Presentation is loading. Please wait.

Presentation is loading. Please wait.

ISSRG Information Systems Security Research Group Contact: An Application Programming Interface for.

Published byTyler Palmer Modified over 8 years ago

Similar presentations

Presentation on theme: "ISSRG Information Systems Security Research Group Contact: An Application Programming Interface for."— Presentation transcript:

1 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk An Application Programming Interface for the Electronic Transmission of Prescriptions Presented By: D. P. Mundy Other Authors: Prof. D. W. Chadwick, Dr E. Ball ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Synopsis Prescribing in the UK The Pilots and Salford Models Potential Benefits / Problems Present Status Thanks to:

2 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Synopsis The United Kingdom (UK) National Health Service (NHS) NHS Plan –Implement ETP by 2004 3 pilot systems –Transcript consortium (Large pharmacies and Pharmed) –Pharmacy2U consortium (An Internet pharmacy) –Flexiscript consortium (Microsoft, SchlumbergerSema)

3 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Salford ETP Project Funded by the UK’s Engineering and Physical Sciences Research Council (EPSRC) 3 Year Project commenced September 2000 Carried out in collaboration with Huddersfield University and Hope Hospital, Salford £261k funding

4 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Prescribing in the UK 4. Prescriptions Batched and sent to the PPA 1. Creates & signs Prescription 2. Patient Hands Prescription to Pharmacist (Maybe signed to claim exemption) 5. Prescriptions Processed and payment sent back to Dispenser 3. Drugs Dispensed to Patient, money to dispenser if the patient is not exempt

5 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Problems with Present Practice Fraud –Stolen Prescription Pads, Altered Dispensation Amounts Data Integrity –Phone Call Clarification, Illegible Scripts Administrative Workload –578 million prescribed items in 2001 Efficiency –60% of Pharmacists believed that the introduction of electronic prescribing would lead to time savings (Kember Associates, 1999) Patient Exemptions / Identification –Pharmacy Check

6 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk ETP Worldwide Denmark –35 per cent of prescriptions now sent electronically (Middleton,2000) Germany –Electronic health card USA –State ETP systems UK –Hospital ETP systems and Pharmed trial

7 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk The Pilots and the Salford Model

8 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Transcript Consortium Model

9 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Transcript Model Perceived Benefits Patient retains freedom of choice and has control over their own privacy No reliance on a central database repository - therefore performance of system similar to present paper based system Mirrors present system just reduces fraud and administrative workload for the PPA

10 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Transcript Model Perceived Problems Barcode Readers Complex and Expensive Limit on size of prescription Exemptions not automatic Lost prescription requires GP callback Barcode error rates

11 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Pharmacy2U Consortium Model

12 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Pharmacy2U Model Perceived Benefits Patient may or may not have freedom of choice Very low chance of lost prescriptions No paper version of the prescription May lead to advanced patient care

13 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Pharmacy2U Model Perceived Problems DIRECTED Prescriptions may lead to severe consequences for high street pharmacy May be a problem with patient acceptance

14 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Flexiscript Consortium Model

15 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk FlexiScript Model Perceived Benefits GP And Pharmacy Applications Interface With Model Without The Need For Additional Hardware Patient Retains Freedom of Choice

16 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk FlexiScript Model Perceived Problems May be performance issues at the relay Patient doesn‘t have complete control over their own privacy and lost script token requires GP callback Prescriptions may be stored in the clear Exemptions not automatic

17 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk University of Salford Model

18 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk University of Salford Model Perceived Benefits Patient retains freedom of choice and has protection of their own privacy Automatic Exemption and Authorisation Checking In many ways mirrors present system (just electronically) Only normal barcode scanners required at the pharmacy

19 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk University of Salford Model Perceived Problems Lost prescription - requires GP call Performance better than Flexiscript model since only encrypting once. (Research currently being undertaken to measure precise advantage)

20 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Design Issues Stakeholder Acceptance –Little change to procedures Barcodes - Patient, GP, Pharmacist Recovery procedures –Maintained freedom of choice for patient

21 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Security Considerations An Electronic Prescription Processing System must provide:- –Confidentiality > Encryption/Link Security –Secure Authentication > Digital Signatures –Secure Authorisation > Privilege Management Infrastructure –Integrity > Digital Signatures –Non-Repudiation of Origin > Digital Signatures

22 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Security Model Comparison (1)

23 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Security Model Comparison (2)

24 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Present Status An API designed to facilitate the introduction of our proposed electronic prescription processing system design has been built. Disparate applications can call our API to transfer prescriptions electronically –Described within the paper Evaluation Phase –Qualitative Evaluation -Stakeholder Focus Groups –Quantitative Evaluation - Performance Research

25 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk The API Three subsystems (Prescribing, Dispensing and PPA Operations) Works in conjunction with two digitially signed supporting third party class structures –Security class structure –Directory configuration class structure

