Introduction to the Norwegian Directorate of e-Health and the forthcoming establishment of a National Service provider - Karl Vestli Director ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Introduction to the Norwegian Directorate of e-Health
and the forthcoming establishment of
a National Service provider
Karl Vestli
Director Strategy Division
Health and care services for all
Population GP acts as
4 600 GPs
5,3 million gatekeeper
Public Funding
Life Expectancy 82,4 10,5% of GDP 85 %
Source: Statistics Norway (2018) and
Norwegian Directorate of Health (2018)
Current situation: Challenge to achieve connected health across
the Norwegian health and care services
Nationally The
Parliament
Ministry of Local
Ministry of Health
Government and
and Care Services
Modernization
Regionally/ Regional health authorities 422 municipalities
locally
1.800 Contracted Specialists
4.600 General Practitioners
and institutions
Hospitals and Specialist health care Primary health care
Norwegian Directorate of eHealth
The Norwegian Directorate of eHealth
New government agency established January 1st 2016
Two roles
Government National eHealth
National governance,
Coordination and
solutions
standardization Citizens, health
Catalyst and driver providers, data
National Governance
Ministry of Health
National Advisory
and Care Services Board for eHealth
(NEHS)
National Forum
for Portfolio
Management
(NUIT)
Health Professional
and Architectural
Advisory board
(NUFA)
Plans for a national eHealth service provider
Strategy and Action plan for eHealth 2017-2022
Critical infrastructures and common building blocks
National governance of eHealth and increased ability to deliver
A selection of current national activities
ePrescription
Electronic
Use Common Messaging
infrastructure
Health Data
Health Portal
Personal Summary Care
One Health
Connected Record
Record
Care
Level of maturity
The directorate suggested the establishment of a national service provider in a report addressing the organization of IT in the health sector in 2017
Three recommendations in the report
... The creation of a national
service provider
… current and future … next step is to
national products/solutions detail the concept
should be transferred to the and implementation
service provider plan.
… the need to use private
vendors should be
emphasized in the strategy
for the national service
providerWhy new eHealth organization? Speed Rolle Finance Increase speed of • Directorate • Flexibility implementation • Service provider • Service pricing Need for joint efforts
A transition into two strong entities
Tasks and
responsibilities for
the directorate
National service
provider3
The national service provider will work closely with several product owners
Needs and Product owner Suppliers
requirements
Works with the
Specialist health Software
services
sector to define vendors
WHAT to develop
Primary health Operations
and care
services
National service provider
Professional provider
Other Other
resposible for determining
HOW to develop/source
products abd servicesProgramme objectives
• Establishment of a national service
provider using Norsk Helsenett
(Norwegian Health Network) as an
organizational base, and defining the
01 Decision support new role for the directorate
Develop a basis
• National governance and finance
for
governmental
02 Strategy: Dir. 2.0 • Strategy and governance for the new role
decision to for the directorate of eHealth.
establish new
eHealth • Development of the national service
organization by 03 Road map provider.
• Plan for implementation and
Jan 1st 2019. development according to objectives
and roadmap
08Deliverables; Programme NEO (New E-health Organization)
NEO
Programme
Organization, Organization, Models for governance Risk assessments Plan for transistion of Cost/benefit
reponsibilities and reponsibilities and and finance. Legal and security plans. existiting products and analysis + input for
tasks. Implementation tasks for «the structures and solutions 2019-2024 state budget 2019
plan for NSP. directorate 2.0» clarifications.Key questions
Who will decide and finance • Responsibilities and tasks • Company transition
national eHealth products and assigned to the directorate • What is the first step Jan 1st
solutions? and the NSP? 2019?
Governance and priorities? • Ownership of the NSP?
Business model?
• Company structure?Health Data Programme National Health Analysis Platform Marianne Braaten, Assistant Programme Manager Hanne Cecilie Otterdal, Enterprise Architect
Side 18
Side 19
Side 20
Side 21
Side 22
Norway is comparatively efficient at collecting health data,
but less adept at using it than our neighbors
Data governance
readiness
Technical and operational
readiness
Source: OECD, HCQI Survey of Electronic Health Record
System Development and Use, 2016 Side 23The Health Data Program (HDP)
Mission
Improved public health
Knowledge-based health services and efficient use of resources Empowered and involved citizens
More innovation and business
More and improved health research
development
Efficient health registry management and
Efficient reporting and access to health
operation Goals & Objectives data
Improved data protection Improved data quality
Administrative services for health data and research Results
§ Improved legal framework
Semantic interoperability Technical interoperability (API)
Common technical services and national infrastructureHealth analysis platform – Concept 7:
Closed analysis, ecosystem & open architecture
Citizens Health personnel Health leaders Government Researchers Industry
API: Access, exploration and dialogue
Closed / autonomous Open analysis and
Authorized analysis
API: Security and data protection
analysis tools
API: Administration
API: Analysis
Health
Analysis
Processed, connected health data Non-sensitive data
Platform
(HAP)
API: Data
Health registers, basic data, sensors, citizens and other sourcesWhat can researchers expect from The Health Analysis Platform?
