- Consiglio Nazionale delle Ricerche (CNR), ICAR, Department Memberadd
- Mario Ciampi is a Senior Technologist at the Institute for High Performance Computing and Networking of the National ... moreMario Ciampi is a Senior Technologist at the Institute for High Performance Computing and Networking of the National Research Council of Italy (CNR-ICAR), where he works on technology research and development in the field of information systems, with particular regard to e-health interoperability.
He has held numerous leadership roles within industrial research projects co-funded by European Commission, Italian Ministries and Regions, and in conjunction with Departments and Agencies of the Italian Presidency of the Council of Ministers for the design and validation of large health information systems, with particular reference to interoperable Electronic Health Record system architectures at national and European level, in accordance with security and privacy regulations.
He acts as an evaluator of research projects in quality of expert for the European Union, national authorities and international advisory boards.
He is a member of the Board of Directors of HL7 Italy and of the UNI/CT 527 UNINFO Medical Informatics Commission. He participated in numerous working groups of the main national standardization bodies on health informatics, where he contributed to the development of national standards and norms. He is co-author of more than 100 scientific and technical papers published in international and national journals, conference proceedings, books, and institutional series. He also serves on the editorial boards and the program committees of several international journals, conferences, and workshops. He has been co-supervisor of numerous university theses.
He received a M.Sc. degree in Computer Engineering from the University of Naples Federico II in 2004. In 2007, he got a I level Master's degree in European Master on Critical Networked Systems from the University of Naples Parthenope. In 2011, he obtained a Ph.D. degree in Information Engineering from the University of Naples Parthenope. Since 2012, he is Adjunct Professor in Elements of Computer Science at the University of Naples Federico II.edit
Research Interests:
The healthcare ecosystem is complex by its inherent nature, which consists of a heterogeneous set of actors, entities, and subsystems to deliver multidisciplinary and collaborative health services. The increased use of connected medical... more
The healthcare ecosystem is complex by its inherent nature, which consists of a heterogeneous set of actors, entities, and subsystems to deliver multidisciplinary and collaborative health services. The increased use of connected medical devices makes such an ecosystem more vulnerable and increases the cyber-attack surface. Traditional security methods are insufficient to deal with such a high degree of interconnected medical and IoT devices. There is a need for security approaches based on concepts of collaboration, cooperation, autonomy and dynamism to ensure timely security of the whole healthcare ecosystem. This work adopts swarm-based principles with multi-agent systems to meet collaboration, distribution and robustness requirements, thus improving the healthcare ecosystem's security. The paper presents a swarm-based agent-to-agent communication model founded on the collaboration among primary and supervisor agents to acquire new knowledge related to the healthcare ecosystem. The proposed model is based on the direct collaboration between primary agents that provides supervisor agents with local security-related information and the indirect collaboration between supervisor agents that exchange stigmergic information through the environment to make a collectively informed decision. The communication model is implemented using the BDI (Belief-Desire-Intention) approach. The preliminary results show the communication model's robustness, scalability and responsiveness for securing the healthcare ecosystem.
Research Interests:
The healthcare sector is constantly facing challenges in ensuring security due to the sophisticated attacks by the threat actor for acquiring sensitive patient data. An attack on the system can pose any potential risk to the business... more
The healthcare sector is constantly facing challenges in ensuring security due to the sophisticated attacks by the threat actor for acquiring sensitive patient data. An attack on the system can pose any potential risk to the business continuity. The increased use of information technology in the modern healthcare system makes medical devices and systems more vulnerable to exploitation and possible cyber-security attacks. This paper proposes a flexible and decentralized cyber-security model based on the integration of multi-agent systems and swarm intelligence for tackling the propagation of attacks inside interconnected healthcare organizations and ensuring the whole healthcare ecosystem's security and resilience. The proposed model is based on the collaboration between the agents with different functions and cognitive capabilities, named primary and supervisor agents. Primary agents are lightweight BDI (Belief-Desire-Intention) agents implementing a minimum set of capabilities for monitoring a specific area of the healthcare system; supervisor agents incorporate an extended version of the BDI reasoning to provide advanced capabilities for securing the overall healthcare system by enabling collective intelligence and overall cyber-security awareness. The preliminary experimental results show that the model is robust and responsive for securing the ecosystem.
