660 likes | 671 Views
This presentation provides an overview of information management in the Belgian social and health care sector, including the role of stakeholders, divisions of tasks, and the implementation order used by the Crossroads Bank for Social Security (CBSS) and eHealth platform. The achievements and advantages in both sectors are highlighted, along with the critical success factors. The role of Smals, an organization specialized in information technology, is also discussed.
E N D
Information management in the Belgian social and health care sector Frank Robben General Manager CBSS andeHealth platform CEO Smals Sint-Pieterssteenweg 375 B-1040 Brussels Website CBSS: http://www.ksz.fgov.be eHealth platform portal: https://www.ehealth.fgov.be Personal website: www.law.kuleuven.be/icri/frobben
Structure of the presentation about me stakeholders of the Belgian social and health care sector divisions of tasks with regard to eGovernment/eHealth in the social and health care sector implementation order used by the CBSS in the social sector (start up 1991) achievements in the social sector advantages in the social sector and international recognition creation of the eHealth platform (start up 2008) principles implemented in the health care sector achievements in the health care sector advantages in the health care sector critical success factors Smals, an organisation specialised in information technology and related competencies
About me • °1961 • studied law, ICT, ICT audit, business administration and personal coaching in Leuven, Antwerp, Tübingen, Munich and Boston • 1986-1988: advisor to the Belgian Minister of Social Affairs • 1988-1991: advisor to the Belgian Prime Minister • 1990-now: co-founder Interdisciplinary Center for Law and ICT at KULeuven • 1991-now: member of the Belgian Privacy Commission • 1991-now: founder and general manager Crossroads Bank for Social Security • 2000-2001: founder and president of Fedict and co-developer of the Belgian electronic identity card • 2004-now: general manager Smals • 2008-now: founder and general manager eHealth-platform • see www.law.kuleuven.be/icri/frobben
Stakeholders • stakeholders of the Belgian social sector • > 11,000,000 citizens • > 220,000 employers • about 3,000 public and private institutions (actors) at several levels (federal, regional, local) • stakeholders of the Belgian health care sector • > 11,000,000 citizens • > 100.000 care providers (medical practitioners, dentists, clinical laboratories, pharmacists, physiotherapists, home nurses, …) • > 300 care institutions (hospitals, residential care homes, …) • health insurance funds • government institutions
Division of tasks • same division of tasks in both sectors • no central data storage but secured exchange of data • Crossroads Bank for Social Security (CBSS) in the social sector and eHealth platform in the health sector act as service integrators • common vision • driving force for change and change management • solid ICT architecture and performant basic ICT services • in charge of a highly protected ICT-cooperation platform, with a reference directory for • access control • routing • in some situations, automatic communication of alterations • process optimization, lateral way of thinking • standards • quality • information security • technical and semantic interoperability • cross-actor program and project management • training and coaching
Division of tasks • actors (or their ICT service providers) • development of value-added services for internal purposes (for themselves and their co-workers) and external purposes (for the citizens, companies, …) • information management according to agreed division of tasks • Smals, an association specialised in information technology and related competencies, owned by the public actors in the social and health sector • hires ICT-specialists at normal market conditions and puts them at the disposal of its members • elaborates shared ICT-services for its members (e.g. data centers, monitoring and supervision of applications, portal environments, …) • executes (common) projects for its members • has a research and development center for its members (recent European patent application for electronic (health) vault) 6
Implementation order used in the social sector • common vision on information management and information security • demonstration of feasibility • political and public support, support of the social partners, support of the social security institutions • basic legislation • creating an institution as a driving force (CBSS has been created in 1991) and a control committee on information security and privacy protection • translating the common vision on information management and information security • integration of unique identification key in all information systems
Common vision on information management • information is being modelled in such a way that the model fits in as closely as possible with the real world, in order to allow multifunctional use of information • information is collected from citizens and companies only once by the social sector as a whole, via a channel chosen by the citizens and the companies, preferably from application to application, and with the possibility of quality control by the supplier before the transmission of the information • the collected information is validated once according to established task sharing criteria, by the actor that is most entitled to it or by the actor which has the greatest interest in correctly validating it • a task sharing model is established indicating which actor stores which information as an authentic source, manages the information and maintains it at the disposal of the authorized users
Common vision on information management • information can be flexibly assembled according to ever changing legal concepts • every actor has to report probable errors of information to the actor that is designated to validate the information • every actor that has to validate information according to the agreed task sharing model, has to examine the reported probable errors, to correct them when necessary and to communicate the correct information to every known interested actor • once collected and validated, information is stored, managed and exchanged electronically to avoid transcribing and re-entering it manually • electronic information exchange can be initiated by • the actor that disposes of information • the actor that needs information • the CBSS that manages the interoperability framework
