architecture for a web-based clinical information system that keeps the design open and the access...
DESCRIPTION
Open Architecture Simplify integration Take care of security tasks Track usage Support evaluationTRANSCRIPT
Architecture for aWeb-Based Clinical Information System
that Keeps the Design Openand the Access Closed
James J. Cimino, Soumitra Sengupta, Paul D. Clayton, Vimla L. Patel, Andre Kushniruk, Xiaoli Huang
-Department of Medical Informatics, Columbia University
Centre for Medical Education, McGill University
Task
• Create a secure Web-based clinical information system interface...
... for patients (PatCIS)
• Create an environment that will facilitate the rapid prototyping and simplified integration that is conducive to testing new ideas
Open Architecture
• Simplify integration
• Take care of security tasks
• Track usage
• Support evaluation
Closed Access• Authorization:
– One-user, one-patient authorization• Authentication:
– User ID and password– SecurID token– Secure Socket Layer encryption– Single-use "log on" form– Session ID– Short time-out– Long time-out– Log out
User Interface Design
• Netscape Navigator 4.x
• Constant set of main function classes
• "Sub-buttons" are customizable
• Low-tech, minimal “flash”
Data Entry
Review
Advice
Education
Comments
Help
Logout
patcis.cgi
Web ServerWeb Browser
Data Entry
Review
Advice
Education
Comments
Help
Logout
Javascript
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
SessionRegistry
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
SessionRegistry
RequestPassword
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
SessionRegistry
Re-enterPassword
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
SessionRegistry
UsageLog
InternetCGI
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
UsageLog
Internet
Link
CGI
CGI
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
Internet
Link CGI
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
Internet
Javascript
Link CGI
Data Entry
Review
Advice
Education
Comments
Help
Logout
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
Internet
Link CGI
Data Entry
Review
Advice
Education
Comments
Help
Logout
Javascript
Vital Signs Blood Sugar
Data Entry
patcis.cgi
Web ServerWeb Browser
SessionRegistry
Re-enterPassword
UsageLog
Internet
Javascript
Link
1
2
3 4
56
7
89
10
CGI
CGI
11
Integration of Components
• Applications linked to "Sub-Buttons"
• Infobuttons inserted into applications
The Rules
1 - Javascript function handles HREF links
2 - "CGI" hidden variable passed to patcis.cgi
3 - Hidden variables: MRN, USER, SESSION
4 - SYSLOG if accessing clinical database
5 - Open new window where appropriate
6 - Include return code in dynamic documents
Hypertext Links in PatCIS
Instead of:<a href="mydoc.html">Click Here</a>
Use:<a href='javascript:parent.titleWin.document.FF.CGI.value="mydoc.html";parent.titleWin.document.FF.submit();'>Click Here</a>
CGI Calls in PatCISInstead of:
<FORM action="myapplication.cgi" name="Click Here" method="post"><INPUT type="SUBMIT" name="SUBMIT" value="My Button"></FORM>
Use:<FORM action="patcis.cgi" name="Click Here" method="post"><INPUT type="SUBMIT" name="SUBMIT" value="My Button"><INPUT type="HIDDEN" name="CGI" value="myapplication.cgi"><INPUT type="HIDDEN" name="USER" value="sandcar"><INPUT type="HIDDEN" name="MRN" value="3131313"><INPUT type="HIDDEN" name="SESSION" value="349860623"></FORM>
Exploitation of Web Resources• Patient education sites• Newsgroups
– Diabetes– PatCIS users
• Targeted resources– Pubmed– Micromedex
• Decision support systems– Body mass index calculator– Cholesterol guideline
Evaluation
• Log-on "Questionnaire of the Day"
• Usage log
• Phone interviews
• Usability laboratory
Experience with Our Design
• Application integration is easy
• Maintenance is nontrivial
• Major revision: blocking parts of the EMR
Mission Accomplished
• Open Architecture- Integration is simple- Security tasks managed- Tracks usage- Supports evaluation
• Closed Access- Authorization: modified by MD- Security: continuous authentication
Columbia University
NLM Postdoctoral Fellowships in Medical InformaticsJames Cimino: 212-305-8127 [email protected].
Advanced Degrees in Medical InformaticsStephen Johnson: 212-305-1858 [email protected]
http://www.cpmc.columbia.edu.
Columbia University
Faculty Position
George Hripcsak, MDDepartment of Medical InformaticsDAP-1310161 Fort Washington AvenueNew York, NY 10032
Columbia University is an equal opportunity and affirmative action employer