Research Interests:
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY
Research Interests:
The large availability of clinical natural language documents, such as clinical narratives or diagnoses, requires the definition of smart automatic systems for their processing and analysis, but the lack of annotated corpora in the... more
The large availability of clinical natural language documents, such as clinical narratives or diagnoses, requires the definition of smart automatic systems for their processing and analysis, but the lack of annotated corpora in the biomedical domain, especially in languages different from English, makes it difficult to exploit the state-of-art machine-learning systems to extract information from such kinds of documents. For these reasons, healthcare professionals lose big opportunities that can arise from the analysis of this data. In this paper, we propose a methodology to reduce the manual efforts needed to annotate a biomedical named entity recognition (B-NER) corpus, exploiting both active learning and distant supervision, respectively based on deep learning models (e.g., Bi-LSTM, word2vec FastText, ELMo and BERT) and biomedical knowledge bases, in order to speed up the annotation task and limit class imbalance issues. We assessed this approach by creating an Italian-language electronic health record corpus annotated with biomedical domain entities in a small fraction of the time required for a fully manual annotation. The obtained corpus was used to train a B-NER deep neural network whose performances are comparable with the state of the art, with an F1-Score equal to 0.9661 and 0.8875 on two test sets.
Research Interests:
The heterogeneity of the formats and standards of clinical data, which includes both structured, semi-structured, and unstructured data, in addition to the sensitive information contained in them, require the definition of specific... more
The heterogeneity of the formats and standards of clinical data, which includes both structured, semi-structured, and unstructured data, in addition to the sensitive information contained in them, require the definition of specific approaches that are able to implement methodologies that can permit the extraction of valuable information buried under such data. Although many challenges and issues that have not been fully addressed still exist when this information must be processed and used for further purposes, the most recent techniques based on machine learning and big data analytics can support the information extraction process for the secondary use of clinical data. In particular, these techniques can facilitate the transformation of heterogeneous data into a common standard format. Moreover, they can also be exploited to define anonymization or pseudonymization approaches, respecting the privacy requirements stated in the General Data Protection Regulation, Health Insurance Portability and Accountability Act and other national and regional laws. In fact, compliance with these laws requires that only de-identified clinical and personal data can be processed for secondary analyses, in particular when data is shared or exchanged across different institutions. This work proposes a modular architecture capable of collecting clinical data from heterogeneous sources and transforming them into useful data for secondary uses, such as research, governance, and medical education purposes. The proposed architecture is able to exploit appropriate modules and algorithms, carry out transformations (pseudonymization and standardization) required to use data for the second purposes, as well as provide efficient tools to facilitate the retrieval and analysis processes. Preliminary experimental tests show good accuracy in terms of quantitative evaluations.
Research Interests:
Healthcare is presumably one of the sectors which will have the higher prospects in the near future by adopting blockchain technologies. Indeed, blockchain technologies permit to keep track of the clinical consents, plans, and protocols... more
Healthcare is presumably one of the sectors which will have the higher prospects in the near future by adopting blockchain technologies. Indeed, blockchain technologies permit to keep track of the clinical consents, plans, and protocols related to a clinical trial or examination, so to get up to-date and tamper-proof documentation which can be shared only among the patient and the healthcare personnel which was authorized for that clinical trial or examination. Moreover, smart contracts can be deployed and executed within various phases of the above processes in order to ensure their transparency and compliance to some guidelines and/or standards. This paper presents a novel blockchain and smart contract-based architecture, designed for allowing health professionals and decision-makers to be aware of both the tasks of a health process currently carried out for the care of a patient, and the possible deviations made with respect to the planned process. In this way, it is possible not only to register in an immutable way the health and audit data related to a specific health task, but also to analyse the reasons for which some health processes were not carried out as initially scheduled.
Research Interests:
The increase of population life expectancy and of patient mobility makes necessary the development of new reliable and trust models for health provision within a patient-centric approach. For this reason, many proposals have been carried... more
The increase of population life expectancy and of patient mobility makes necessary the development of new reliable and trust models for health provision within a patient-centric approach. For this reason, many proposals have been carried out to make the current healthcare systems able to collect and analyze the great amount of patient clinical data produced by the health organizations in an interoperable way and according to shared processes. However, despite the ability of collecting such clinical data, approaches aimed at assuring that these data are produced strictly following quality processes still lack. This work presents a permissioned blockchain architecture designed to assure integrity of data and processes related to Electronic Health Records coherent with the Italian Interoperability Infrastructure. The proposed architecture is compliant with both the Italian Regulation on Electronic Health Record and the European Regulation on privacy. A proof-of-concept prototype implemented on the top of Hyperledger Fabric framework validates the feasibility of the proposed architecture against two relevant use cases, showing that the application of blockchain technology to the healthcare sector could provide important benefits in terms of process and data integrity and quality.