Common vision on information management • electronic information exchanges take place on the base of a functional and technical interoperability framework that evolves permanently but gradually according to open market standards, and is independent from the methods of information exchange • available information is used for • the automatic granting of benefits • prefilling when collecting information
Common vision on information security • security, availability, integrity and confidentiality of information is ensured by integrated structural, institutional, organizational, HR, technical and other security measures according to agreed policies • personal information is only used for purposes compatible with the purposes of the collection of the information • personal information is only accessible to authorized actors and users according to business needs, legislative or policy requirements • the access authorization to personal information is granted by an independent Sectoral Committee of the Privacy Commission, designated by Parliament, after having checked whether the access conditions are met • the access authorizations are public
Common vision on information security • every actual electronic exchange of personal information has to pass an independent trusted third party (basically the CBSS) and is preventively checked on compliance with the existing access authorizations by that trusted third party • every actual electronic exchange of personal information is logged, to be able to trace possible abuse afterwards • every time information is used to take a decision, the information used is communicated to the person concerned together with the decision • every person has right to access and correct his/her own personal data • every actor in the social sector disposes of an information security officer with an advisory, stimulating, documentary and control task
Implementation order used in the social sector • implementation of the ICT architecture and the basic ICT services • controlled access to databases with authentic data • re-engineering of processes between actors in the social sector at all government levels • re-engineering of processes between actors in the social sector and companies • re-engineering of processes between actors in the social sector and citizens • always combined with the necessary legislative changes
Achievements in the social sector • a network between all 3,000 social sector actors with a secure connection to the internet, the federal MAN, regional extranets, extranets between local authorities and the Belgian interbanking network • a unique identification key • for every citizen, electronically readable from an electronic social security card and an electronic identity card • for every company • for every establishment of a company • an agreed division of tasks between the actors within and outside the social sector with regard to collection, validation and management of information and with regard to electronic storage of information in authentic sources
Achievements in the social sector NOSS FPS SS NOSS-PLPS NISSE ASI citizen and company HVZ FPS ELSD RKW NEO Crossroads Bank for Social Security PDOS interPI network RIZIV FAO NIC: sickness fund network FOD SIGEDIS RVP RJV OSSO other social sector actors
Achievements in the social sector • 225 electronic services for mutual information exchange amongst actors in the social sector, defined after process optimization • nearly all direct or indirect (via citizens or companies) paper-based information exchange between actors in the social sector has been abolished • in 2010, 700 million electronic messages were exchanged amongst actors in the social sector, which saved as many paper exchanges • electronic services for citizens • maximal automatic granting of benefits based on electronic information exchange between actors in the social sector • 13 electronic services via an integrated portal • about 30 new electronic services are foreseen
Achievements in the social sector • 42 electronic services for employers, either based on the electronic exchange of structured messages or via an integrated portal site • 50 social security declaration forms for employers have been abolished • in the remaining 30 (electronic) declaration forms the number of headings has on average been reduced to a third of the previous number • declarations are limited to 4 events • immediate declaration of recruitment (only electronically) • immediate declaration of discharge (only electronically) • quarterly declaration of salary and working time (only electronically) • occurrence of a social risk (electronically or on paper) • in 2010, 25 million electronic declarations were made by all 220,000 employers, 98 % of which from application to application
Achievements in the social sector • an integrated portal site containing • electronic transactions for citizens, employers and professionals • simulation environments • information about the entire social security system • harmonized instructions and information model relating to all electronic transactions • a personal page for each citizen, each company and each professional • an integrated multimodal contact centre supported by a customer relationship management tool • a data warehouse containing statistical information with regard to the labour market and all branches of social security
Useful tool: the reference directory • reference directory • directory of available services/information • which information/services are available at any actor depending on the capacity in which a person/company is registered at each actor • directory of authorized users and applications • list of users and applications • definition of authentication means and rules • definition of authorization profiles: which kind of information/service can be accessed, in what situation and for what period of time depending on in which capacity the person/company is registered with the actor that accesses the information/service • directory of data subjects • which persons/companies have personal files at which actors for which periods of time, and in which capacity they are registered • subscription table • which users/applications want to automatically receive what information/services in which situations for which persons/companies in which capacity
