Telbios S.r.l, Milan, Italy.
Fondazione Santobono Pausilipon, Naples, Italy.
J Biomed Inform. 2019 Jun;94:103183. doi: 10.1016/j.jbi.2019.103183. Epub 2019 Apr 19.
Health data exchange is a major challenge due to the sensitive information and the privacy issues entailed. Considering the European context, in which health data must be exchanged between different European Union (EU) Member States, each having a different national regulatory framework as well as different national healthcare structures, the challenge appears even greater. Europe has tried to address this challenge via the epSOS ("Smart Open Services for European Patients") project in 2008, a European large-scale pilot on cross-border sharing of specific health data and services. The adoption of the framework is an ongoing activity, with most Member States planning its implementation by 2020. Yet, this framework is quite generic and leaves a wide space to each EU Member State regarding the definition of roles, processes, workflows and especially the specific integration with the National Infrastructures for eHealth. The aim of this paper is to present the current landscape of the evolving eHealth infrastructure for cross-border health data exchange in Europe, as a result of past and ongoing initiatives, and illustrate challenges, open issues and limitations through a specific case study describing how Italy is approaching its adoption and accommodates the identified barriers. To this end, the paper discusses ethical, regulatory and organizational issues, also focusing on technical aspects, such as interoperability and cybersecurity. Regarding cybersecurity aspects per se, we present the approach of the KONFIDO EU-funded project, which aims to reinforce trust and security in European cross-border health data exchange by leveraging novel approaches and cutting-edge technologies, such as homomorphic encryption, photonic Physical Unclonable Functions (p-PUF), a Security Information and Event Management (SIEM) system, and blockchain-based auditing. In particular, we explain how KONFIDO will test its outcomes through a dedicated pilot based on a realistic scenario, in which Italy is involved in health data exchange with other European countries.
健康数据交换是一个主要挑战,因为涉及到敏感信息和隐私问题。考虑到欧洲的情况,在欧洲联盟(EU)成员国之间必须交换健康数据,每个成员国都有不同的国家监管框架和不同的国家医疗保健结构,因此挑战更大。欧洲曾试图通过 2008 年的 epSOS(“面向欧洲患者的智能开放服务”)项目来应对这一挑战,这是一个关于特定健康数据和服务跨境共享的欧洲大型试点项目。该框架的采用是一项正在进行的活动,大多数成员国计划在 2020 年前实施该框架。然而,该框架相当通用,为每个欧盟成员国在定义角色、流程、工作流程以及特别是与国家电子卫生基础设施的具体整合方面留下了很大的空间。本文旨在展示过去和正在进行的各项举措在欧洲跨境健康数据交换方面不断发展的电子卫生基础设施的现状,并通过描述意大利如何采用和应对已确定障碍的具体案例研究,说明挑战、未决问题和局限性。为此,本文讨论了伦理、监管和组织问题,还重点关注了互操作性和网络安全等技术方面。关于网络安全方面本身,我们介绍了 KONFIDO 欧盟资助项目的方法,该项目旨在通过利用新方法和最先进技术,例如同态加密、光子物理不可克隆功能(p-PUF)、安全信息和事件管理(SIEM)系统以及基于区块链的审计,加强欧洲跨境健康数据交换的信任和安全性。特别是,我们解释了 KONFIDO 将如何通过基于实际场景的专门试点来测试其成果,其中意大利参与了与其他欧洲国家的健康数据交换。
