Why, How, and When? - HPSC863,en.pdf · Why, How, and When? CIDR Project Team ... – IS 17799 –...
Transcript of Why, How, and When? - HPSC863,en.pdf · Why, How, and When? CIDR Project Team ... – IS 17799 –...
Why, How, and When?
CIDR Project Team
National Disease Surveillance Centre25-27 Middle Gardiner Street
Dublin 1
ProcessesTimeline• 2000• 2001• 2000 - 2003• 2001 - ongoing• 2002• 2003• 2003• 2004
• Needs Analysis• Project Setup• Procurements• Information Governance• System Design• System Development• System Piloting• System Implementation
NDSC• The National Disease Surveillance Centre (NDSC) is Ireland’s
leading specialist centre for surveillance of communicable diseases. The centre was set up in 1998 conjointly by Ireland’s eight Health Boards and with the approval of the Minister for Health and Children.
• The aim of NDSC is to improve the health of the Irish populationby the collation, interpretation and provision of the best possible information on infectious disease. This is achieved through surveillance and independent advice, epidemiological investigation, research and training.
• The NDSC works in partnership with health service providers and sister organisations in other countries to ensure that up to date information is available to contribute to the effective control of infectious diseases
NDSC
• Medical staff– Specialists in Public Health Medicine
– Public Health Trainees/Medical Officers
– Medical Microbiologist
• Scientific staff
• IS staff
• Administrative staff
CIDR Partners
P u b lic In te rn e t / P u b lic S e c to rV P N C ID R
D a ta b a s e
D e p a rtm e n t o fP u b lic H e a lth (8 )
C lin ic a lL a b o ra to ry (~ 5 3 )
C o m m u n ityC a re O ff ic e (3 2 )
N a tio n a l D is e a s eS u rve illa n c e
C e n tre
F o o d S a fe tyA u th o rity
F o o d S a fe tyP ro m o tio n B o a rd
D e p a rtm e n t o fH e a lth a n d C h ild re n
H e a lth B o a rd
Why CIDR?• Infectious Disease Regulations 1981, amended in 1985,
1988 and 1996• Review of the Current List of Infectious Disease and of the
Process of Notification• Strategy for control of Antimicrobial Resistance in Ireland
(SARI)• New and re-emergent infectious disease / organisms,
national foodborne outbreaks, bioterrorism threats, and increasing antimicrobial resistance
• Need for timely, coherent, and consistent data locally, regionally and nationally
Needs Analysis
• NDSC hired Astron Consulting in 2000– to assist in the identification of the
information needs of NDSC and partner organisations,
– to examine solutions in place in similar organisations overseas and
– to determine whether any of these could be adopted or adapted to Irish needs
Experience in other countries
• Specifically we looked at– CoSurv from CDSC – England– E-COSS from SCIEH – Scotland– LITS+ from CDC - USA.
• Subsequently we received information from– Canada - CIPHS– Sweden – SMI-Net– Netherlands – ISIS– US (Georgia) – SENDSS– US (CDC) - NEDSS
Evaluation Criteria• The software must
– Be available and suitable for use for infectious disease surveillance in Ireland
– Be a complete product, that can be taken over and supported locally
– Be testable against the defined requirements– Meet a high proportion of the defined
requirements– Be based on modern, open, robust technology
Astron Findings
• Islands of information
• Multiple reporting
• Extensive reconciliation required
• Loss of data quality and timeliness
Astron Recommendations• No overseas solution was identified which
would fill the requirements
• The development of a new system based on a shared common data repository with clearly defined data access rights capable of collecting and associating data from a variety of sources
Project Organisation
• Definition of roles and responsibilities including lines of accountability
• Two principal streams– Application / system design, development and
implementation
– Definition of business rules including data access rights and levels of service
CIDR Development Committee
• The CIDR Development Committee was established in 1999 as a multi-disciplinary working group to advise on the development of electronic surveillance in Ireland. The terms of reference for this committee are:– To assist and advise CIDR Project Team and other CIDR
partners on the development and introduction of a national system for electronic surveillance
– To act as an advocate and promote CIDR within his/her ownorganisation.
