Microsoft Word - HS2061 IS Project Management-Individual assignment 1- Case study analysis T XXXXXXXXXXdoc
FACULTY OF HIGHER EDUCATION
Individual assignment 1 - Case study analysis
HS2061 Information Systems Project Management
Trimester 2 2018
Date Due: Friday Week 5 by 5:00 PM Marks
Weighting 10%
Student Name (Block letters) XXXXXXXXXXStudent Number:
___________________________ XXXXXXXXXX_____________
HS2061 IS Project Management – Assignment 1 T XXXXXXXXXX
1. Develop a system scope document
Using the MedRec Case Study provided,
develop a system scope document. This document must include a
section for each of the following:
• the business problem,
• a statement of purpose,
• the benefits of a new system
• the system capabilities and what it must achieve as a
minimum
Ensure you use business language and write in the third person
(avoid the use of I or we). A business report format should be
followed.
Word limit: 500 – 1000 words
Marking Criteria
ASSESSMENT 1 CRITERIA
N/A Poor Fair Good Very Good Excellent
Scope
Document Statement of Purpose (1)
Business problem (2)
Business Benefits (2)
System capabilities (2)
Exclusions (1)
Document
Format
Document Presentation Good layout
Grammar & Spelling (2).
Deduction for late, copied, or plagiarised
work (up to total marks earned)
Total out of 10
A Case Study for Blockchain in Healthcare:
“MedRec” prototype for electronic health records and medical research data
White Pape
Ariel Ekblaw*, Asaph Azaria*, John D. Halamka, MD†, Andrew Lippman*
*MIT Media Lab, †Beth Israel Deaconess Medical Center
August 2016
Note: The abstract and first three sections of this white paper are drawn from a peer-reviewed, formally
accepted paper, presently being prepared for publication with IEEE through their Open & Big Data
Conference, August 22-24, 2016.
MedRec: Using Blockchain for Medical Data Access and Permission Management
IEEE Original Authors: Asaph Azaria, Ariel Ekblaw, Thiago Vieira, Andrew Lippman
This material is adapted and included here with permission of the IEEE, including permission for
publication by the ONC Blockchain Challenge if selected.
Abstract
A long-standing focus on compliance has traditionally constrained development of fundamental design
changes for Electronic Health Records (EHRs). We now face a critical need for such innovation, as
personalization and data science prompt patients to engage in the details of their healthcare and restore
agency over their medical data. In this paper, we propose MedRec: a novel, decentralized record
management system to handle EHRs, using blockchain technology. Our system gives patients a
comprehensive, immutable log and easy access to their medical information across providers and
treatment sites. Leveraging unique blockchain properties, MedRec manages authentication,
confidentiality, accountability and data sharing—crucial considerations when handling sensitive
information. A modular design integrates with providers' existing, local data storage solutions, facilitating
interoperability and making our system convenient and adaptable. We incentivize medical stakeholders
(researchers, public health authorities, etc.) to participate in the network as blockchain “miners”. This
provides them with access to aggregate, anonymized data as mining rewards, in return for sustaining and
securing the network via Proof of Work. MedRec thus enables the emergence of data economics,
supplying big data to empower researchers while engaging patients and providers in the choice to release
metadata. The purpose of this paper is to expose, in preparation for field tests, a working prototype through
which we analyze and discuss our approach and the potential for blockchain in health IT and research.
1. Introduction
EHRs were never designed to manage multi-institutional, life time medical records. Patients leave
data scattered across various organizations as life events take them away from one provider's data silo and
into another. In doing so they lose easy access to past data, as the provider, not the patient, generally
etains primary stewardship (either through explicit legal means in over 21 states, or through default
a
angements in the process of providing care) [1]. Through the HIPAA Privacy Rule, providers can take
up to 60 days to respond (not necessarily to comply) to a request for updating or removing a record that
was e
oneously added [2]. Beyond the time delay, record maintenance can prove quite challenging to
initiate as patients are rarely encouraged and seldom enabled to review their full record [1], [2]. Patients
thus interact with records in a fractured manner that reflects the nature of how these records are managed.
Interoperability challenges between different provider and hospital systems pose additional
a
iers to effective data sharing. This lack of coordinated data management and exchange means health
ecords are fragmented, rather than cohesive [3]. Patients and providers may face significant hurdles in
initiating data retrieval and sharing due to economic incentives that encourage “health information
locking.” A recent ONC report details several examples on this topic, namely health IT developers
interfering with the flow of data by charging exo
itant prices for data exchange interfaces [4].
When designing new systems to overcome these ba
iers, we must prioritize patient agency.
Patients benefit from a holistic, transparent picture of their medical history [3]. This proves crucial in
establishing trust and continued participation in the medical system, as patients that doubt the
confidentiality of their records may abstain from full, honest disclosures or even avoid treatment. In the
age of online banking and social media, patients are increasingly willing, able and desirous of managing
their data on the web and on the go [3]. However, proposed systems must also recognize that not all
provider records can or should be made available to patients (i.e. provider psychotherapy notes, or
physician intellectual property), and should remain flexible regarding such record-onboarding exceptions
[5], [6].
Medical records also prove critical for research. The ONC's report emphasizes that biomedical and
public health researchers “require the ability to analyze information from many sources in order to identify
public health risks, develop new treatments and cures, and enable precision medicine” [4]. Though some
data trickles through to researchers from clinical studies, surveys and teaching hospitals, we note a
growing interest among patients, care providers and regulatory bodies to responsibly share more data,
and thus enable better care for others [7], [4].
In this work, we explore a blockchain structure applied to EHRs. We build on this distributed
ledger protocol originally associated with Bitcoin [8]. The blockchain uses public key cryptography to
create an append-only, immutable, timestamped chain of content. Copies of the blockchain are distributed
on each participating node in the network. The Proof of Work algorithm used to secure the content from
tampering depends on a “trustless” model, where individual nodes must compete to solve
computationally-intensive “puzzles” (hashing exercises) before the next block of content can be appended
to the chain. These worker nodes are known as “miners,” and the work required of miners to append blocks
ensures that it is difficult to rewrite history on the blockchain.
Our MedRec blockchain implementation addresses the four major issues highlighted above:
fragmented, slow access to medical data; system interoperability; patient agency; improved data quality
and quantity for medical research. We build on the work of Zyskind et al. [9] to assemble references to
data and encode these as hashed pointers onto a blockchain ledger. We then organize these references to
explicitly create an accessible
ead crumb trail for medical history, without storing raw medical data on
the blockchain. Our system supplements these pointers with on-chain permissioning and data integrity
logic, empowering individuals with record authenticity, auditability and data sharing. We build robust,
modular APIs to integrate with existing provider databases for interoperability. A novel data-mining
scheme is proposed to sustain the MedRec network and
ing open, big data to medical researchers. We
present MedRec not as the panacea for medical record management, but as a foray into this space to
demonstrate innovative EHR solutions with blockchain technology.
2. System Implementation
2.1 Overview
For MedRec, the block content represents data ownership and viewership permissions shared by
members of a private, peer-to-peer network. Blockchain technology supports the use of “smart contracts,”
which allow us to automate and track certain state transitions (such as a change in viewership rights, or
the birth of a new record in the system). Via smart contracts on an Ethereum blockchain [10], we log
patient-provider relationships that associate a medical record with viewing permissions and data retrieval
instructions (essentially data pointers) for execution on external databases. We include on the blockchain
a cryptographic hash of the record to ensure against tampering, thus guaranteeing data integrity. Providers
can add a new record associated with a