Setting Standards for Improved Syndromic Surveillance

Download PDF
4 downloads 2499 Views 223KB Size Report
Comment
The HIPAA regulations for patient confidentiality and privacy .... HIPAA regulations are weighing heavily in this area in defining ..... nuclear materials safeguards.
© 1998, 2001 ARTVILLE, LLC.

HOMELAND SECURITY

Setting Standards for Improved Syndromic Surveillance The Importance of Using Standard, Distributed Components for Medical Surveillance for Discovering and Managing a Public Health Threat

BY DAVID W. FORSLUND, EDWARD L. JOYCE, TOM BURR, RICHARD PICARD, DOUG WOKOUN, EDITH UMLAND, JUDITH C. BRILLMAN, PHILIP FROMAN, AND FRED KOSTER

apid detection of outbreaks caused by either natural disease or deliberate exposure to bioagents requires immediate response to minimize health and other social costs. Public health departments routinely conduct surveillance of naturally occurring disease within the community, with the aim of early detection and treatment. This routine surveillance is mainly based on diagnoses established by laboratory testing. These efforts can be expensive and have inherent time delays associated with sample testing. The emergence of electronic healthcare data systems has resulted in the ability to monitor health data in near real time presenting a new opportunity to monitor the health status of the community. The potential obstacles to and limitations of syndromic surveillance have been described in detail recently by Buehler et al. [1]. Some of these obstacles involve using data that was intended for billing purposes to be interpreted, possibly erroneously, as a medical diagnosis, as well as barriers to providing electronic data outside of the particular healthcare enterprise. As a result, the available data may not be particularly accurate or consistent from enterprise to enterprise, even with the use of Health Level 7 (HL7) data descriptors. Some of the most useful data may actually be in paper form, which is extremely costly to turn into a form useful for electronic surveillance. Even when the data for syndromic surveillance is based on patient complaints or similar proxies of diagnoses confirmed by laboratory testing, there is inherent imprecision or lack of specificity in the system, in many cases due to the free text nature of the data. In addition, there is substantial normal variation in the number of cases of common conditions that present to healthcare facilities from day to day; this variance may require large increases in the number of cases to meet detection thresholds resulting in low sensitivity. Most syndromic surveillance systems set their thresholds to be as sensitive as possible to minimize the risk of missing important events producing frequent “alarms” which, on investigation, are found to be false alarms. When health data is collected in near real time, events (such as patient visits to a healthcare facility) will be sampled as they are occurring. Over time, the availability of additional

R

IEEE ENGINEERING IN MEDICINE AND BIOLOGY MAGAZINE

data for the event may increase the specificity of the event; for example, the patient’s complaints are refined into a provisional diagnosis. Thus syndromic surveillance systems need mechanisms to automatically update and correct the data over time without causing errors in the number or rate of events. While there are many possible causes for a particular type or category of illness (such as acute respiratory infections), there are many fewer symptoms and discrete clinical observations. Specific infections produce particular combinations of clinical findings in a more or less predictable pattern. Even uncommon or unexpected conditions may be detectable from the pattern of clinical data elements without requiring that a formal diagnosis be reached. Syndromic surveillance systems may be able to use such analyses of clinical data elements in order to greatly increase the specificity of the detected event. Because the system is able to detect a small number of cases of interest in the larger number of superficially similar cases, the sensitivity of the system is increased as well. Clearly, there is a need for data at multiple levels and many locations. Investigations of possible cases and outbreaks must occur locally, and local data must be available as generated to healthcare providers and emergency responders. At the same time, regional, national and international authorities need aggregated data to understand the scope of an outbreak and to assist in the response. Thus, in comparison to a system in which data is sent to a central facility for aggregation and redistributed to local areas, we argue that a distributed system is much more appropriate and resilient to a bioterrorism event. The distributed data system can provide information to local responders for their immediate action and reduce demand on a central system and data unavailability over wide area networks while providing raw data immediately to centralized reviewers. We describe in this article an approach to resolving all of these issues that has had some initial testing in the Biodefense Initiative (BDI) that occurred in Albuquerque, New Mexico, late in 2002 and continuing through May 2003. This flexible architecture used a variety of deployment options for medical surveillance systems, including the ability to integrate environmental data into the surveillance process. 0739-5175/04/$20.00©2004IEEE