– Includes members from public health, laboratories, information services, national agencies, environmental health and general practice
CIDR Project Team• Established on a full-time basis in June
2001– Derval Igoe
• Specialist in Public Health Medicine, CIDR Project Manager
– John Brazil• NDSC IT Manager
– Emma Baldwin• Administrative Support
CIDR Project / Operations Team
• Subsequently joined by– Colm Grogan
• Senior Surveillance Scientist
– Gillian Cullen• Surveillance Scientist
– Liam O’Connor• IT Officer
– John Foy• IT Officer
CIDR Project Board• CIDR Project Board are the Business System
Owners and provide overall direction and management for the CIDR project. – It approves all major plans for the project within the budget
allocated to CIDR capital development by NDSC Board.– It authorises deviations from the agreed plans, within budget.– It seeks to ensure that the required resources are available
for and committed to the project.
• Members are nominees of partner Health Boards and Agency Chief Executive Officers
Procurement
• Supported by Central Purchasing Department, Eastern Health Shared Services
• Competitive Tendering• EU Procurement Procedures
– Open– Restricted
Procurement of Consultancy Support
To assist NDSC to– Issue a Request for Proposals (RFP) for system design– Select a suitable system designer– Issue a Request for Proposals (RFP) for system
development– Work with the developer to agree the system– Carry out a user acceptance test when system developed– Implement the system
– EU Procurement via ‘open’ procedure, contract value €200,000
Designing, Developing and Implementing a New System
Separate procurements for – Design of the System and– Development / Implementation /
Maintenance
Primarily because of uncertainties regarding the scale of system and the likely cost
Design Procurement• EU procurement utilising the ‘open’ procedure in
2001• Twenty four proposals
– 23/24 based on thin client (browser) / web services– 1/24 based on client – server
• Responses evaluated by evaluation committee including NDSC and partner members
• DMR (now Fujitsu Consulting) selected– Contract value €150,000– Contract duration 6 months
Development Procurement - 1
• EU procurement utilising the ‘restricted’ procedure in 2002
• Request for ‘Expressions of Interest’• Fourteen companies responded• Responses evaluated by evaluation
committee including NDSC and partner members
• An invitation to tender, including the technical design documentation, was extended to five companies
Development Procurement - 2
• Three proposals were received• Information sessions were held separately
with with each proposer• Proposals evaluated by evaluation committee
including NDSC and partner members• Fujitsu Consulting were selected as the
development / implementation partner• Contract value (including infrastructure and
reporting solution) €2 million, duration 9 months
Information Governance
• Appropriate data sharing
– Defined access rights
– Policies and procedures
– Audit
– IS 17799 – Information Security management
– Institutional multi-disciplinary information
governance committees
What’s Happening in Ireland?
• National CIDR Business Rules Committee– Regional and Agency Business Rules
Committees
• To define / agree – Access Rights
– Levels of Service
Overseas Information Governance Initiatives
• HIPAA
– US, Health Information Portability and
Accountability Act 1996.
• NHS Information Authority
– UK, adopting BS7799 (equivalent to IS 17799).
System Design
• Business Process Analysis
• System Dynamics
• Software Architecture
• Technology Architecture
• Persistent Information Architecture (Data Model)
• Reporting Framework
Clinical orreferencelaboratory
CIDR administration
CIDRtranslationmodule
Filename: P251S_Appendix 02 - Processes.vsd Current date:23 May, 2003Page 1Processes National Disease Surveillance Centre: Computerised Invectious Disease Reporting System (CIDR) - System Design Pagename: LIMS Integration
File of relevanttest results to
translation module
Translate codesfrom local to CIDR
standard
Reformat datato CIDR standard
Load datato CIDR
Presenttranslation records
for validation
Reportexceptions
to CIDR admin
Patient match notconsidered at this point
Method(test type)not found?
Searchfor clinician
Matchfound?
Yes
Yes
Most dynamic and liableto produce exceptions
Method onCIDR?
No
Yes
Authorise
Organismnot found?
Onganism onCIDR?
Create newCIDR code
Yes
NoResubmit
exceptions fortranslation
Organism will not be an outputfrom every Lab system
Update translationmapping rules(for all labs)
Yes
Cliniciannot found?