Research Interests: eHealth and Blockchain
Electronic health record (EHR) systems are designed and deployed to store data accurately and to capture the state of a patient across time, and they have been one of the major drivers to advance care in the last decade. However, the EHR... more
Electronic health record (EHR) systems are designed and deployed to store data accurately and to capture the state of a patient across time, and they have been one of the major drivers to advance care in the last decade. However, the EHR is not eligible in supporting a model that is beyond episodic visits, nor the idea of an integrated care plan that all care team members can view and contribute to. On the other hand, the concept of a longitudinal record and the idea of a "smart care plan" are key factors for paving the way toward Predictive, Preventive, Personalized and Participatory (P4-medicine), which arguably will be in a near future the only effective and sustainable approach for pandemics and “silent” chronic diseases. At the current state-of-the-art, the HL7 FHIR standard and distributed ledger technologies (DLTs) are two very promising areas of research and development in the context of health information management, and a proper synergy among their approaches, concepts and tools could overcome the limitations of EHR systems, giving rise to the hub of the IT infrastructure for P4-medicine. This chapter explores the potential and challenges of integrating the FHIR standard into DLTs, also through a concrete example of implementation.
Research Interests:
The automatic ICD-10 classification of medical documents is actually an unresolved issue, despite its crucial importance. The existence of machine learning approaches de-voted to this task is in contrast with the lack of annotated... more
The automatic ICD-10 classification of medical documents is actually an unresolved issue, despite its crucial importance. The existence of machine learning approaches de-voted to this task is in contrast with the lack of annotated resources, especially for languages different from English. Recent Transformer-based multilingual neural language models at scale have provided an innovative approach for dealing with cross lingual Natural Language Processing tasks. In this paper, we present a preliminary evaluation of the Cross-lingual Language Model (XLM) architecture, a recent multilingual Transformer-based model presented in literature, tested in the cross lingual ICD-10 multilabel classification of short medical notes. In detail, we analysed the performances obtained by fine tuning the XLM model on English language training data and tested for ICD-10 codes prediction of an Italian test set. The obtained results show that the use of the novel XLM multilingual neural language architecture is very promising and it can be very useful in case of low resource languages.
Research Interests:
In this paper we propose an architecture specifically devoted to the analysis of huge natural language biomedical textual collections, with the purpose of searching for semantic similarity in order to obtain useful hints for effective... more
In this paper we propose an architecture specifically devoted to the analysis of huge natural language biomedical textual collections, with the purpose of searching for semantic similarity in order to obtain useful hints for effective simulation that could help physicians in diagnosis tasks. We leverage Word Embedding models trained with word2vec algorithm and a Big Data architecture for their processing and management. We performed some preliminary analyses using a dataset extracted from the whole PubMed library and we developed a web front-end to show the usability of this methodology in a real context.
Research Interests:
Big Data paradigm is leading both research and industry effort calling for new approaches in many computer science areas. In this paper, we show how semantic similarity search for natural language texts can be leveraged in biomedical... more
Big Data paradigm is leading both research and industry effort calling for new approaches in many computer science areas. In this paper, we show how semantic similarity search for natural language texts can be leveraged in biomedical domain by Word Embedding models obtained by word2vec algorithm, exploiting a specifically developed Big Data architecture. We tested our approach using a dataset extracted from the whole PubMed library. Moreover, we describe a user friendly web front-end able to show the usability of this methodology on a real context that allowed us to learn some useful lessons about this peculiar kind of data.
Research Interests:
In this paper we address the problem of analyzing biomedical data collection with the purpose of searching for semantic similarity among textual documents. In details, we leverage Word Embeddings models obtained by word2vec algorithm and... more
In this paper we address the problem of analyzing biomedical data collection with the purpose of searching for semantic similarity among textual documents. In details, we leverage Word Embeddings models obtained by word2vec algorithm and a specific Big Data architecture for their management, defining an approach able to permit the retrieving of semantic similar texts among a huge biomedical text corpus. The proposed architecture has been developed with the purpose of improving a previous implementation, lowering the computational time and allowing in this way the use of the whole PubMed library as dataset, proving also the usability of this methodology in a real context.