JANUARY/FEBRUARY 2004

65

Approach

NEDSS with clinical repositories at local health organizations to the mutual benefit of both. Interoperable standard components can go a long way to enabling this. Fortunately, such components that enable this type of interoperability exist and need to be made more widely available. We also suggest a solution for the problem with obtaining real-time reporting of events that may be augmented over time, as more information becomes available. The fact that the results of an event may be time dependent argues strongly for the federated approach, too, because only the local organization will have the ability to correct the information over time before it becomes completely anonymized at a higher level. The HIPAA regulations for patient confidentiality and privacy may also be involved in this process. Basically, what must be used is a mechanism to link an earlier event with a later event in such a way as to ensure that the events are actually distinct. This does not mean, however, that a patient’s confidentiality has to be violated in the process. Most systems involved have some form of unique identifier for an event that is unrelated to the patient, and which has no meaning outside of the hospital context. The closer to real-time that one seeks to achieve with the surveillance system, the more important this becomes. We discuss below how this was implemented in the context of the BDI initiative in Albuquerque, New Mexico. Current systems developed for syndromic surveillance in bioterrorism and public health arenas utilize chief complaints or provisional discharge diagnoses, but sensitivity to smaller clusters is unknown. It is important to be able to take the raw clinical data (vital signs, symptoms, examination, etc., which may be entered by a variety of means and may, in fact, be part of a local medical record), construct a “provisional diagnosis” from those clinical elements employing an “intelligent” database and non-Bayesian statistics, and provide an array of “clinical signatures” in time and space through a regional data repository. Obviously, data at first medical contact cannot make a real diagnosis, especially for SARS, but the data provides a “clinical signature”’ that is meaningful not for the individual patient but for the cluster of patients in space and time. This data-rich format is likely to be more sensitive than the current approaches to syndromic surveillance, but it must be tested in a variety of situations. Distinctive syndromes such as botulism and toxic shock syndrome are readily detected in small clusters, but UH ED Respiratory Complaints by Day 2002 – 2003 detection of nonspecific syndromes such as SARS is a greater challenge to compare its “cliniUpper Control 90 cal signatures” against the daily background clinBaseline ical signatures. In fact, such a system could be Cases tested with simulations of outbreaks from a variety of sources, but nothing supplants the data 60 from a real outbreak for validating this type of approach. This basically is an extension of the fuzzy classification that is currently used in some syndromic surveillance systems [4] to including the detailed clinical data in the process. 30 A corollary to each of these approaches is to make medical surveillance software open source to enable integration of the best approaches and to make the software as widely available as pos0 sible. This is the approach most recently adopted Jan-02 Apr-02 Jul-02 Oct-02 Jan-03 Apr-03 Jul-03 by the RODS project [4] and, in our opinion, is very important for the widespread usage of medFig. 1. UH ED respiratory complaints by day 2002–2003. ical surveillance systems.

The requirement for availability of syndromic surveillance data locally, regionally, and nationally argues for a common infrastructure that would enable use at all levels of decisionmaking. This argues very strongly for a common data model for syndromic and medical surveillance. The community needs to come together on this as quickly as possible to make the variety of systems that are currently in place as useful as possible. The cost for this transition is not trivial. It is also not clear than any of the various controlled vocabulary systems are sufficient for this application domain. However, we believe that simply having a rigorous, shared vocabulary is not sufficient for electronic medical surveillance. Because of varying local requirements and to assist in local response, local surveillance systems are required. The resulting heterogeneous set of surveillance systems needs to be able to be queried for information about what they are seeing both locally and regionally and beyond. This requires a significant level of interoperability and data integration including a common functional behavior. It doesn’t mean the systems need to be identical but need to have what might be termed a lowest common denominator of behavior. The use of standard components with standard interfaces can go a long way to enabling systems integration but will require adoption of interoperability standards by the community at large. This, in fact, could be the focus of the recent effort to create a common National Health Information Infrastructure (NHII) [3]. Data integration mechanisms are also important to the entire NIH biodefense strategy as well as to the Centers for Disease Control’s (CDC’s) Public Health Information Network (PHIN) and are the core of the CDC’s BioSense effort. It is our belief based on our experience that data integration to the point of knowledge management requires more than message exchanges but additionally requires an agreement on the functional semantics involved, so that an overall system may be viewed as a single entity, if required, or as individual entities. Typically, a form of federated systems enables this type of data integration. More than a common data model is required to provide the requisite interoperability. For example, an issue that has come up in the NEDSS effort is how to interface

66 IEEE ENGINEERING IN MEDICINE AND BIOLOGY MAGAZINE

JANUARY/FEBRUARY 2004

Current systems developed for syndromic surveillance in bioterrorism and public health arenas utilize chief complaints or provisional discharge diagnoses, but sensitivity to smaller clusters is unknown.

