Upload
roger-gordon
View
219
Download
5
Tags:
Embed Size (px)
Citation preview
Disease & Treatment Registry Thru The Web,
The Way Forward
www.crc.gov.my
Dr. Lim Teck Onn Ms Lim Jie Ying
Clinical Research Centre, Hospital Kuala Lumpur
Ministry Of HealthMalaysia
Content• CRC and Disease Registers
• Traditional operation vs web-based operation
• Pros and Cons
• Minimizing security risk of Web based operation (Ms Lim Jie Ying)
We do 4 types of clinical research
1. Clinical Trials.
2. Clinical Registers /Epidemiological and
Health outcomes research
3. Clinical Economics Research
4. Evidence based medicine
Disease Registers in CRC1. National Renal Registry
2. National Cancer Registry
3. National Cataract Surgery Registry
4. National Neonatal Registry
5. National Mental Health Registry
6. National HIV/AIDS Treatment Registry
7. National Transplant Registry
8. In the pipeline: CKD (GN/SLE), CVD (Stroke,
AMI, Angioplasty) Rheumatic (RA)
Purpose of Disease Registry1. Quantify disease burden (morbidity and mortality) and its
geographic and temporal trends. 2. Early warning of rapid increase in disease incidence eg in
infectious disease.3. Identify sub-groups most at risk of disease.4. Identify potential risk factors of disease.5. Evaluate treatment programme / Clinical audit6. Evaluate control and prevention programme.7. Facilitate research, eg disease aetiology, Rx effectiveness,
outcomes research, prognosis
Epidemiological vs Treatment Register
Uses of Registry data
1. Disease epidemiology
2. Treatment availability & accessibility
3. Outcomes research
4. Technology assessment
5. Clinical economics
6. Clinical audit7. Support clinical trial/ clinical research
Data
Reporting
Data Processing
SDP
Traditional Operation vs Web-based Operation
CRCCRC
USERSUSERS
Report only
No prim. data
SITESITE
CRCCRC
USERSUSERS
EDC
Real time analysis &
report
Return processed
data
Online data
access
Internet Internet
Internet
Internet
SITESITE
Report data
(paper)No data return
Process comparison
Traditional operation Web ApplicationSite reports data in the form of CRF to CRC
Site reports data electronically via electronic data capture
CRC does not return data to site unless requested by site
Data processed are returned electronically
CRC provides annual report to user Real time analysis and availability of reports
No data accessible by user Online data access of data by user
Pros and Cons (1)Traditional operation Web Application
High cost of transmission of paper CRF to CRC by SDP
No cost of transmission of paper CRF to CRC by SDP
Incurs cost of printing CRF (continuous)
Incurs cost of developing the web application (one-off)
Data only available annually when report is out
Instantaneous availability of latest data for online review at all time
Data entry personnel at CRC keys in data based on paper CRF received
Electronic (remote) data capture, data entry by SDP personnel
Lower short term cost of client server application development, high cost of infrastructure planning
High short term cost of web application development, infrastructure planning
Report only analysable annually (based on clean data)
Real time analysis of report (based on uncleaned data)
Pros and Cons (2)Traditional operation Web Application
Authorised researcher has to send in request to CRC to gain access to data, time consuming
Ease of access to data for purpose of research by authorised researcher
Less security risk – enclosed system within CRC network
High security risk – physical security, data security, user access security, etc
SDP has to send in request to CRC to review own centre’s data, time consuming
SDP may verify own centre’s data easily
Data entry personnel are trained to do data entry in similar manner
Disparate way of entering data among SDPs
High efficiency Efficiency – unknown until its operational
Pros and Cons (3)
Traditional operation Web Application
Incurs cost of employment of data entry personnel at CRC
Does not incur cost of employment of data entry personnel at CRC
Authorised user (CRC’s registry manager, data entry personnel) may only run the application within CRC’s entity
Authorised user may run the application anywhere with Internet access at all time
Software has to be installed at the workstations for data entry
No installation of software is required
Risks (1)
Trad Web
Authentication – – someone may impose as the owner of the web site and direct user to non-appropriate web site
– someone who knows the user name and password of a user may easily gain access to the system
Risks (2)
Trad Web
Access control– Non authorised user may view, edit, add or delete data that he/she is not authorised to
–When user left the application idle and leaves the PC, someone else who happened to pass by may easily access the application if it is not locked
Risks (3)
Trad Web
Data without protection– Unauthorised people who gained access to the entire database may have access to all data
– Packet ‘Sniffing’ by non-authorised people
Unable to identify what alterations has been made, who made it, when was it made
Risks (4)
Trad Web
Physical insecurity – Anyone who gain access to the data storage area has access to data
External source of damage– Hackers
– Disgruntled users
Technological Mechanisms to Counter Security Risk
• Authentication
• Access control
• Encryption
• Audit trail
• Physical security
• Control of external communication links and access
• System backup and disaster recovery
Authentication (1)
• Authentication is a process of verifying the identity of an entity that is the source of a request or response for information in a computing environment
• Categories: – Web Application owner authentication– User authentication
Authentication (2)
• Web application owner authentication– VeriSign’s Server ID apply state of the art SSL
(Secure Sockets Layer) technology to conduct an authenticated, strongly encrypted online transaction.