The Health Analysis Platform
Health research platform (helsedata.org)
Receive
guidance
Apply for
Get an
data in one
overview
place
Execute Interact with
analysis citizens
Gain access
to data
Identity and access administration, anonymization, aggregation, masking, tracking, logging
Gathering, receiving, validation and transformation
Health registers, basic data, sensors, citizens and other sources
26Realization strategy X ✓
From data distribution to self-service analysis?
Average processing time for access to Norwegian health data
40
35
DELIVERY TIME (MONTHS)
30
25
20
17
15 17 months 17 seconds
10
5
0
1 2 3 4 5 6 7 8 9
NUMBER OF DATA SOURCESOne citizen – one record
The Norwegian healthcare sector is facing several challenges (as many others…)
1 400 000
1 200 000
1 000 000
90+ years
800 000
80-89 years
600 000
400 000
67-79 years
200 000
00
2000 2010 2020 2030 2040 2050
Source SSB
Increasing senior population Health problems change over time
Copyright study.com Norwegian Petroleum Directorate
Technology and society is changing Macroeconomic forecast is challenging
Current IT is unfit to deal with emerging challenges
Side 30Stortingsmelding no. 9 (2012-2013) defines three objectives for the IT
development in the healthcare system (Governmental white paper)
Healthcare personnel shall have user friendly and secure access to
patient information
The citizens shall have access to user friendly and secure digital
services
Data shall be accessible for quality improvement, health monitoring,
management and research
Side 31The directorate for eHealth recommends realization of the target for One citizen -
one journal through three strategic and parallel initiatives
Three strategic and parallell initiatives
Meld. St. 9 (2012-2013) Én innbygger – én journal
Further development of existing solutions in the specialist
health services in North, West and South East
Status: Ongoing
Establish a national solution for municipal healthcare
services
Status: In procurement
Establish one common solution for both primary and
specialist healthcare services for the health region in
central Norway.
Status: Preparing for procurement
Side 32One health record across all levels of care
A ground-breaking project in Central Norway
Øyvind Høyland
Prosjektleder teknisk delprosjektThe programme Helseplattformen
o For the first time, one common EHR solution shall be acquired
for both municipality and specialist health care services in one
region in Norway
o Central Norway (Midt-Norge) is a tryout arena for the national
objective “One citizen – one health record”
o Following a competitive dialogue with the supplier market, a
contract with one supplier will be signed in 2019An EHR solution across all levels of health care –
Helseplattformen in Central Norway
o The Central Norway
Health Authority Central Norway
and the municipality of Trondheim
Namsos
are owners and customers Trondheim
85 municipalities
Molde
Ålesund 8 hospitals
720,000 citizens (14%)
o All 85 municipalities have optional
42,000 health care
agreements Oslo professionalsA health record that follows the patient
Specialist health Municipal
care (hospitals) institutions
GPs Home care and
municipal health services
Enabling the patient to take on a more active role,
e.g. self-registration, booking, access and insightA long-lasting and complex acquisition process
2016 2017 2018 2019 2020 2021 2022
Planning the
competition Dialogue with suppliers Evaluation Adaptation
Pre- What solutions are Down- Implementation
qualification available? selection
of suppliers
101 Tender Final version Contract Tentative: 2nd
workshops deadline of tender signed implemen- phase:
with 400 May 3rd requirements ting in 2022
healthcare Trondheim
workers 2021
Parallel national process: «One health record»
The work from Central Norway will be re-used in the development of
a national solution for municipal/local health careTwo suppliers still in the competition
o Cerner
o Epic Tender documents available online
www.helseplattformen.noOverall objectives of the procurement
1. Increased treatment quality and 7. Improved management information
fewer patient injuries to aid quality and improvement
2. Access to continuously updated work in daily operations
clinical knowledge based on best 8. Reduced time spent on
practice documentation and search for
3. Provide the citizens with easy health information
access to their own health record 9. Compliance with national standards
and more influence on their own and requirements
course of treatment 10. Reduced need for municipal services
4. Increased interaction in and based on comprehensive
between the primary and specialist assessment of the patient’s
health care services functional abilities through generic
5. Improved data and information for pathways
use in research and innovation 11. The citizens shall be supported to
6. Increased efficiency and better use live longer independently in their
of resources own homesBroad, cross-disciplinary involvement
Widely 101
competent workshops
project with 400
members users
Tender documents
Collaboration on all
levels of authority Supplier dialogue
Documents available online
4000+ requirements www.helse-midt.no/helseplattformenToday: 21 patient record systems
Example: Surgery planning
PAS/ EPJ
Kurve
Anesthetic
Surgical nurse
nurse
Picis
Op-
Plan
Surgeon Anesthesiologist
Duplicated and sometimes contradictory information
Low degree of integration and communication between
systemsNew solution:
Different demands depending on role and context