Architecture

Having a common methodology for linking systems together is an interesting technical challenge today, primarily because of the rapid technological changes that are occurring within the Internet community. Most of the XML integration efforts that have recently become popular make it easy for a system to advertise its capabilities but doesn’t necessarily provide a standard interoperable environment in which multiple systems can function together as one. However, an object-oriented framework has existed for a number of years that provides a complete communication mechanism for linking heterogeneous systems together. It is the Common Object Request Broker Architecture (or CORBA) of the Object Management Group (OMG). It has been used quite successfully in many large-scale commercially deployed applications for a number of years, and it is language and platform independent and is a completely open standard. In addition, the Healthcare Domain Taskforce (HDTF, a.k.a. CORBAmed) of the OMG [5] has developed computational interface standards so that systems with radically different capabilities can be made to interoperate. These standards have involved developing coarse-grained service-oriented components (such as Terminology Query Service) that define the fundamental computational models used in healthcare. The data formats used in the computational model in the HDTF specifications involve the use of HL7 and (Comite Europeen de Normalisation) CEN data models established separately. The specifications that are relevant here are the Person Identification Service (PIDS) and the Clinical Observation Access Service (COAS), which provide the foundational elements for a medical surveillance and healthcare data repository. These standard services can be linked together with “white pages” and “yellow pages” using the CORBA Naming Service and Trading Service, respectively, so that remote services can be automatically discovered (analogous to, but more complete than, the recent XML UDDI repositories). All of the above services are commercially available from multiple vendors as well as in open source. These standards have complete UML representations and thus are actually essentially independent of the CORBA implementations that are available. The use of the Model Driven Architecture (MDA) approach, in fact, now enables these components to be utilized in multiple technologies, but some additional standardization is still required. All of the services can readily be made available today as Web services with no additional programming through automatic translation facilities [6]. These various services can be assembled in varying ways by different organizations while preserving the interoperability required to support a distributed, virtual medical record as well as a federated IEEE ENGINEERING IN MEDICINE AND BIOLOGY MAGAZINE

medical surveillance system. This approach of providing robust interface specifications emphasizes the importance of the design process and the utilization of powerful middleware to integrate diverse systems together. We should emphasize in the above discussion that a virtual medical record is not simply collecting documents associated with the patient’s medical care. It involves the ability to locate information, organize it from potentially radically different formats, describe relationships between heterogeneous data, and defining the processes for acquiring just the relevant information. This is quite analogous to the semantic Web work now being undertaken by the World Wide Web consortium. One must be able to make sense out of the information (sometimes dynamically), not simply provide piles of data on demand. This has been the underlying concept in the development of powerful computational models of the healthcare process. This currently is being emphasized in what is commonly known today as a service-oriented-architecture [7]. The one major technical challenge for the widespread interoperable use of these HDTF standards is security in which the user is properly authenticated and authorized for data access and management, while preserving the data integrity and patient confidentiality. In the United States, the HIPAA regulations are weighing heavily in this area in defining how information can be exchanged between healthcare providers. Here, too, however, there are some important technical developments that are promising to radically ease the problem. The OMG has been developing ever more interoperable standards in this area, and the Common Security Interoperability Version 2 specification was designed to enable a standard security protocol so that independently functioning systems can provide an interoperable authentication mechanism. Initial implementations of this specification have been available from Adiron Secure System Design, Inc. and are available in Sun’s Java Development Kit version 1.4. In addition, the HDTF of the OMG has developed the Resource Access Decision Service (RAD) that provides finer grained authorization of access to information as required by the healthcare domain and the U.S. HIPAA regulations, in particular. One can use RAD to provide a distributed access control mechanism enforcing a relationship between a patient and a provider as well as whether the particular information requested is allowable for that person to see. Implementations of this specification are also now commercially available. These capabilities can also be made fully accessible in an XML format, if needed. Thus, most of the technical barriers to providing a distributed medical surveillance system as well as a virtual medical JANUARY/FEBRUARY 2004