Research Interests:
Named Entity Recognition (NER) systems allow complex concepts extraction and text mining from Natural Language documents. Actually, NER systems based on Deep Learning (DL) approaches are able to reach state-of-the-art performances when... more
Named Entity Recognition (NER) systems allow complex concepts extraction and text mining from Natural Language documents. Actually, NER systems based on Deep Learning (DL) approaches are able to reach state-of-the-art performances when applied to general domain texts. On the other hand, the performances of these systems decrease when they are applied to texts that belong to specific domains, such as the biomedical one. In particular, Biomedical NER (B-NER) is a crucial task for the automatic analysis of medical documents, such as Electronic Health Records (EHRs), in order to support the work of physicians and researchers. Thus, new approaches are required to boost B-NER systems performances. In this paper we analyze the behaviour of a B-NER DL architecture specifically devoted to Italian EHRs, focusing on the contribution of different Word Embeddings (WEs) models used as input text representation layer. The achieved results show the substantial contribution of WEs trained on a closed domain corpus exclusively formed by documents belonging to the biomedical domain. The resulting improvements are comparable with the ones obtained using the most recent and complex neural language models, such as ELMo or BERT, which have a much higher computational complexity if compared with classic WEs approach.
Research Interests:
In the last years, significant changes of important socioeconomic indicators, like population growth, life expectancy increase and patient mobility, have implied the need to provide new models for health provision. Thus, several efforts... more
In the last years, significant changes of important socioeconomic indicators, like population growth, life expectancy increase and patient mobility, have implied the need to provide new models for health provision. Thus, several efforts have been done to adequate and evolve the current e-health systems for enabling them to gather patient health data produced by health facilities in an interoperable way and according to shared business processes. However, even if such systems are now starting at collecting health data, it is still not possible to verify that all the tasks of a specific process are correctly executed. This work presents a permissioned blockchain architecture designed to manage the Electronic Health Records of the users, able to track the operations performed by the actors involved in a health process. The architecture proposed is compliant with both the Italian Regulation on Electronic Health Record and the recently introduced GDPR. A proof-of-concept of the architecture has been developed and validated against a relevant use case.
Research Interests:
In the current Italian eHealth scenario, a national IT platform has been designed and developed with the purpose of ensuring the interoperability between the various Electronic Health Record (EHR) systems that have been adopted in the... more
In the current Italian eHealth scenario, a national IT platform has been designed and developed with the purpose of ensuring the interoperability between the various Electronic Health Record (EHR) systems that have been adopted in the different regions of the country, according to the requirements provided by Italian Laws. In this way, the healthcare providers and the policy makers can acquire and process the data of a patient despite its initial format and source, allowing an improved quality of patient care and optimizing the management of the financial resources. To further exploit this huge resource of health and social data, it is very important to allow the extraction of the complex information buried under the Big Data source enabled by the EHRs, providing the physicians, the researchers and public health policy makers with innovative instruments. Meeting this need is not a trivial task, due to the difficulties of processing different document formats and processing Natural Language text, alongside to the problems related to the data size. In this paper we propose a Big Data architecture that is able to extract information from the documents acquired by the EHRs, integrate and process them, providing a set of valuable data for both physicians and patients, as well as decision makers.
Research Interests:
In this paper we propose a methodology based on a complex deep learning network topology, named Hierarchical Deep Neural Network (HDNN), applied to eXtreme Multi-label Text Classification (XMTC) problem. The HDNN topology reproduces the... more
In this paper we propose a methodology based on a complex deep learning network topology, named Hierarchical Deep Neural Network (HDNN), applied to eXtreme Multi-label Text Classification (XMTC) problem. The HDNN topology reproduces the label hierarchy. The main idea arises directly from the assumption that, if the label-set structure is defined, forcing this information into the network topology could improve classification performances and results interpretation. In this way, we define a method to force prior knowledge into the DNN. We perform the experimental assessment on a XMTC task related to a real application domain problem, namely the automatic labelling of biomedical scientific literature extracted from PubMed. The obtained preliminary results show that, despite the very high computational time needed to update the network weights, a slight performance improvement is obtained, with respect to a classical approach based on Convolution Neural Network. Some considerations will be drawn out to figure out possible key readings.
