An architecture solution for security and interoperability of EHR systems

The EHR allows obtaining a considerable amount of health information, to improve the quality and efficiency of medical care and at the same time to reduce the costs of health care. The strong interest on sharing the healthcare information in information systems over the years has led to development of many different and heterogeneous EHR systems. The increase of patient mobility requires the creation of a single (global) EHR system. In order to protect the investments made, the creation of a federated infrastructure which enables interoperability between different EHR systems and that ensures the security not only locally but also over the federated infrastructure itself is necessary. However, their intrinsic, high heterogeneity makes the attempt of their interoperability and security a hard task. This paper shows a general architecture to make different EHR systems interoperable and secure, thus showing how the issues of interoperability and security are exceeded when we define an interoperable infrastructure. This was experimented in the Italian region EHR systems to enable interoperability.