King Saud bin Abdulaziz University for Health Sciences
College of Public Health and Health Informatics
Department of Health Informatics
HINF 512: Application of Healthcare Information Systems
1. What are the technologies to support end of life care.
Hospice and Palliative Care.
Hospice is a type of palliative care. Hospice is used for patients who are either not being helped by active treatment or for whom the no benefits from their treatment. hospice care coverage is only for patients who are terminally ill expected to live less 6 months. Patients in hospice must stop all treatments meant to cure their illness.
While Palliative care is a form of medical care that helps patients feel relief from the pain, symptoms, and emotional distress caused by a serious illness or its treatment.
Palliative care can be used during treatments meant to cure.
• Telehealth applications
• Web-based patient education that allows patients to access information related to their condition.
• Mobile devices.
• GPS locate the patients when they are away from home in case of emergency
• Monitoring tools like measure glucose, blood pressure, heart rate, and other vital measurements
2. MOH launches the national single sign-on service via its portal.
In continuation of its efforts to improve its electronic services, the Ministry of Health (MOH) has recently launched a new e-service that is to be added to its other services, set for the citizens and residents’ convenience, enabling them access to all e-services via the MOH’s portal.
This service allows users access to the MOH’s e-services via the National Single Sign-on (SSO) Service, by means of using the same username and password used for the website of (Absher), along with the possibility of traditional sign on.
What is the SSO? Advantages? and types?
Single-Sign-On is a process of user-authentication which is permit the user signs in to one name to multiple applications or websites.
1- Saving time
2- Reduces It support costs
3- Easy access
4- Reduce the chance of forgetting password
5- Effective compliance
1- Data confusion
2- Lacking of back up (one time password token)
3- If the SSO goes away, the user would lose access to all sites.
4- when the SSO account is hacked, all under that authentication are hacked also
· Password Synchronization
· Legacy SSO (Employee/Enterprise SSO)
1- Script based
2- Application wizard based
· Web Access Management (WAM)
· Cross Domain (realm) SSO
· Federated SSO
3. Please read the proposed policy for HIE in Saudi Arabia. What do you think of that policy? Issues around having HIE in Saudi? Business model?
These policies described the security and privacy requirement for implementing the Saudi health exchange and defined permissible uses to who have access. They have covered the following topics:
· Saudi Health Information Exchange Authentication Policy
· Saudi Health Information Exchange Consent and Access Control Policy
· Saudi Health Information Exchange Information Security Policy
· Saudi Health Information Exchange Identity Management Policy
· Saudi Health Information Exchange Audit Policy
· Saudi Health Information Exchange Purpose of Use Policy
· Saudi Health Information Exchange Breach Notification Policy
· Saudi Health Information Exchange Subject of Care Rights Policy
· Saudi Health Information Exchange Secondary Use Policy
Issues and challenges
· Authorization difficulty
· Disorganized procurement strategy
· Planning phase had not been explained to health care organization
· Technical challenges and difficult to find qualified specialist
· Privacy and confidentiality challenges by use biometric technology in hospital registration to help to protect the identify of female patient and use thumbprint verification instead of ID photo.
1- Centralized Model (regional) is responsible for the following core services:
• Administrative and clinical data exchange
• electronic Prescribing
• History of medication
• lab results
• Computerized Physician Order Entry (CPOE)
2- Decentralized model no core services, but is responsible for policy creation, it act as facilitator
Consistent database (multiple independent enterprises allow to share and connect information managed centrally but with independent repositories)
Inconsistent database (multiple independent enterprises allow to share and connect information in point to point manner)
3- Switch is multiple independent enterprises that enable exchange information unilateral agreement to exchange data. (eprescribing)
4- Patient managed services enable the patients’ direct exchange their own data. (e.g. PHR)
5- Hybrid Model combines characteristics of any models, It provide below services:
• Master patient index (MPI)
• Provider registry
• Identity services for patient and provider
• Record services
• Management of consent
• Auditing services
formulation a national staff for electronic health information management which sharing the plans, legislating, improving electronic health infrastructure and interoperability, applying electronic health policy to all organizations, creating data governance; measuring organizational readiness and raising professional awareness.