each >possible position and depends on the current role inside the personal halth >team at the very moment. > >You can like the way we do it or not, however, I don't think you can make >proper access rights if you don't adress the issue of steady referential >(care coordination - or groupware) vs moving referential (continuity of >care - every episod of care for every care team). > >Philippe > > > >Hi Thomas, > > > >Thomas Beale wrote: > > > > > >/snip/ > > > > > So. What do we know? > > > - role-based access control is required. To make it work properly in a > > > shared care community context (e.g. a hospital, 50 GPs, aged care homes, > > > nursing care, social workers etc etc) then the roles need to be defined > > > congruently. I seem to remember some Canadian project coming to the > > > conclusion that really the roles need to be defined the same across the > > > entire (national) health care system. I think this is both correct and a > > > the same time unrealistic. > > > >With all due respect, Thomas, it it's unrealistic then, IMO, it can't be > >correct. (Pragmatism R Us ;-) ) > > > >I'd like to offer food for thought. The fundamental assumption at work here > >seems to be that care givers will access the same system, thus driving the > >need for all users of the system to be assigned roles that are defined > >congruently. Let's consider an alternative model. > > > >When I travel from the U.S. to the U.K., I (the physical being) move from > >one socio-cultural-legal model to another. That does not change who / what > >I am, but it does change my behavior because I operate under a different > set > >of norms and mores in the new environment. I accept new forms of > >interaction and find that familiar forms are no longer available. > > > >Why should it be any different for the information about me than it is for > >me? > > > >If we work from a perspective that posits that health information will move > >from system to system and be used / modified based on the rule sets in > place > >within the various systems, does that make the problem more amenable to > >solution? > > > > > I think we will be able to find ways of > > > having diversely defined roles without every health care facility having > > > incompatible definitions of "consultant", "treating physician" etc. > > > Bernd's work on this area is pretty detailed. > > > >I thank Bernd for opening my eyes to what should have been obvious to me at > >a much earlier stage. The security problem with EHR systems is > >fundamentally the same problem faced in OLAP databases. Or perhaps I should > >say that it's the OLAP security problem with a twist. At least OLAP > >databases are typically confined to one environment / business. It's clear > >that the EHR problem is more difficult in that EHR's must, IMO, be capable > >of moving between environments. Perhaps, by requiring a more generalized > >solution, the EHR problem will actually be easier to solve. > > > >I don't know if you've checked out Mike Mair's paper but it implicitly > poses > >a very interesting question. "Is a biologically-based security model > >fundamentally better aligned with the needs of an information system about > >biological entities than alternative models?" I'm hopeful the list will > >have some comments on Mike's paper. I think the question is worth some > >thought / discussion. > > > >/snip/ > > > >Best regards, > >Bill > > > >- > >If you have any questions about using this list, > >please send a message to <mailto:d.lloyd at openehr.org>d.lloyd at > >openehr.org > >- >If you have any questions about using this list, >please send a message to <mailto:d.lloyd at openehr.org>d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
