CSC Develops National Patient Records System for Dutch Ministry of Health
| The Dutch Ministry of Health is upgrading information exchange among medical practitioners to improve the quality and reduce the cost of healthcare in the Netherlands. Teaming with CSC, the ministry created a highly secure system that lets doctors share medical records without compromising the privacy of patients. The system, Landelijk SchakelPunt (LSP), or the National Switch Point, pulls together records from multiple healthcare providers to create a more complete picture of past medical treatment. LSP can't store patient histories, and doctors' systems can't store records retrieved by LSP. This makes breaches in privacy more difficult to achieve. For the Ministry of Health, the added security is key to garnering the trust of the Netherlands medical community and its patients, who must voluntarily join the system for its benefits to be fully realized. |
With a patient's permission, a doctor can use LSP to access treatment records in other medical IT systems |
Better care with better information
The Ministry of Health established NICTIZ, the Dutch National IT Institute for Healthcare, in 2002 to pursue an information upgrade that would allow remote access to secure data in independent medical IT systems. NICTIZ issued a request for proposals requiring proof that the requirements could be met within the short timeframe mandated by the government.
CSC based its solution on service-oriented architecture (SOA), which allows global communication between enterprise applications without integrating them at the structural level. CSC partnered with InterSystems, the Massachussetts-based creator of Ensemble integration software, which enhances portal development on data, integration and application servers. CSC ran tests that demonstrated to NICTIZ that the Ensemble platform would provide advantages over conventional technologies in both development time and operating speed.
Service-oriented architecture made easy
CSC used its Catalyst methodology to design and build LSP as a hub that connects to healthcare providers' systems using a series of standard interfaces. Physicians use their own applications — and a Java card that authenticates their identities — to access patient data retrieved by LSP from other applications. Doctors can only see information that patients have previously granted them access to in an authorization profile. In this way, LSP enables a level of accessibility usually found in centralized systems, yet achieves greater security and cost-savings through decentralization.
CSC delivered the SOA network on schedule in 2006, and by April 2008 at least 100 medical systems had joined the LSP pilot program. During this period, NICTIZ launched efforts to enhance LSP. CSC provided the hardware and software for this effort, and assisted in building the test environment. The new LSP features included:
- the use of token authentication in addition to the existing SSL-security
- greater flexibility in using the Java card to authenticate the healthcare provider
- the exchange of pathology records
- the exchange of safety information for prescription medication
- a Web portal for patients, showing them the organizations and locations where their information is kept, as well as a log of what information has been accessed, when and by whom
- new network components that permit load-balancing between data centers
- additional disaster-recovery facilities
With these key improvements in place, CSC designed hardware and software upgrades and started rolling out a scaled-up LSP, able to tackle a rapidly expanding load.