67

The adoption of functional surveillance standards would facilitate both local management for quick and appropriate response and regional and national knowledge integration for proper threat assessment and response support.

record have been or are being handled by international standards bodies with commercial implementations becoming increasingly available. We need to see the deployment of interoperable systems with a validation of these technical solutions. It should be noted that in the case of the OMG, the specifications are freely available to anyone (without being a member) and can be implemented by anyone with no licensing constraints from the standard itself. Implementation

As part of the Biodefense Initiative Testbed in Albuquerque, New Mexico, we put these concepts to the test. We used the open-source OpenEMed framework [8] that has been developed for healthcare applications based on the OMG specifications mentioned above [5]. Thus, the only real development needed was translation mechanisms at each of the data sources. The data sources included XML data of relevant calls to the regional poison control center, SQL data from the Office of Medical Investigator for deaths related to infectious diseases, CSV (comma delimited file) data from a custom emergency department logging database, HL7 data feeds for laboratory orders relevant to infectious diseases, EMS symptomatic and syndromic data collected within the ambulance on the way to the emergency department (ED), ADT logs of ED and detailed symptomatic data recorded in paper records in some EDs. Integrating this data was a challenge, but it was achieved by creating a broad set of categories, which allowed us to compare the highly disparate data sets. The categories were: Respiratory, GI, Skin, Neurological, Lymphatic, and UDF (for undifferentiated fever). Events were placed in those categories based on a study by the physicians involved. For some of the data streams a number of years of data were available and statistical methods were used to determine how far from norm including seasonal variations where appropriate an event stream was. More details on how all of this was accomplished and the detailed findings and analysis are described elsewhere [9], [10]. An example of the respiratory data from one institution is shown below. The baseline and upper control (two standard deviations) were obtained from eight years of retrospective respiratory data from the participating institution. The B-SAFER (bio-surveillance analysis, feedback, evaluation and response) system was deployed over the Internet with SSL encryption and typically with only a few ports open to a regional repository in the city of Albuquerque. It was deployed on Windows NT, 2000, XP, and Red Hat Linux systems, with clients at each of the source locations and a Dell 4600 running Red Hat Linux 7.2 as the receiving server. The 68 IEEE ENGINEERING IN MEDICINE AND BIOLOGY MAGAZINE

repository itself was maintained behind a firewall so that only those authorized could access the server (indirectly through a protected Web page). MySQL was used as the database and contained approximately 100,000 events received from all the data sources over the course of the project. Systems were provided for the clients where necessary or the clients were run on a local system where this was appropriate. Internal Web servers were made available at several locations for entering and potentially viewing some of the data. At the ED sites, a person identification server was run to create an encrypted identifier that was provided with the clinical data. This identifier could only be decrypted at the providing site by a designated health professional if required by the Department of Health. The clinical data was sent on a regular basis to the COAS server at the central site over a secured CORBA connection. CORBA was used because of the existence of the standards indicated above, because it was already part of the overall system, and because it was highly reliable and mature. The communications could almost as easily been done with XML and Web services, but the security infrastructure was much less mature and the interface standards haven’t been established in that domain yet. In addition, the security could be added with no change in the application or its specifications. The PIDS servers and COAS server were not allowed to communicate with one another as required by HIPAA regulations, all under local IRB control. For much of the deployment we used the Xtradyne Domain Boundary Controller [11] software for managing the transition through the firewall, although that is not needed for the current implementation. A similar product is available from the company for managing XML/SOAP messages, but this wasn’t available at the time of the deployment. All of the servers (and clients) were written in Java and are available as part of the open source OpenEMed project [8] on sourceforge.net. The database schema used in the system closely mirrors the information model in the COAS specification, which facilitates almost any type of data to be acquired and managed by the server without modifying the database schema. The schema support almost arbitrary tagged data similar to that supported by current XML database technology, an example of which has been developed by the Apache Foundation [12]. This flexibility was of great advantage in the deployment of the project, particularly since much of the data has no standard to follow yet. The OpenEMed software license is a FreeBSD style license, which enables any use of the software by anyone. The authors welcome contributions by anyone who would like to help develop a robust distributed information system applicable in healthcare and in the public health arena. Although it can inteJANUARY/FEBRUARY 2004

