Given the ever-growing body of knowledge, healthcare improvement hinges more than ever on efficient knowledge transfer to clinicians and patients. Promoted initially by the Institute of Medicine, the Learning Health System (LHS) framework emerged in the early 2000s. It places focus on learning cycles where care delivery is tightly coupled with research activities, which in turn is closely tied to knowledge transfer, ultimately injecting solid improvements into medical practice. Sensitive health data access across multiple organisations is therefore paramount to support LHSs. While the LHS vision is well established, security requirements to support them are not. Health data exchange approaches have been implemented (e.g., HL7 FHIR) or proposed (e.g., blockchain-based methods), but none cover the entire LHS requirement spectrum. To address this, the Sensitive Data Access Model (SDAM) is proposed. Using a representation of agents and processes of data access systems, specific security requirements are presented and the SDAM layer architecture is described, with an emphasis on its mix-network dynamic topology approach. A clinical application benefiting from the model is subsequently presented and an analysis evaluates the security properties and vulnerability mitigation strategies offered by a protocol suite following SDAM and in parallel, by FHIR.
Learning Healthcare Systems are an emerging approach to healthcare research as translated into practice. For this purpose, a strong interconnection comes to be a necessity when dealing with healthcare services, research and knowledge transfer all at once. Practically, these connections imply that a routing protocol should guarantee anonymity to entities in compliance with both laws and ethical requirements while restricting the quantity of information obtainable had an entity been compromised. In order to bring more protection and meet all the requirements, a new message routing protocol is offered to allow the use of data access paths and to resist traffic analysis security threats. The protocol protects the addresses and roles pertaining to entities from any lurking malevolent minds by implementing proxies into a mix-network. Moreover, flows of synthetic datasets and contents identifiers are handled separately so as to curb any risk of re-identification. A model of this protocol is provided in the form of a multi-objective optimization problem, natively integrating objectives of minimizing both latency and entropy of the information exchanged. The assessment of this model shows that the constrained separation of data flows has a minimal impact on delay times, which not only reveals to be an acceptable compromise but also significantly increases security in data access.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.