A Service-Oriented Approach to Interoperable and Secure Personal Health Record Systems

Personal health records (PHRs) have received increased attention in the health care industry. PHR systems allow individuals to collect, store, use, and share all or part of their medical records, lab results, medications, and self-entered health information. Today PHRs are provided by a broad array of players, including health care providers, health plans, employers, and technology vendors. Many existing PHR systems are institution-specific and have not been concerned with data interoperability and data protection with other vender systems. The paper reported here seeks to address this challenge by presenting an interoperable and secure service-oriented architecture (SOA) approach. We first analyze interoperability issues for contemporary electronic medical record (EMR) systems and health information exchanges (HIEs). We then present a SOA-based approach for the integration of EHR systems and PHR systems and identify the primary focus areas for interoperable and secure PHR systems. We further discuss functional services of a SOA-based PHR system and present a practical case study that demonstrates how interoperability and data security can be incorporated in a large PHR system. The paper concludes by discussing practical implications and future research in SOA-based PHR systems.