1234567890 key 2 Useful tool: the social security card name Christian name date of birth sex social security number period of validity of the card card number sickness fund sickness fund registration number insurance period insurance status social exemption status key 1 other data to be added in the future, if useful
Uselful tool: the electronic identity card • identification of the holder • name • Christian names • nationality • date and place of birth • sex • identification number of the National Register • main residence • manual signature • electronic authentication of the identity of the holder (private key and certificate) • possibility for the holder to sign electronically (private key and certificate) • no encryption certificate • no electronic purse • no biometric data
Advantages • gains in efficiency • in terms of cost: services are delivered at a lower total cost • due to • a unique information collection using a common information model and administrative instructions • a lesser need to re-encoding of information by stimulating electronic information exchange • a drastic reduction of the number of contacts between actors in the social sector on the one hand and companies or citizens on the other • a functional task sharing concerning information management, information validation and application development • a minimal administrative burden • according to a study of the Belgian Planning Bureau, rationalization of the information exchange processes between the employers and the social sector implies an annual saving of administrative costs of about 1.7 billion € a year for the companies
Advantages • gains in efficiency • in terms of quantity: more services are delivered • services are available at any time, from anywhere and from several devices • services are delivered in an integrated way according to the logic of the customer • in terms of speed: the services are delivered in less time • benefits can be allocated quicker because information is available faster • waiting and travel time is reduced • companies and citizens can directly interact with the competent actors in the social sector with real time feedback
Advantages • gains in effectiveness: better social protection • in terms of quality: same services at same total cost in same time, but to a higher quality standard • in terms of type of services: new types of services, e.g. • push system: automated granting of benefits • active search of non-take-up using data warehousing techniques • controlled management of own personal information • personalized simulation environments • better support of social policy • more efficient combating of fraud
Creation of the eHealth platform in 2008 • in 2008, based on the experience in the social sector, a new parapublic institution, the eHealth-platform, has been created by law having as an overall objective • what ? • to optimize healthcare quality and continuity • to optimize patient safety • to simplify administrative formalities for all healthcare actors • to reliably support healthcare policy and research • how ? • trough a well-organised, mutual electronic service and information exchange between all healthcare actors • with the necessary guarantees in the area of information security, privacy protection and professional secrecy • the eHealth-platform is governed by representatives of the stakeholders (health care providers, health care institutions, patients, sickness funds, relevant government institutions, …)
Some evolutions in healthcare • more chronic care on top of merely acute care • remote care (monitoring, assistance, consultation, diagnosis, operation, ...) • mobile care • multidisciplinary, transmural and integrated care • patient-oriented care and patient empowerment • rapidly evolving knowledge => need for reliable, coordinated knowledge management and accessibility • threat of excessively time-consuming administrative processes • reliable support for healthcare policy and research requires reliable, integrated and anonymous information • cross-border mobility
Those evolutions require ... • collaboration between all actors in healthcare, not necessarily based on centralized data storage • efficient and safe electronic communication between all actors in healthcare • high quality electronic patient records, across specialties • technical and semantic interoperability • optimized processes • guarantees for • information security • privacy protection • respect for the professional secrecy of healthcare providers • trust of all stakeholders in the preservation of the necessary autonomy and the security of the system
Electronic communication also stimulates … • quality of care and patient safety • prevention of erroneous care and drugs • negative drug interaction • drug contraindications (e.g. allergies, diseases, …) • prevention of errors in administering care and drugs • availability of trustworthy databases containing information about best care practices and decision support tools • qualitative support of health care policy and health care research based on reliable, integrated and anonymized information
Principles implemented in the health care sector • at first creation of an adequate governance and consultative structure about eHealth and then further implementation under control of the governance and consultative structure • stimulation of multidisciplinary and high quality electronic patient records • if the patient wishes so, gradual referencing to places where his/her personal health data are available • common patient identifier • well elaborated legal and ethical framework • patient rights • privacy protection • professional secrecy • respect for local, regional or national health care organisation structures and initiatives • never use ICT to impose change to organisational structures !
