Technical network loeber
-
Upload
guest18da4fc -
Category
Documents
-
view
148 -
download
0
Transcript of Technical network loeber
![Page 1: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/1.jpg)
1
First US-German Summit on Primary Care
Current Implementation and Technologiesof a Secure Network für 50,000 Physiciansin Germany
Frank LöberCIO/ CTO HÄVG Rechenzentrum
Washington, 9th April 2010
![Page 2: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/2.jpg)
2
Agenda
Initial Situation in Germany – Facts & Figures
Overview current solution in Germany for 50,000 Physicians
Current Situation & Next Steps
![Page 3: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/3.jpg)
3
Initial Situation in GermanyFact & Figures
![Page 4: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/4.jpg)
4
Initial Situation in GermanyFact & Figures
� New reimbursement system (payment system) since June 2008
� 50,000 familiy physicians & 70,000,000 sick fund covered people
� 160 sick funds, recently substantial decrease in number due to mergers
� 60 different software-solutions (doctor´s IT-system) for familiy physicians with different operating systems
� Different ways of communication (paper, CD-Rom, online)
� High requirements for data protection for transmission and storage
� Main medical data to transfer: reimbursement items, diagnoses, drugs, referrals, form-data
![Page 5: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/5.jpg)
5
Hausaerzte-verband
(Clearing)
Send medical data by software
Check & clearing data & create and send billing file
Initial Situation in Germany Billing Process in new reimbursement system
Physician
Sick FundCheck billing file & Payment
Create billing & send it & do payment
Receive billing & Payment
Documenting medical data (diagnoses, drugs ..)
![Page 6: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/6.jpg)
6
Initial Situation in GermanyDifferent business needs for different parties
� Physicians: No additional costs for hard- & software, software must be easy to use
� Software-Developers / Manufacturers:Easy integration, installation & configuration of new software
� Hausaerzteverband:scalable solutions, authenfication of physicians, exchange medical data between family and special physicians, increase quality of primary care
� Sick Funds:Reduce costs of drugs and remedies, increase quality of primary care
![Page 7: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/7.jpg)
7
Initial Situation in Germany Legal Requirements for protection & authentification
High requirements for data protection & authentification:
� Files with medical and personal data must be encrypted
� Transmission must be encrypted
� Files with medical data must be signed by a physician
![Page 8: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/8.jpg)
8
Initial Situation in Germany Conclusion
Regarding all business needs of all parties means:
�Development of a specific software-module („Core“) without GUI for integration in existing software-solutions
�Development of requirements and technical specifications for existing software-manufacturers
�Develop own software with GUI for physicians with basic functions to manage our contracts (stand alone solution)
�Usage of this software is part of our contracts
�Develop own data-center
�Develop own infrastructure to connect doctors for data exchange
![Page 9: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/9.jpg)
9
Developed Solution in Germany for 50,000 Physicians
![Page 10: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/10.jpg)
10
Transmission & Encryption
![Page 11: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/11.jpg)
11
2 ways of online transmission:
Current Solution – Encryption & Transmission Medical Data from doctor´s practice to data center
Hardware-Router with certicate of doctor´s practice
Software-VPN with certicate of doctor´s
practice
![Page 12: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/12.jpg)
12
Current Solution – Encryption & Transmission Transmission Encryption
Secure Communication between doctors practice and our data-center based on legal requirements using:
� IPSec-Tunnels
� Secure TLS-Connections
� Key-Exchange-Protocol: Diffie-Hellman
� Digital Certificates: X.509 (v3) Certificates with 2048 Bit key-length
� Software VPN is based on OpenVPN (open source)
![Page 13: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/13.jpg)
13
Current Solution – Encryption & Transmission File Encryption
� Medical data (reimbursement items, drugs, …) will be compressed and encrypted with a hybrid method before transmission
� Payload (Content of the file) will be symmetric encrypted with AES (Advanced Encryption Standard) with 256 Bit key-length
� Encryption Key will be asymmetric encrypted with the public certificate of the receiver with 2048 Bit key-length by SHA1-RSA
� Data will only decrypted in our data-center
![Page 14: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/14.jpg)
14
Core-Module
![Page 15: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/15.jpg)
15
Doctor´s IT-System
OpenVPN
Database
Core-Functions
Core
Contract1
Modules
Online-Updates
HTTPS VPNKonnektorXMLSOAP
Usable on clients,
servers and as ASP-Solution
Modular specific Contract-Data using open source database SQLite
Software Run Time Environment Interface
Contract2
Contract3
Data-Center
Current Solution – Core-ModuleOverview Technical Solution
Doctor`s Practice
![Page 16: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/16.jpg)
16
Core
Current Solution – Core-ModuleFunctions
� Validate medical data in doctor´s practice
� Provide steering algorithms i.e. substitutionsfor low priced drugs
� Provide specific data i.e. special catalogues of ICD10-diagnoses
� Provide Online-Services i.e. „check enrolled patients“
� Encrypt medical data before transmission
� Receive daily-updates
� No graphical user interface
� Easy to integrate in existing software solutions
� Defined data structure for medical data
Existing Software with GUI
Core
![Page 17: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/17.jpg)
17
Example for drug substitution
![Page 18: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/18.jpg)
18
Current Solution – Core-ModuleExample for Substitution Drugs I / III
![Page 19: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/19.jpg)
19
Current Solution – Core-ModuleExample for Substitution Drugs II / III
![Page 20: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/20.jpg)
20
Current Solution – Core-ModuleExample for Substitution Drugs III / III
![Page 21: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/21.jpg)
21
Authentification
![Page 22: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/22.jpg)
22
Current Solution – AuthentificationDoctor & Practice
Authentification is used for following purposes
� Identification
� Signing medical data
Current Solution: Rollout of software-based certificates
Planned: Rollout of hardware-based certificates (health professional card)
![Page 23: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/23.jpg)
23
Data-Center
![Page 24: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/24.jpg)
24
� Provide Online-Services i.e. „check enrolled patients“
� Receive data from the physicians
� Approval & Decryption & Clearing & Storage
� Billing & Accounting-Services
� Provide Online-Updates
� Interfaces to several Sick Funds for data exchange
� Exchange Data in XML
� Multiple & Mass Data Processing
� Provide Trust Center to manage certificates
Current Solution – Data-CenterOverview of Services
![Page 25: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/25.jpg)
25
Current Situation & Next Steps
![Page 26: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/26.jpg)
26
Current Situation & Next StepsUsing our system since June 2008
� 2,000 physicians using Hardware-Router, 8,000 physicians using Software-VPN for transmission encryption
� 10,000 integrated Cores in existing 35 software-solutions
� 6,000,000 insured persons are enrolled in the new system
� 500,000,000 medical data, diagnoses, drugs, remedies, referrals every 3 months to validate
![Page 27: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/27.jpg)
27
Current Situation & Next Steps
� Provide Core-Module in Java
� Provide Core-Module as ASP-Solution
� Provide billings for doctors online as PDF to download
� 30,000 physicians and 30,000,000 insured persons in the new system
���� And…. It will work!!!
![Page 28: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/28.jpg)
28
Questions & Answers
![Page 29: Technical network loeber](https://reader033.fdocuments.in/reader033/viewer/2022052911/559edec21a28abe6218b4668/html5/thumbnails/29.jpg)
29
Thanks for your attention