No
No
Note re Lab steps completedRegister data(Check for patient match)Barcode samplesStart testingReview results, add narrative/judgement as necessaryTECHNICAL AUTHORISATION (VALIDATION):Review test performed vs request form (forcompleteness and reasonableness).Positive? May prompt additional testingP => MEDICAL AUTHORISATION - Escalate to ClinicalMicrobiologist (or Pathologist or Lab Manager - dependson local practice) where necessary... additional testing may be requestedSend results back to Clinician
No
No
Proceed from CLF or RLD(as appropriate) on Core
Transaction Process
See Master File Maintenance
LIMS Integration will contain details of referencenumbers used by each lab in referencing Clinicianslinked to CIDR clinician ID.
If no match results user searches based on clinicianname and practice address. If GP found, GP recordupdated to include Lab's reference number for thatclinician.
Exceptions?
Yes
Extraction routinesto get to this point (a
file of relevant testresults) will be lab
dependent
Possibility to turn off this check.Where system doesn't find matchingGP, GP from Lab written to CIDR. Willbe used in creating new GP understep MO14 in core process
Business Process Analysis
Key Concepts in CIDR
• Multiple REPORTs relate to a given event in a given individual
• An EVENT is the same episode of disease in an individual i.e. within a given timeframe
• CIDR is a PERSON-based system
• An OUTBREAK relates to multiple instances of disease in individuals within a given location/timeframe
Dataflows in CIDRGP / Clinician
Clinical Laboratory
Reference Laboratory
Public Health
NDSCDoHCFSAI FSPB
EUWHO
CIDR
System Components
Data Layer
CID
R D
ata
Rep
osito
ry
Data
Translation
Pres
enta
tion
Laye
r
Clie
nts
LaboratoryInformation
System
Laboratories
Public Health
NDSCB
row
ser S
ervi
ce
Manual Data Entry
Bro
wse
r Ser
vice
Reports
CIDR DataEntry and
EventCreation by
Public Health
laboratory resultsappropriate referenceLaboratory includingData validation by
List
ener
Business Workflow
Data Access
Bus
ines
s Lo
gic
App
licat
ion
Laye
r
DataPersistance
CIDRReporting and
Analysis
System Dynamics
Prototype 5
Prototype 4
Prototype 3
Prototype 2Prototype 1
GP
Labs
Steps Data EntryNotification PatientMatch
EventCreation
OutbreakAdmin. Follow-up
Data Entry
Data Entry PatientMatch
EventCreation
OutbreakAdmin. Follow-upDPH
Use of Prototypes
• Valuable tool in clarifying requirements
• Tangible proof of development for communication to stakeholders
• Potentially more expensive in the short-term, less expensive in the long term if it contributes to meetings users needs / expectations
CIDR Technical Architecture
• n – tier Architecture– User Services – Directory Services– Business Façade– Business Rules– Data Access– Data Persistence
CIDR Core System
User Services Layer
Business Façade Layer
Data Access Layer
TechnologyInfrastructure
Pres
enta
tion
Sub-
syst
emB
usin
ess
Sub-
syst
emD
ata
Sub-
syst
em
Business Rules Layer
Data Persistence Layer
Directory Services Layer
WebServer
DirectoryServer
ApplicationServer
DatabaseServer
Software ArchitectureWeb
Forms Code Behind
InternetInformation
Server(Web
Server)
HTTP
HTTPS
ADSI
SMTP
UDA
ODBC
Windows2000
AdvancedServer
Windows2000
AdvancedServer
InternetInformation
Server(Application
Server)
SQL Server2000
(RDBMS) Windows2000
AdvancedServer
StoredProcedures
SystemFramework
Data Access
BusinessRule(s)
BusinessFaçade
ADO.NET
ActiveDirectory
OperatingSystemCommunicationBasic SoftwareTechnical
