Developing an infrastructure for secure patient summary exchange in the EU context: Lessons learned from the KONFIDO project.

BACKGROUND: The increase of healthcare digitalization comes along with potential information security risks. Thus, the EU H2020 KONFIDO project aimed to provide a toolkit supporting secure cross-border health data exchange. METHODS: KONFIDO focused on the so-called "User Goals", while also identifying barriers and facilitators regarding eHealth acceptance. Key user scenarios were elaborated both in terms of threat analysis and legal challenges. Moreover, KONFIDO developed a toolkit aiming to enhance the security of OpenNCP, the reference implementation framework. RESULTS: The main project outcomes are highlighted and the "Lessons Learned," the technical challenges and the EU context are detailed. CONCLUSIONS: The main "Lessons Learned" are summarized and a set of recommendations is provided, presenting the position of the KONFIDO consortium toward a robust EU-wide health data exchange infrastructure. To this end, the lack of infrastructure and technical capacity is highlighted, legal and policy challenges are identified and the need to focus on usability and semantic interoperability is emphasized. Regarding technical issues, an emphasis on transparent and standards-based development processes is recommended, especially for landmark software projects. Finally, promoting mentality change and knowledge dissemination is also identified as key step toward the development of secure cross-border health data exchange services.

The European cross-border health data exchange roadmap: Case study in the Italian setting.

Health data exchange is a major challenge due to the sensitive information and the privacy issues entailed. Considering the European context, in which health data must be exchanged between different European Union (EU) Member States, each having a different national regulatory framework as well as different national healthcare structures, the challenge appears even greater. Europe has tried to address this challenge via the epSOS ("Smart Open Services for European Patients") project in 2008, a European large-scale pilot on cross-border sharing of specific health data and services. The adoption of the framework is an ongoing activity, with most Member States planning its implementation by 2020. Yet, this framework is quite generic and leaves a wide space to each EU Member State regarding the definition of roles, processes, workflows and especially the specific integration with the National Infrastructures for eHealth. The aim of this paper is to present the current landscape of the evolving eHealth infrastructure for cross-border health data exchange in Europe, as a result of past and ongoing initiatives, and illustrate challenges, open issues and limitations through a specific case study describing how Italy is approaching its adoption and accommodates the identified barriers. To this end, the paper discusses ethical, regulatory and organizational issues, also focusing on technical aspects, such as interoperability and cybersecurity. Regarding cybersecurity aspects per se, we present the approach of the KONFIDO EU-funded project, which aims to reinforce trust and security in European cross-border health data exchange by leveraging novel approaches and cutting-edge technologies, such as homomorphic encryption, photonic Physical Unclonable Functions (p-PUF), a Security Information and Event Management (SIEM) system, and blockchain-based auditing. In particular, we explain how KONFIDO will test its outcomes through a dedicated pilot based on a realistic scenario, in which Italy is involved in health data exchange with other European countries.

Critical failures in the use of home ventilation medical equipment.

Home ventilation involves the use of medical devices at patient's home by personnel who are not healthcare practitioners. This implies new potential risks not fully addressed by current standards and guidelines. A methodological approach to investigate potential failures and define improvement actions to address the dangerous potential situations in HV is required. A multidisciplinary team performed an extended version of Failure Mode, Effect and Criticality Analysis (FMECA) to analyse the home ventilation service provided by the Local Healthcare Unit of Naples (ASL NA1) that assisted 60 homebound ventilator dependent patients. The failures were identified in three risk areas: device, electrical system & fire hazard, and indoor air quality. The corrective actions were formulated with two extra steps: identification of critical failures with a threshold applied to the risk priority number and analysis of causes by means of contributory factors (Organization, Technology, Information, and Structure) based on Reason's theory of failures. 22 of 86 potential failures were identified as critical. Specific corrective actions were addressed and proposed through contributory factors to improve the overall quality of home ventilation service. The use of this systemic approach oriented the improvements to reduce the harms caused by vulnerabilities in high-risk care service as life support home ventilation.

Comprehensive user requirements engineering methodology for secure and interoperable health data exchange.

BACKGROUND: Increased digitalization of healthcare comes along with the cost of cybercrime proliferation. This results to patients' and healthcare providers' skepticism to adopt Health Information Technologies (HIT). In Europe, this shortcoming hampers efficient cross-border health data exchange, which requires a holistic, secure and interoperable framework. This study aimed to provide the foundations for designing a secure and interoperable toolkit for cross-border health data exchange within the European Union (EU), conducted in the scope of the KONFIDO project. Particularly, we present our user requirements engineering methodology and the obtained results, driving the technical design of the KONFIDO toolkit. METHODS: Our methodology relied on four pillars: (a) a gap analysis study, reviewing a range of relevant projects/initiatives, technologies as well as cybersecurity strategies for HIT interoperability and cybersecurity; (b) the definition of user scenarios with major focus on cross-border health data exchange in the three pilot countries of the project; (c) a user requirements elicitation phase containing a threat analysis of the business processes entailed in the user scenarios, and (d) surveying and discussing with key stakeholders, aiming to validate the obtained outcomes and identify barriers and facilitators for HIT adoption linked with cybersecurity and interoperability. RESULTS: According to the gap analysis outcomes, full adherence with information security standards is currently not universally met. Sustainability plans shall be defined for adapting existing/evolving frameworks to the state-of-the-art. Overall, lack of integration in a holistic security approach was clearly identified. For each user scenario, we concluded with a comprehensive workflow, highlighting challenges and open issues for their application in our pilot sites. The threat analysis resulted in a set of 30 user goals in total, documented in detail. Finally, indicative barriers of HIT acceptance include lack of awareness regarding HIT risks and legislations, lack of a security-oriented culture and management commitment, as well as usability constraints, while important facilitators concern the adoption of standards and current efforts for a common EU legislation framework. CONCLUSIONS: Our study provides important insights to address secure and interoperable health data exchange, while our methodological framework constitutes a paradigm for investigating diverse cybersecurity-related risks in the health sector.

A prospective risk assessment of informal carers' medication administration errors within the domiciliary setting.

Increasingly, medication is being administered at home by family and friends of the care-recipient. This study aims to identify and analyse risks associated with potential drug administration errors made by informal carers at home. We mapped medication administration at home with a multidisciplinary team that included carers, health care professionals and patients. Evidence-based risk-analysis methodologies were applied: Healthcare Failure Modes and Effect Analysis (HFMEA), Systematic Human Error Reduction and Prediction Analysis (SHERPA) and Systems-Theoretic Accident Model and Processes (STAMP). The process of administration comprises seven sub-processes. Thirty-four possible failure modes were identified and six of these were rated as high risk. These highlighted that medications may be given with a wrong dose, stored incorrectly, not discontinued as instructed, not recorded, or not ordered on time, and often caused by communication and support problems. Combined risk analyses contributed unique information helpful to better understand the medication administration risks and causes within homecare. Practitioner Summary: Increasingly, medication is being administered at home by family and friends of the care-recipient. This study identifies risks associated with potential drug administration errors made by informal carers at home through consensus-based quantitative techniques. The different analyses contribute unique information helpful to better understand the administration risks and causes.