Anesthetic
Surgical nurse
nurse
GP
Homecare nurse
Surgeon Anesthesiologist
Configurative interfaces towards role and context rather than from
the invividual systems to context21 user scenarios describing requirements
o Situations and processes with various patient – health service encounters
o Examples of the desired functionalities
o Demonstrating the need for overall thinking
o Asking suppliers to describe what kinds of support personnel can acquire
o Asking for input on improving and streamlining services, workflows and
clinical pathways
o Scenario example; surgery procedure
Booking Consultation Procedure Surgery Post-operative Check-out and
planning treatment local follow-upAreas of particular focus
Areas of particular focus
Chapter
4.1 Information security, privacy and access control
4.2 Usability
4.3 Report generator and data retrieval
4.4 Resource planning, scheduling and work lists
4.5 Multimedia
4.6 Closed loop medication
4.7 Knowledge and clinical decision support
4.8 Master data, reference data and terminologies
4.9 Administrative procedures
4.10 Pediatric care and child health
4.11 Medical device integration
4.12 Continuous and comprehensive medical chart solution
4.13 Specialties and specialised systems
46We shall actively include the patient in decisions regarding their own health and consider the patient’s experience and knowledge in the treatment. The empowered and contributing patient
Technical requirements – ambitions and goals
Move from message exchange
1 to information sharing
✓ Integrations
2 High level of standardisation ✓ Information content ( Reference data, terminologies and
master data)
✓ Operations and maintenance
Stimulate the use of structured data • Realize the ambition of active, clinical decision support
3 and storage of clinical information • Improve data and information base for research and innovation
throughout the solution • Improve administrative information as a basis for quality and
improvement work on daily operation
✓ Ability to adopt future technology to interact with
Technical platform that enables
4 future technology
Helseplattformen and its information baseInformation security – privacy – access control
Integrity
The information is trustworthyFor further reading, please visit our homepage Some content in English, including tender documents and functional requirements www.helseplattformen.no Central Norway Health Authority/ Helse Midt-Norge strategy 2030: https://helse-midt.no/strategi-2030 Directorate of eHealth: https://ehelse.no/
Thank you!
Norwegian Code of conduct for
information security in health care
Jan Gunnar Broch
Senior AdviserThe Helse Sør-Øst outsourcing incident
Helse Sør-Øst: Admits that foreign IT-
workers could access patient information
The Data Protection Authority found legal
breaches: Millions in fines after
outsourcing hospital- itTargeted cyber attack against Helse Sør-Øst
GDPR countdown…
Code of conduct for
information security in health care
The steering committee
Den offentlige tannhelsetjeneste
The secretariat
The sector
17 000 data controllers
Published first in 2006
Now: Version 5.2Background
• Extensive health and care
sector
• Organizationally fragmented
• Sensitive personal data
• Electronic exchange of
information
• Complicated legislation
58The Code of conduct Binding – The Code and some of the affiliation agreement with guidelines are translated to english Norwegian Health Network Guidelines Factsheets (best practice routines) Not binding
Examples - guidelines and factsheets
Guideline for remote access between
supplier and organization *
Guideline for privacy and information
security in medical devices
Fact sheet 6b: Security audits - Code
compliance checklist *
Guideline and template for general
practitioners and physicians in private
practice.
Guidelines for social media
Factsheet 42: Use of SMS for patient
contact *
* available in English
60Communication
Annual conference Newsletter Q&A email
• 4 times per year
• Subscribe at sikkerhetsnormen@ehelse.no
www.normen.no
Training and talks www.normen.no
Social media
• The documents
• Training • News
• Conferences • Training
• Lectures and talks • Etc.62
Why has the Code been a success?
Binding by contract
Non-bureaucratic – “bottom up”
The stakeholders are involved
Practical advices
Sector specific guidance
An arena for information security and privacy
questions
In partnership with the legislative authorities
Financed by the government
Simplifies, and makes complicated regulation more
accessibleExample:
CoC activities on medical devices information security
The «GE-incident»
Side 63Example:
CoC activities on medical devices information security
Define audience Develop and Communication
•Needs and risks publish • Training
guidance
•Measures and material • Talks
instruments • Newsletter and social
media
Reference group -> resource network
Side 6465
Challenges
Different kinds of needs – from
small GPs to big regions
Comprehensive document-portfolio
– update and review
Stricter than the law?
«Fragile» construction66
Focus 2017 and 2018:
Make the Code approveable as an article 40 CoC
The GDPR endorses the use of codes of
conduct to provide guidance on the GDPR’s
requirements
Drivers for change
New legislation, GDPR and health-legislation
New technology
New threat assessments
Expanded scope – information security AND
privacy
Working closely with the health sector and with
the Data Protection Authority to prepare for the
changesYou can also read