The classification of natural language texts has gained a growing importance in many real world applications due to its significant implications in relation to crucial tasks, such as Information Retrieval, Question Answering, Text... more
The classification of natural language texts has gained a growing importance in many real world applications due to its significant implications in relation to crucial tasks, such as Information Retrieval, Question Answering, Text Summarization, Natural Language Understanding. In this paper we present an analysis of a Deep Learning architecture devoted to text classification, considering the extreme multi-class and multi-label text classification problem, when a hierarchical label set is defined. The paper presents a methodology named Hierarchical Label Set Expansion (HLSE), used to regularize the data labels, and an analysis of the impact of different Word Embedding (WE) models that explicitly incorporate grammatical and syntactic features. We evaluate the aforementioned methodologies on the PubMed scientific articles collection, where a multi-class and multi-label text classification problem is defined with the Medical Subject Headings (MeSH) label set, a hierarchical set of 27,775 classes. The experimental assessment proves the usefulness of the proposed HLSE methodology and also provides some interesting results relating to the impact of different uses and combinations of WE models as input to the neural network in this kind of application.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Clinical information exchange among heterogeneous systems is a complex process. It is necessary to use dictionaries, coding standards (e.g. LOINC and SNOMED), and terminology services, in order to: i) produce machine-interpretable... more
Clinical information exchange among heterogeneous systems is a complex process. It is necessary to use dictionaries, coding standards (e.g. LOINC and SNOMED), and terminology services, in order to: i) produce machine-interpretable information and coded data, ii) reduce information exchange complexity, and iii) allow the fulfillment of semantic interoperability among several systems. This work presents a system to support healthcare professionals in the creation of clinical documents using appropriate standards and in the information reading and retrieval of interest on clinical documents. The system allows healthcare professionals to use standard codes easily (via terminology server) during the creation of documents. Similarly, it also permits the decoding of health standard codes, during the read documents process, to facilitate the obtaining of information. In summary, it makes use of a simple and intuitive graphical user interface and a Fast Healthcare Interoperability Resources (FHIR) terminology server to support healthcare professionals in diagnosing and treating patients.
Research Interests: eHealth and EHR Standards
In this paper we propose a novel approach to reduce the complexity of the definition and implementation of a medical document validation model. Usually the conformance requirements for specifications are contained in documents written in... more
In this paper we propose a novel approach to reduce the complexity of the definition and implementation of a medical document validation model. Usually the conformance requirements for specifications are contained in documents written in natural language format and it is necessary to manually translate them in a software model for validation purposes. It should be very useful to extract and group the conformance rules that have a similar pattern to reduce the manual effort needed to accomplish this task. We will show an innovative cluster approach that automatically evaluates the optimal number of groups using an iterative method based on internal cluster measures evaluation. We will show the application of this method on two case studies: i) Patient Summary (Profilo Sanitario Sintetico) and ii) Hospital Discharge Letter (Lettera di Dimissione Ospedaliera) for the Italian specification of the conformance rules.
Research Interests:
In the last decades, many standards, such as {HL}7 V2 and V3, have been proposed for the encoding of clinical documents with the purpose of ensuring syntactic and semantic interoperability among heterogeneous health information systems.... more
In the last decades, many standards, such as {HL}7 V2 and V3, have been proposed for the encoding of clinical documents with the purpose of ensuring syntactic and semantic interoperability among heterogeneous health information systems. Recently, {HL}7 has defined the new standard {FHIR} in response to limitations existing in {HL}7 V2 and V3. In Italy, {CDA} 2 is the reference standard for the storage of clinical documents. In order to encourage {FHIR} widespread getting its benefits, we propose an architectural model able to i) receive a query about clinical data contained in a {CDA} document, ii) identify required information, and iii) present it as a {FHIR} resource, on the basis of several {CDA} to {FHIR} mapping schemas. We focus on the information extraction from the Italian Patient Summary, a collection of the patient’s most significant clinical data. This choice emphasizes the advantages of using {FHIR} standard due to the possibility of extracting granular information of clinical interest from a full document.
Information management in healthcare is nowadays experiencing a great revolution. After the impressive progress in digitizing medical data by private organizations, also the federal government and other public stakeholders have also... more
Information management in healthcare is nowadays experiencing a great revolution. After the impressive progress in digitizing medical data by private organizations, also the federal government and other public stakeholders have also started to make use of healthcare data for data analysis purposes in order to extract actionable knowledge. In this paper, we propose an architecture for supporting interoperability in healthcare systems by exploiting Big Data techniques. In particular, we describe a proposal based on big data techniques to implement a nationwide system able to improve EHR data access efficiency and reduce costs.
