Architecture for a Web-Based Clinical Information System
Download
Report
Transcript Architecture for a Web-Based Clinical Information System
Architecture for a
Web-Based Clinical Information System
that Keeps the Design Open
and the Access Closed
James J. Cimino, Soumitra Sengupta, Paul D. Clayton,
Vimla L. Patel, Andre Kushniruk, Xiaoli Huang
Department of Medical Informatics, Columbia University
Centre for Medical Education, McGill University
Task
• Create a secure Web-based clinical
information system interface...
... for patients (PatCIS)
• Create an environment that will facilitate
the rapid prototyping and simplified
integration that is conducive to testing
new ideas
Open Architecture
• Simplify integration
• Take care of security tasks
• Track usage
• Support evaluation
Closed Access
• Authorization:
– One-user, one-patient authorization
• Authentication:
– User ID and password
– SecurID token
– Secure Socket Layer encryption
– Single-use "log on" form
– Session ID
– Short time-out
– Long time-out
– Log out
User Interface Design
• Netscape Navigator 4.x
• Constant set of main function classes
• "Sub-buttons" are customizable
• Low-tech, minimal “flash”
Web Browser
Web Server
patcis.cgi
Logout
Data Entry
Review
Advice
Education
Comments
Help
Web Browser
Web Server
patcis.cgi
Data Entry
Java
script
Vital Signs
Logout
Data Entry
Review
Advice
Education
Comments
Help
Blood Sugar
Web Browser
Web Server
patcis.cgi
Data Entry
Vital Signs
Logout
Data Entry
Review
Advice
Education
Comments
Help
Blood Sugar
Session
Registry
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Session
Registry
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Comments
Help
Request
Password
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Session
Registry
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Comments
Help
Re-enter
Password
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Session
Registry
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Usage
Log
Comments
Help
Internet
CGI
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Comments
Link
CGI
Usage
Log
Help
Internet
CGI
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Comments
Link
CGI
Help
Internet
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Comments
Link
CGI
Help
Javascript
Internet
Web Server
Web Browser
patcis.cgi
Data Entry
Vital Signs
Blood Sugar
Logout
Data Entry
Review
Advice
Education
Comments
Link
CGI
Help
Internet
Web Server
Web Browser
2
patcis.cgi
Java
script
Vital Signs
Blood Sugar
Logout
Re-enter
Password
Review
Advice
Education
Comments
Link
6
CGI
8
9
10
Javascript
Internet
7
Usage
Log
Help
11
Session
Registry
5
Data Entry
1
4
3
Data Entry
CGI
Integration of Components
• Applications linked to "Sub-Buttons"
• Infobuttons inserted into applications
The Rules
1 - Javascript function handles HREF links
2 - "CGI" hidden variable passed to patcis.cgi
3 - Hidden variables: MRN, USER, SESSION
4 - SYSLOG if accessing clinical database
5 - Open new window where appropriate
6 - Include return code in dynamic documents
Hypertext Links in PatCIS
Instead of:
<a href="mydoc.html">Click Here</a>
Use:
<a href='javascript:parent.titleWin.document.
FF.CGI.value="mydoc.html";
parent.titleWin.document.FF.submit();'>
Click Here</a>
CGI Calls in PatCIS
Instead of:
<FORM action="myapplication.cgi" name="Click Here" method="post">
<INPUT type="SUBMIT" name="SUBMIT" value="My Button">
</FORM>
Use:
<FORM action="patcis.cgi" name="Click Here" method="post">
<INPUT type="SUBMIT" name="SUBMIT" value="My Button">
<INPUT type="HIDDEN" name="CGI" value="myapplication.cgi">
<INPUT type="HIDDEN" name="USER" value="sandcar">
<INPUT type="HIDDEN" name="MRN" value="3131313">
<INPUT type="HIDDEN" name="SESSION" value="349860623">
</FORM>
Exploitation of Web Resources
• Patient education sites
• Newsgroups
– Diabetes
– PatCIS users
• Targeted resources
– Pubmed
– Micromedex
• Decision support systems
– Body mass index calculator
– Cholesterol guideline
Evaluation
• Log-on "Questionnaire of the Day"
• Usage log
• Phone interviews
• Usability laboratory
Experience with Our Design
• Application integration is easy
• Maintenance is nontrivial
• Major revision: blocking parts of the EMR
Mission Accomplished
• Open Architecture
- Integration is simple
- Security tasks managed
- Tracks usage
- Supports evaluation
• Closed Access
- Authorization: modified by MD
- Security: continuous authentication
Columbia University
NLM Postdoctoral Fellowships in Medical Informatics
James Cimino: 212-305-8127
James.Cimino@columbia.edu.
Advanced Degrees in Medical Informatics
Stephen Johnson: 212-305-1858
Stephen.Johnson@columbia.edu
http://www.cpmc.columbia.edu.
Columbia University
Faculty Position
George Hripcsak, MD
Department of Medical Informatics
DAP-1310
161 Fort Washington Avenue
New York, NY 10032
Columbia University is an equal opportunity and affirmative action employer