grate with commercial products, this software can be deployed at no software licensing cost on available hardware without regard to processor or operating system. We believe this system is an excellent example of how to do data integration on complex, real-world data streams of value to public health and to healthcare, in general. The system, in fact, has the ability to provide audit trails separately to each of the participating institutions. In particular, the ability to update an event with new (and presumably more accurate) information was of great value. Upwards of 20% of the events were repeated with new information. For example, we could see a patient in ED who hadn’t been discharged yet, but when they were discharged an update to the record would arrive with their discharge disposition recorded. This would allow for an update of the record to more accurately determine what was happening. We could also provide an audit back to the participating institution, if desired, showing them how the patient was proceeding through the ED. This was not otherwise available to the local ED because they had no explicit internal audit mechanism. The system enabled participants to login to a secured Web site to see aggregate data from the participants as well as their own data. Various time series and statistical analysis techniques were provided for detecting anomalous events, and subsets of the data were made available for separate bulk download for further analysis. We did not explicitly evaluate the federation capabilities of the architecture in this test, but the design including qualified codes from the institutions did enable the tracking of data from the multiple sources. HIPAA regulations prevented us from linking records in one institution with another, but the system has the capability of providing a longitudinal record across the multiple institutions if appropriate HIPAA consent was granted. Portions of this architecture have been designed with federation in mind [13]. In addition, the system provided the local epidemiologist with the ability to drill down to individual events to better determine the character of the event if desired. This ability to rapidly locate the individual events could substantially improve follow up by public health departments, enable the discrimination of events to determine the appropriate response, and to integrate with other data sources such as the federal BioWatch program [14]. Because the components used are standard components designed to be used in a distributed medical record system, this architectural approach has the capability to be readily extended to a community-wide patient health record spanning healthcare organizations and heterogeneous systems. Thus its use can extend far beyond medical surveillance, if patient consent would be obtained, enabling the patient to see their medical record across multiple organizations. It also could facilitate a public health department to manage cases of reportable diseases. As part of the project we developed the ability to do differential diagnosis on the data feeds that had much more detailed symptomatic information. This has been a large effort, obtaining detailed data on 250 syndromes (infectious and toxicologic) and 110 symptoms and symptom pairs as to the probability of each symptom in a syndrome. Resources did not allow us to evaluate the capabilities of this differential diagnosis system (known as CADDY), but we look forward to more detailed studies and evaluation. It has been tested fairly extensively with tests cases from the literature, but it needs to be studied with high volumes of IEEE ENGINEERING IN MEDICINE AND BIOLOGY MAGAZINE

real symptomatic data. Because of the work with the local ambulance organization in Albuquerque, New Mexico, collected about 50 symptoms in the ambulance on the way to the ED, we anticipate that such a test is quite feasible. The importance of this may be noted by the observation of the BioWatch system in Houston, which recently detected fragments of the bacteria that causes tularemia [15] but was not in a position to look for the symptoms systematically in the local hospitals. The ability of the differential diagnosis system to indicate an increased probability of a disease outbreak based on partial symptomatic data could go a long way to helping in the detection process. Conclusions

We have demonstrated the value of standardized components in medical surveillance as well as the value of a federated approach to syndromic surveillance, so that data can be viewed and managed at local, regional, national, and even global levels. The local management is very important because of the potential loss of large-scale network infrastructure that might occur due to regional power outages, etc. Local organizations need to be able to collect, evaluate, and act on biothreats without having to rely on external organizations, but with the ability to share data and work with external organizations at the same time. We have described a open, standard architecture that has proven effective in medical surveillance and is easily replicated at low cost in many locations, because the code is open source and relies on low-cost (or zero cost) software for deployment. We have also outlined an important differential diagnosis enhancement to syndromic surveillance that may greatly increase the sensitivity and selectivity of the surveillance process. We strongly urge collaboration and standardization where appropriate of syndromic and medical surveillance systems at both the data and functional level so that we might be able to have a fault-tolerant, scalable syndromic surveillance system for public health throughout the nation. Using interoperable standards, such a system could be extended to additional uses to assist in the improvement of the management of healthcare nationwide. David W. Forslund has a Ph.D. from Princeton University and is a Fellow of the American Physical Society and a Laboratory Fellow at Los Alamos National Laboratory for over 20 years. He has done research in space plasmas, fusion plasmas, massively parallel computing, high-performance computing, distributed computing, computer security, collaboration technologies, knowledge management, and healthcare information architectures. He has led important projects, designed information systems, and built and deployed complex secure systems in a wide variety of application areas. Edward L. Joyce Jr. is a technical staff member (deputy group leader) in the Decision Applications Division. His expertise includes chemical and materials process engineering. He received his Ph.D. from Carnegie Mellon University in metallurgical engineering and materials science (with a minor in chemical engineering) in 1985. Ed has given 30 invited talks at national and international venues and has published 29 peer-reviewed journal articles. Additionally, he is a member of the following professional JANUARY/FEBRUARY 2004