Information management in healthcare is nowadays experiencing a great revolution. After the impressive progress in digitizing medical data by private organizations, also the federal government and other public stakeholders have also... more
Information management in healthcare is nowadays experiencing a great revolution. After the impressive progress in digitizing medical data by private organizations, also the federal government and other public stakeholders have also started to make use of healthcare data for data analysis purposes in order to extract actionable knowledge. In this paper, we propose an architecture for supporting interoperability in healthcare systems by exploiting Big Data techniques. In particular, we describe a proposal based on big data techniques to implement a nationwide system able to improve EHR data access efficiency and reduce costs.
The great benefits that Electronic Health Records are able to provide in terms of improvement of the quality of care and reduction of costs have led many international organizations to implement enabling systems. However, the systems... more
The great benefits that Electronic Health Records are able to provide in terms of improvement of the quality of care and reduction of costs have led many international organizations to implement enabling systems. However, the systems designed and realized are very often not able to interoperate each other, due to several reasons, varying from the existence of different local needs to the use of diverse health informatics standards. The lack of interoperability among these systems can result in decreased levels of quality of patient care and waste of financial resources. In Italy, the autonomy about healthcare delivered by the Italian Constitution to each region caused the spread of heterogeneous regional EHR systems, thus not able to interoperate each other. This paper presents the result of an effort made within a convention between the National Research Council of Italy and the Agency for Digital Italy, for the specification of the Italian architecture for the interoperability of regional EHR systems. Such an architecture has been defined according to the requirements provided by Italian Laws recently issued and approved by a National Technical Board.
Research Interests:
Currently, Integrated Home Care (IHC) represents a good alternative for providing health and social care but, even if several research efforts have been made, the complexity of the domain implies further investigation. In particular, the... more
Currently, Integrated Home Care (IHC) represents a good alternative for providing health and social care but, even if several research efforts have been made, the complexity of the domain implies further investigation. In particular, the lack of precision in defining activities, actors involved and goals have led some European countries including Italy to have low levels of coordination and integration of care delivery. In order to tackle this issue, this paper presents an analysis on existing IHC processes in Italy and, starting from the results of such an analysis, proposes an IHC process model represented by using the Business Process Model and Notation (BPMN). The choice of BPMN relies on its flexibility that makes it preferable if compared to other similar languages. Indeed, it offers two levels of representation: the graphical notation, that makes it simple to understand, and modeling constructs to represent the message-based interactions and the event-based decisions, and then relevant features such as dynamics. Additionally, such a modeling allows early detection and resolution of critical issues. This work can be an essential previous step for further analysis and improvements of IHC processes, including the adoption of ICT.
Research Interests:
In healthcare the fast retrieval of clinical information on a patient can be vital, for example in an emergency, and allows anyway, in normal situations, an improvement in the service of care and a consequent significant reduction in... more
In healthcare the fast retrieval of clinical information on a patient can be vital, for example in an emergency, and allows anyway, in normal situations, an improvement in the service of care and a consequent significant reduction in costs (for example, eliminating the need to repeat medical examinations). Health information systems, and in particular Electronic Health Record Systems, enable clinical information to be found quickly and in a distributed environment. The information should be
available only to authorized users, because much of it is sensitive. For this reason, it is necessary to use a mechanism
that realizes access control, the main goal of which is to guarantee the confidentiality and integrity of the data, and to
allow the definition of security rules which reflect the need for the privacy of the patients. In this work, we show the designed GUIs, which use the innovative access control system defined. GUIs allow patients to define in a detailed and clear manner the access rules concerning their clinical information, both in document and data form. The main innovation of this work is to provide the ability to protect the resources (documents and clinical data) of the system by presenting only the content of the information needed depending on the type of request made directly by the patients, the content being extrapolated from the resource request. This feature allows the definition of an access control model that increases the patients trust in the EHR system.
available only to authorized users, because much of it is sensitive. For this reason, it is necessary to use a mechanism
that realizes access control, the main goal of which is to guarantee the confidentiality and integrity of the data, and to
allow the definition of security rules which reflect the need for the privacy of the patients. In this work, we show the designed GUIs, which use the innovative access control system defined. GUIs allow patients to define in a detailed and clear manner the access rules concerning their clinical information, both in document and data form. The main innovation of this work is to provide the ability to protect the resources (documents and clinical data) of the system by presenting only the content of the information needed depending on the type of request made directly by the patients, the content being extrapolated from the resource request. This feature allows the definition of an access control model that increases the patients trust in the EHR system.