Interface FaçadeUtilityApplication
Windows2000
AdvancedServer
LDAP
X.500
Use
r Ser
vice
s La
yer
Bus
ines
sFa
çade
Dire
ctor
ySe
rvic
esB
usin
ess
Rul
es
JDBC
Dat
aA
cces
sD
ata
Pers
iste
nce
HTTP
HTTPS
SOAP
SOAP
.NETFramework
ASP.NET
SQL Server2000
(Warehouse)
Application Technology Infrastructure
.NETFramework
WebServices
Core System
• Microsoft Solution– .NET
– IIS
– SQL Server 2000
• Web Services, XML, SOAP, 128 bit SSL
• Standards-based (de facto)
Client Requirements
• Modern PC with Standard Browser Software
(IE 6 or better)
• Connection to Internet or Government Virtual
Private Network
• IS support
– Software / Hardware
– Security / Confidentiality
Security Requirements
• Core– Firewalls (external and internal), authentication
server, intrusion detection, active directory, separated web, application, and database servers)
• Transmission– 128-bit Secure Sockets
• Client / User– Unique Username / Password / Authentication
token
Standard Terminologies, Codes and Structured Data
• HL7– HeBE Messaging subgroup recommending HL7v2.4/XML
• Diseases / Organisms / Lab Tests– SNOMED / LOINC (terminologies recommended by US
Centers of Disease Control and Prevention for for electronic reporting of results to public health agencies)
• Patient Demographics– GPIT dataset
• Addresses– Geodirectory address model
Technology Infrastructure
• Production Environment• Development Environment• Test / Training Environment
• Connectivity
Government Virtual Private NetworkeGovernment
Network
AgencyNetwork
10Mb Ethernetconnection carrying"eGov-Hosting" VPN
WAN link toeircom BIP
Agency's FirewallEthernet connection toAgency's privatenetwork
Managed3640/3725router
10Mb Ethernetconnections for "eGov-Services", "eGov-InterAgency", "eGov-Dialin" and AgencyPrivate VPNs
Data Model
OrganismToEvents
0,n
0,1
CommunityCareAreaToPendNotifier
0,n
0,1
CIDRrecordToEnhancedDataValues0,n
0,1
PendNotifierToPendNotifierDetail0,n
0,1
HealthBoardToEvent
0,n
0,1
CIDRDataStructToCIDRDataCode0,n
0,1
OrganismToOrganismAttribute
0,n
0,1
EventToCIDRalert
0,n
0,1
OutBreakToCIDRalert 0,n0,1
PatientToPatientDetails0,n
0,1
SusceptTestToGroupSusceptTest
0,n
0,1
LabDiagTestToGroupSusceptTest0,n0,1
PendNotifierToPendNotifierGroup0,n
0,1
CIDRrecordToPendNotifierGroup
0,n
0,1
DiseaseToCIDRDataStructItem
0,n
0,1
CCAToPendPatient
0,n
0,1
HealhBoardToPendPatient
0,n
0,1
LabToCIDRuser0,n
0,1
LabDiagTestToRawLabDiagtest
0,n
0,1
LabDiagTestToMethod
0,n
0,1
MethodCodeToMethod
0,n
0,1
PendPatientToPendPatientDetail
0,n
0,1
PendingPatientToCIDRrecord
0,n
0,1
NotifierToNotifierDetails0,n 0,1
PatientToCIDRrecord
0,n
0,1
HospitalToCIDRrecord
0,n
0,1
LabToCIDRrecord0,n
0,1
CIDRrecordToLabDiagTest
0,n
0,1
OrganismToCIDRrecord
0,n
0,1
CIDRrecordToNotifierGroup
0,n
0,1
NotifierToNotifierEvent
0,n
0,1
EventToNotiferGroup0,n
0,1
DiseaseToCIDRrecord
0,n
0,1DiseasesToEvents
0,n
0,1
PatientToEvents0,n
0,1
CommunityCareAreaToPatient
0,n
0,1
HealthboardToPatient
0,n
0,1
HealthAuthorityToHealthBoard
0,n
0,1
HealthBoardToCommunityCareArea0,n0,1
HealthBoardToCIDRuser0,n 0,1
HospitalToEvents
0,n
0,1LabToEvents
0,n
0,1
CommunityCareAreaToNotifier
0,n
0,1
AnitbioticTo SusceptibilityTest
0,n
0,1
OrganismToLabDIagnosticTest
0,n
0,1
HospitalToLab
0,n
0,1
CIDRDataTypeToCIDRDataStructItem
0,n
0,1
EventsToLabDiagnosticTest
0,n
0,1
CIDRDataStructItemToEnhDataVal0,n
0,1
EventsToEnhancedDataValue
0,n
0,1
OutBreakToEvent 0,n
0,1
CIDRDataStructItemToOutBrkDataVal
0,n
0,1
OutBreakToOutBreakDataVal
0,n
0,1
Diseases : 1DiseaseID <pi>