– VeriSign ensures:
• the web site belongs to NRR and not an impostor’s
• Message privacy - information cannot be viewed if it is intercepted by unauthorized parties.
Authentication (3)
• User authentication is based on two criteria:
– Something that user know• User ID and Password – user is required to change
password every 3 months and the password cannot be reused within 3 cycles.
– Something that user have• Mobile phone authentication
Authentication (4)
• Mobile phone authentication– Eg. Mobile phone authentication. After user logs
in using UserID and password, server sends an SMS containing additional password to user’s mobile phone. User then types in the additional password before gaining access to system
Access control
• Only authorized users, for authorized purposes, can gain access to a system
• Authorised users are grouped into Access Control List
• User’s rights are assigned based on role
• User session management – when user left the application idle for more than 15 minutes, the application will be logged off automatically
Encryption• Definition: convert ordinary language into code so as to be
unintelligible to unauthorized parties.
• Field encryption for PHI (Personal Health Information) such as Name, IC within SQL database
• Data transmission and synchronisation encrypted
Data CentreData Centre DTRUDTRU Internet
VPN 128-bit connection
asdadadada5gsdafAsdjkn2543550nasdafasjfl5kjhfasfl5345l23
asdlkjldkjasjdalkdjladjl34435347593757asdkas6324sadadaad
Audit trail• Audit trail on
– Information access – to allow identification of unauthorised access to system / network
– data manipulation when users create, modify or delete records
• Tracks the followingWho made the change User ID and name
When was change made date and time
What change was made value change (previous to current value)
Why was change made reason, eg. data entry, data edit
Physical and Environmental Security 1
• Physical security entails appropriate controls to prevent unauthorised people from gaining access so that they cannot tamper with or derive information from the equipment
• Access to data centre is limited to authorised personnel only. Access to data centre will only be granted if the person is in the authorised list, identification information is presented and password is correct. Staffs within data centre are authenticated using biometrics technology.
• Access to DTRU office is secured by access card system and each personnel has limitation of accessible area/room
• Workstation will be logged off if left idle for 5 minute.• Web application will be logged off if left idle for 15 minutes
Physical and Environmental Security 2
• Access card system, Fire and alarm system, data storage space
Control of external Communication Links and Access (1)
• Firewall - acts as a sentry (guard) that filters out ‘insecure’ traffic from the Internet to ensure the security of an internal network in DTRU.
• Intrusion Detection System (IDS) - built into firewall to detect and block suspicious activities.
• Segmented network - User workstations are physically and logically separated from the servers. Thus, compromised workstations can be isolated from the servers and thus minimising damage.
• Antivirus– TrendMicro Antivirus Installed on all
workstations and servers– Daily virus signature update– Real-time scan and cannot be disabled.
• Patch Management– Automatically download, deploy and
install latest approved patches to all servers and workstations without any user interaction.
– Ensure that latest patches are applied to operating systems.
Control of external Communication Links and Access (2)
System Backup and Disaster Recovery
• Backup– Daily, weekly and monthly backup of
data to tapes. – Weekly and monthly backup tapes
stored offsite to ensure business continuity if anything happens.
– Automatic schedule of backup conducted at night using Veritas Backup software.
7- Day backup Tape Loader
• Disaster Recovery – Data may be recovered from backup tapes. Security consultant works with CRC team to prepare Business Continuity Plan Procedure.
Organizational Practice • Security and confidentiality policies
– Prepared by CIS team of CRC with joint effort of Security Consultant
– Each CRC staff has to sign Non Disclosure Agreement• Information security officers (ISO)
– To enforce policies– To ensure staffs abide by the policies– Responsibilities include but not limited to: Personnel security, IT
security, Physical & environmental Security, Information Processing Practices, Business Continuity Management
• Education and training programs– Awareness training program on information security for all CRC
personnel is held every month. – Ongoing emphasis
• Sanction– Sanction for breaches of confidentiality