Research Interests:
Research Interests:
Electronic Health Record (EHR) systems have the aim to collect clinical documents about patients, which typically contain very sensitive information. In order to manage who can do what on such clinical documents in the system, it is... more
Electronic Health Record (EHR) systems have the aim to collect clinical documents about patients, which typically contain very sensitive information. In order to manage who can do what on such clinical documents in the system, it is necessary to use a security mechanism. The Access Control (AC) goal is to guarantee the confidentiality and integrity of the data, and to allow the definition of security policies which reflect the need for privacy. In this paper, we define an innovative access control model that allows, on one hand, to meet the main requirements for EHR systems, and on the other hand to permit patients to define in detailed and clear manner the privacy policies on their clinical documents. The main innovation of this work is the principle of least privilege philosophy usage in the information content of the clinical documents. This feature allows to define an access control model that increases the patients’ trust in the EHR system.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
In EHR systems, most of the data are confidential concerning the health of a patient. Therefore, it is necessary to provide a mechanism for access control. This has not only to ensure the confidentiality and integrity of the data, but... more
In EHR systems, most of the data are confidential concerning the health of a patient. Therefore, it is necessary to provide a mechanism for access control. This has not only to ensure the confidentiality and integrity of the data, but also to allow the definition of security policies which reflect the need for privacy of the patient who the documents refer to. In this paper we define a new Access Control (AC) model for EHR systems, that allows the patient to define access policies based on her/his need for privacy. Our model starts from the RBAC model, and extends it by adding characteristics and components to manage the access policies in a simple and dynamic manner. It ensures patient privacy, and for this reason we refer to it as a patient-centric AC model.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
ABSTRACT A key problem in healthcare informatics is the lack of interoperability among the information systems of different healthcare facilities. This problem hampers the possibility of collecting all the clinical documents of a patient... more
ABSTRACT A key problem in healthcare informatics is the lack of interoperability among the information systems of different healthcare facilities. This problem hampers the possibility of collecting all the clinical documents of a patient in order to establish his/her Electronic Health Record (EHR). In Italy, this is mainly due to the fact that the implementation of EHR systems has been carried out individually by each regional administration. To address this problem, the Italian Ministry for Public Administration and Innovation and the National Research Council of Italy have undertaken an initiative intended to define a federated interoperability infrastructure that aims at favoring the interconnection of the regional EHR systems. The software infrastructure, called InFSE, lies on a metadata information model shared by the different local EHR systems. This model allows i) the indexing, in regional registries, of patient clinical documents stored in repositories distributed at healthcare facilities according to a shared formalism, and ii) the management of federations of EHR systems. This paper presents the metadata information model for InFSE, obtained by specializing the OASIS ebXML Registry Information Model information model with concepts belonging to standards and initiatives for healthcare domains, such as HL7 RIM Version 3 and IHE XDS profile.
Research Interests:
Electronic Health Records (EHRs) systems enable the construction of longitudinal collection of health information about individual patients, by integrating health data produced by the healthcare facilities. The advantags associated with... more
Electronic Health Records (EHRs) systems enable the construction of longitudinal collection of health information about individual patients, by integrating health data produced by the healthcare facilities. The advantags associated with the use of such systems are in terms of improvement of quality of care and cost reduction. An important barrier to the availability of exhaustive longitudinal collections of health data is represented by the lack of interoperability among EHR systems. In Italy, each region has been developing its own EHR systems according to the
national guidelines and technical specifications compliant to the indications provided by a Italian Law issued in 2012 and updated in 2013. This paper describes the national technological framework designed from a National Technical Board for making interoperable the regional EHR systems each other, preserving the privacy of the patients. The framework, based on a System-of-Systems approach, enables healthcare professionals both to (i) consult health documents associated with a patient, even if they are produced in other regions, and (ii) register new health documents for patients assisted by other regions.
national guidelines and technical specifications compliant to the indications provided by a Italian Law issued in 2012 and updated in 2013. This paper describes the national technological framework designed from a National Technical Board for making interoperable the regional EHR systems each other, preserving the privacy of the patients. The framework, based on a System-of-Systems approach, enables healthcare professionals both to (i) consult health documents associated with a patient, even if they are produced in other regions, and (ii) register new health documents for patients assisted by other regions.