Principles implemented in the health care sector • interoperable technical platform for safe and reliable electronic information exchange • based on a service oriented architecture • with common basic services provided for free such as • process orchestration • integrated portal • user and access management (ao proof of consent of patient and of therapeutic relationship between user and patient) • logging • reference directory • encryption • eHealth-box • time stamping • coding and anomyzation • eHealth vault • using technical and semantic interoperability standards
Principles implemented in the health care sector hospital other care institution other care provider citizen hospital medical practitioner hub hospital health insurance fund pharmacist hospital eHealth platform basic services hub health insurance fund NIC hospital health insurance fund hospital prescription server FAMHP RIZIV Communities FPS PH
Principles implemented in the health care sector • special attention to information security and privacy protection • end-to-end encryption of exchanged personal health data • very thorough preventive access control • personal health data can only be exchanged with permission provided legally, by the Privacy Commission or by the patient • logging of electronic services performed (who, what, about whom, when – not exchanged personal health data !) • information safety policies and advisors in health care institutions • long-term vision combined with quick wins • concrete collaboration programs and projects with added value, e.g. • multidisciplinary electronic summary patient record • electronic exchange of (structured) information between health care providers • electronic health care prescription • simplification of administrative processes • electronic consultation of health care insurance status • …
Achievements in the health care sector • 9 basic services are in production • 27 value-added electronic services for health care actors have been implemented within 2 years by several partners, always using the basic services of the eHealth-platform • choice for a unique patient identifier and the use of an electronic identity card were very useful • initial fear of health care providers and patients has turned into enthusiasm to collaborate
Achievements / Projects • numerous projects • communication system of electronic patient records between care providers • hospitals: hubs & metahub • extra muros care providers: extra-muros vault • electronic prescription • in-hospital: legal value through time-stamping and identification/authentication • ambulatory: recip-e project • handling of reimbursement requests (chapter 4) • disease en therapy registries • cancer registry, other diseases • implant registries: orthopride (hip- and knee replacements), Qermid (cardiac devices) • Evidence Based Medicine • distribution of guidelines and advice, inclusion in software packages • verification and registration of medical record software packages • semantic interoperability • …
Hospitals A 3: Fetch data from hub A Hub 1: Where can we find data? Meta- Hub 2: In hub A and C 3: Fetch data from hub C C B
Software As A service Own Software Software As A service Own software Software As A service eHealth kadaster eHealth box Patient Informed consent by the patient Therapeutic relationships Specialist GP Pharmacist … Homecare MetaHUB eHealth basic services Hospital HUB encryption granular access NISS Extra mural vault Cloud computing
Without keys X!ilqshnf2@0à In DB : Key 1 Key 2 X!ilqshnf2@0à Result :
With key 1 X!ilqshnf2@0à In DB : Key 1 Key 2 B8i!(mà}z1&ajt Result :
With key 2 X!ilqshnf2@0à In DB : Key 1 Key 2 K9l#'ç9gnh3lk Result :
With both keys X!ilqshnf2@0à In DB : Key 1 Key 2 Clear data Result :
Towards a network of service integrators Service integrator (Corve, Easi- Wal, CIRB, …) RPS RPS Services repository Extranet region or community Service integrator (CBSS) Services repository ASS Extranet social sector Doctor ASS Internet Service integrator (eHealth) FPS ASS VPN, … Services respository FPS FEDMAN Service integrator (FEDICT) Pharmacist Hospital FPS Services repository
Advantages gains in efficiency in terms of cost: health care services are delivered at a lower total cost due to avoiding unnecessary multiple medical examinations avoiding errors causing health care a minimal administrative burden for health care providers and patients, enabling health care providers to spend the maximum available time on healthcare in terms of quantity: more services are delivered relevant information is available at any time, from anywhere and from several devices services are delivered in a more integrated way: one connection to an electronic platform suffices for the use of several applications
Advantages • gains in efficiency • in terms of speed: the services are delivered in less time • health care can be allocated quicker because relevant information is available faster • waiting and travel time is reduced • health care providers (and patients) can interact directly with real time feedback
Advantages • gains in effectiveness: better health care provision and patient safety • in terms of quality: same services at same total cost in same time, but to a higher quality standard • support of multidisciplinary and transmural cooperation • easier referrals between healthcare providers / institutions • customized valorization of knowledge • improved support in the practice of the health care provider • more transparancy to and empowerment of the patient • in terms of type of services: new types of services, e.g. • remote care • mobile care • better support of health policy and research • more efficient combating of fraud
Critical success factors common vision oriented towards gain of efficiency and effectiveness and added value for all users (citizens, companies, care providers and care institutions, actors in the social sector, …) starting from health care and social protection objectives irrespective of government levels and actors translated into objectives for each government level and each group of actors, according to the division of tasks and responsabilities with derived objectives with regard to information management and information security for all actors involved basic principles for everyone, preferably fixed within enforceable legal framework objectives per group of actors and per actor translated into operational programs and projects balanced mix of long-term and quick wins multidisciplinary approach (BPR, change management, legal aspect, technical aspect, …) 50