NotifiersNotifierID <pi>
OrganismsOrganismID <pi>
AntibioticsAnitbioticID <pi>
HospitalsHospitalID <pi>
HealthAuthoritiesHealthAuthorityID <pi>
HealthBoards : 1HealthBoardID <pi>
CommunityCareAreasCommunityCareAreaID <pi>
CIDRusersCIDRUserID <pi>
OutBreaks : 1OutBreakID <pi>
SusceptibilityTestsSusceptibilityTestID <pi>
LabDiagnosticTestsLabDiagnosticTestID <pi>
TestMethodCodesTestMethodCodeID <pi>
CIDRDataTypesCIDRDataTypeID <pi>
CIDRDataStructureItemsCIDRDataStructureItemID <pi>
EnhancedDataValuesEventDataValueID <pi>
OutBreakDataValuesOutBreakDataValueID <pi>
PendingPatientsPendingPatientID <pi>
NotifierDetailsNotifierDetailID <pi>
TestMethodsLabTestMethodID <pi>
PendingPatientDetailsPendingPatientDetails <pi>
Labs : 1LabID <pi>
PendingNotifierDetailsPendingNotifierDetailID <pi>
PendingNotifiersPendingNotifierID <pi>
Diseases : 2DiseaseID <pi>
EventToCIDRrecord0,n
0,1
Labs : 2LabID <pi>
NotifierGroupsNotifierGroupID <pi>
PendingNotifierGroupsPendingNotifierGroupID <pi>
RawLabDiagnosticTestsRawLabDiagnosticTestID <pi>
CIDRalertsCIDRalertID <pi>
GroupSusceptibilityTestsGroupSusceptibilityTestsID <pi>
CIDRrecords : 1CIDRrecordID <pi>
PatientDetailsPatientDetailID <pi>
PatientsPatientID <pi>
OutBreaks : 2OutBreakID <pi>
OrganismAttributesOrganismAttributesID <pi>
HealthBoards : 2HealthBoardID <pi>
CIDRDataCodesCIDRDataCodesID <pi>
EventsEventID <pi>
CIDRrecords : 2CIDRrecordID <pi>
OrganisationToCIDRUser
0,n
0,1 Organisation: 1OrganisationID <pi>
Organisation: 2OrganisationID <pi>
0,n
Reporting Framework
OperationalDatabase
ReportingDatabase
(Cube)
OperationalView Informational
View
Data Capture and Use Query, Reporting, and Analysis
OperationalSystems
InformationalSystems
SQL Server 2000Relational Database
With Analysis Services
CIDRApplication Business Objects
2000
When?
• CIDR Design completed – July 2002
• Procurement of CIDR System Development and
Implementation Partner – February 2003
• Development and Implementation of CIDR System –
Q24 2003
• CIDR System Pilots – Q1 2004
• CIDR System available nationally – mid 2004
Ready and safe access to data
• Business Objects provides a method of creating useful, parameterised reports quickly, allowing access to information without putting the source data at risk, and potentially increases the efficiency of reporting processes.
Thick and Thin Clients• Thick clients
– Business Objects software installed on client machine
– Data retrieved from Server– Processed locally
• Thin clients– Standard browser interface– Data and processing on server
Who else uses Business Objects?
• Business Objects is extensively used in Breastcheck and in Tallaght Hospital.
• Business Objects is a similar product to Hummingbird, the business intelligence software used in CDSC in Colindale.
CIDR Pilots• Health Board
– NEHB• Department of Public Health• Community Care Offices• Clinical Microbiology Laboratories
• Reference Laboratories– MRSA Reference Lab– Pneumococcal Reference Lab– Salmonella Reference Lab– Virus Reference Lab
Implementation Issues
• Historic Data
• Analysis of Trends
• Roll-out
– By infectious disease programme?
– By geography?
• Health Services Restructuring
What will we get with CIDR?
• The infrastructure for a secure national public health information network– Capable of allowing the collection of data
other than that relating to infectious disease in a coherent and timely fashion
– Providing ‘best of breed’ data analysis tools such as Business Objects and, potentially, SPSS and ESRI ArcView