Transferring data from one EPR to another: content--syntax--semantic.

When data are transmitted between electronic patient record (EPR) systems, we can distinguish several tasks. One task is the definition of structure and semantic content of the data in a message structure. Another task is the mapping of the sending EPR's structure to this message structure. A third task is the mapping of the message structure to the receiving EPR's structure. We describe an approach, which distinguishes clearly between these different tasks and activities. Using this approach we have implemented a data transfer procedure between a cancer registry application and a middleware for healthcare information systems. Our experience showed that the proposed systematic approach helped identify problems for data transfer in an early design phase. It also allowed us to limit modifications of the data exchange procedure to certain tasks or activities when one of the EPR applications was updated. In the end, we could even exchange the underlying message format without having to reimplement the complete interface.

Increasing the diversity of medical data mining through distributed object technology.

Data mining has been recently experiencing a boom of interest from researchers and software producers. In medicine, however, its applications are still rather rare. In this paper, we argue that this is primarily due to the requirements of reproducibility of results and diversity of available data mining tools, both of which are crucially important for medical research. We propose to tackle the diversity requirement by means of distributed object technologies. The results presented here rely on our experience with medical data mining using the method GUHA and with further developing that method.

CORBA security services for health information systems.

The structure of healthcare systems in developed countries is changing to 'shared care', enforced by economic constraints and caused by a change in the basic conditions of care. That development results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and, as far as their domains are concerned, heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems require a high level of data protection and data security, both with respect to patient information and with respect to users. This paper, relying on experience gained through our activities in CORBAmed, describes the possibilities the CORBA middleware provides to achieve application and communication security. On the background of the overall CORBA architecture, it outlines the different security services previewed in the adopted CORBA specifications which are discussed in the context of the security requirements of healthcare information systems. Security services required in the healthcare domain but not available at the moment are mentioned. A solution is proposed, which on the one hand allows to make use of the available CORBA security services and additional ones, on the other hand remains open to other middleware approaches, such as DHE or HL7.

Comparing middleware concepts for advanced healthcare system architectures.

Different approaches to middleware, supporting systems integration in healthcare, are described and evaluated, regarding concepts, architectural framework, and relevance for healthcare enterprises. This evaluation includes CORBA, DHE, and HL7. CORBA, promoted in the healthcare area through the efforts of CORBAmed, is a strictly object-oriented approach, whereas DHE is based on process-related concepts. The earlier HL7 approach, without any modelling and with proprietary communication management, is changing to a harmonised information interchange concept in healthcare, taking into account also other protocols and medical domains with orientation to an electronic patient record. The opening also includes the separation of message definition and message exchange format, enabling the migration of different EDI standards. HL7 will also support the integration of standardised platforms as 'networking mediator applications'. Finally, some recommendations for future developments are given.

Security of healthcare information systems based on the CORBA middleware.

The development of healthcare systems in accordance to the "Shared Care" paradigm results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems demand a high level of data protection and data security, both with respect to patient information and with respect to users. The security concepts and measures available and additionally needed in health information systems based on CORBA architecture are described in this paper. The proposed security solution is also open to other middleware approaches, such as DHE or HL7.

Healthcare information system approaches based on middleware concepts.

To meet the challenges for efficient and high-level quality, health care systems must implement the "Shared Care" paradigm of distributed co-operating systems. To this end, both the newly developed and legacy applications must be fully integrated into the care process. These requirements can be fulfilled by information systems based on middleware concepts. In the paper, the middleware approaches HL7, DHE, and CORBA are described. The relevance of those approaches to the healthcare domain is documented. The description presented here is complemented through two other papers in this volume, concentrating on the evaluation of the approaches, and on their security threats and solutions.

Comparison, evaluation, and possible harmonisation of the HL7, DHE, and CORBA middleware.

Regarding the need of change of both healthcare systems' structure and supporting information systems' architecture to the "Shared Care" paradigm, appropriate health information systems have to be distributed and interoperable, and will usually be based on middleware concepts. Structure and function of information systems meeting such requirements have been analysed in general. To describe, evaluate and combine distributed systems, a generic component model has been used. As a result, CORBA, DHE, and HL7 have been assessed systematically. A way to a common and harmonised middleware approach has been proposed.

Security threats and solutions in distributed, interoperable health information systems using middleware.

Increasingly, distributed, interoperable healthcare information systems, which meet the shared care paradigm, work across the boundaries of policy, organisational, and technological domains and are based on middleware concepts. Especially in healthcare with its sensitive personal and medical data, such systems require advanced data security measures. In the paper, a common object-oriented security model for middleware systems and advertisements for implementation are proposed, corresponding the security requirement of both the user and the application environment.