26 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Security Class Structure EPP Security Abstract Base Class

27 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk API Operation - Example Prescribing Subsection initialiseEPP PrescribingOperations class (Security,Directory Config) setupPrescription(Patient details) addPrescriptionItem(Item details) signAndStorePrescription() Prescriber application prints prescription Prescription Store Access Established Checks Authorisation Logged in Security class Directory Configuration class getPrescriptionEncryptionKey() getBarcodeKeyValue() Joe Bloggs Age 24 Paracetamol Differin Signature

28 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Further Information For further research related to this project please visit http:\\sec.isi.salford.ac.uk\

29 ISSRG Information Systems Security Research Group Contact: D.Mundy@salford.ac.uk http://sec.isi.salford.ac.uk Questions

Download ppt "ISSRG Information Systems Security Research Group Contact: An Application Programming Interface for."

Similar presentations

Kristiina Rebane Ministry of Social Affairs of Estonia eHealth in Estonia.

Kristiina Rebane Ministry of Social Affairs of Estonia eHealth in Estonia.
Www.npfit.nhs.uk IPPR: Front Line Delivery Challenges Wednesday 15 December 2004 Gordon Hextall.

IPPR: Front Line Delivery Challenges Wednesday 15 December 2004 Gordon Hextall.
Chris Town Chief Executive Greater Peterborough Primary Care Partnership Chair, New Contractual Framework for Community Pharmacy Negotiating Group The.

Chris Town Chief Executive Greater Peterborough Primary Care Partnership Chair, New Contractual Framework for Community Pharmacy Negotiating Group The.
HES Data Management Ari Haukijärvi. Planning of HES Data Management Purpose of the data management The data will be available for analysis The available.

HES Data Management Ari Haukijärvi. Planning of HES Data Management Purpose of the data management The data will be available for analysis The available.
International Telecommunication Union Workshop on Standardization in E-health Geneva, 23-25 May 2003 The Use of X.509 in E-Healthcare Professor David W.

International Telecommunication Union Workshop on Standardization in E-health Geneva, May 2003 The Use of X.509 in E-Healthcare Professor David W.
A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.

A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
1 Introduction General Accounting is responsible for managing the University’s general ledger accounting system. The General Accounting office’s main goal.

1 Introduction General Accounting is responsible for managing the University’s general ledger accounting system. The General Accounting office’s main goal.
Pharmaceutical Care Solutions 8 March 2010 © Copyright ESH 2010 Submission to Greek Ministry.

Pharmaceutical Care Solutions 8 March 2010 © Copyright ESH 2010 Submission to Greek Ministry.
The critical role of Evolving Information Systems and the need for Standardised Coding.

The critical role of Evolving Information Systems and the need for Standardised Coding.
Electronic Prescription Service (EPS) Release 2 Avon Local Pharmaceutical Committee 26 th March 2014 Jane Schofield – Programme Manager.

Electronic Prescription Service (EPS) Release 2 Avon Local Pharmaceutical Committee 26 th March 2014 Jane Schofield – Programme Manager.
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking Funded by a grant from Take Charge America, Inc.

1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking Funded by a grant from Take Charge America, Inc.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Preparing for EPS in your Pharmacy - Business Process Change Lancashire CSU IT EPS Project Team Stewart Cooper - EPS Lead Ben Jacobs and Charlotte Brown.

Preparing for EPS in your Pharmacy - Business Process Change Lancashire CSU IT EPS Project Team Stewart Cooper - EPS Lead Ben Jacobs and Charlotte Brown.
Supporting people in Dorset to lead healthier lives Overview of EPS2 Release 2.

Supporting people in Dorset to lead healthier lives Overview of EPS2 Release 2.
Integrated Hospital Management System. Integrated Hospital Management System software is user-friendly software. The main objectives of the system is.

Integrated Hospital Management System. Integrated Hospital Management System software is user-friendly software. The main objectives of the system is.
National Institute for Health Research Coordinated System for gaining NHS Permission (NIHR CSP) A single system for processing and reviewing applications.

National Institute for Health Research Coordinated System for gaining NHS Permission (NIHR CSP) A single system for processing and reviewing applications.
NHS Dental Services Darren Boelema Customer Liaison Manager.

NHS Dental Services Darren Boelema Customer Liaison Manager.
E-Prescribing: Current or Future Health Care in Utah? Mark Munger, Pharm.D. Professor, University of Utah Presented at Digital Commission Meeting on 1/08/2009.

E-Prescribing: Current or Future Health Care in Utah? Mark Munger, Pharm.D. Professor, University of Utah Presented at Digital Commission Meeting on 1/08/2009.
Preparing for EPS in your Pharmacy Business Process Change Workshop.

Preparing for EPS in your Pharmacy Business Process Change Workshop.

Similar presentations

Ads by Google