69

societies: the Minerals, Metals, and Materials Society of the AIME, the American Society for Metals, the American Institute of Chemical Engineers, the Sigma Xi, International Research Honorary Society. Additionally, he acts as a key reader for Metallurgical Transactions B Chemical and Process Metallurgy. Tom Burr received a Ph.D. in statistics from Florida State University in 1992 and then joined Los Alamos National Laboratory. Since then Tom has worked mainly in the broad areas of multivariate analysis, especially multivariate time series, pattern recognition, and clustering. Specific interests include multivariate time series that arise in monitoring nuclear facilities, bayesian methods for combining data, genetic data analysis, and pattern recognition applied to variety of applications. Richard Picard has a Ph.D. in Statistics from the University of Minnesota. In addition to his work at Los Alamos National Laboratory on biosurveillance, he has published extensively on adaptive Monte Carlo simulation techniques, cross-validation, arms control/verification, and sequential near-real-time monitoring methods for nuclear materials safeguards. His longstanding outside activity is tennis, most recently having won senior men's singles titles at the Arizona Open (2000, 2003) and the New Mexico State Championships (1996, 1999, 2003).

Alamos National Labs, Sandia National Labs, and the new Mexcio Department of Health. She was the medical Director for B-SAFER. Philip Froman is a board certified emergency physician by training but has shifted his career to full-time emergency medical services (EMS) consulting and research. He does EMS medical direction for the Albuquerque Ambulance Service and several county fire departments in New Mexico. He also does EMS consulting for the New Mexico EMS Bureau and Los Alamos National Labs. He is currently the principle investigator on a biosurveillance project titled Emergency Department and Pre-Hospital Surveillance and Analysis. Fred Koster has retired from a 30-year career in infectious disease consultation and academic medicine at the University of New Mexico to work as an associate scientist at the Lovelace Respiratory Research Institute in vaccine and therapeutics development for bioterrorism select agent pathogens. He has an interest in developing computational systems for early presumptive diagnosis of acute infections. Address for Correspondence: David W. Forslund, Computer and Computational Sciences, Los Alamos National Laboratory, Los Alamos, NM 87545 USA. Tel.: +1 505 663 5218. Fax: +1 505 663 5225. E-mail: [email protected]. Web: http://www.acl.lanl.gov/~dwf. References

Doug Wokoun is a Java software engineer for the OpenEMed project. Before coming to LANL, he developed enterprise applications for five years for companies in the manufacturing, telecommunications, and medical industries. At LANL, he has worked on projects covering network security, biosurveillance, nuclear chemistry, and high-performance computing. He holds a bachelor of science in computer engineering from Case Western Reserve University. Edith Umland received medical postgraduate training in pediatrics, clinical pathology, and medical microbiology. She has been a general practitioner and academic clinical pathologist specializing in medical microbiology, public health laboratory manager, and public health medical epidemiologist. For the work reported here, she was appointed to the research faculty of the University of New Mexico Health Sciences Center in the Department of Emergency Medicine under a contract from the Office of Epidemiology, New Mexico Department of Health. She is interested in comprehensive surveillance systems and emergency preparedness for public health agencies. Judith C. Brillman is an associate professor at the University of New Mexico in emergency medicine. She is an expert in bioterrorism surveillance, infectious diseases, and triage. She has actively worked in the bioterrorism field since 1999. In this area, she has worked with the Defense Advanced Research Projects Agency, Los

70 IEEE ENGINEERING IN MEDICINE AND BIOLOGY MAGAZINE

[1] J.W. Buehler, R.L. Berkelman, D.M. Hartley, and C.J. Peters, “Syndromic surveillance and bioterrorism-related epidemics,” Emerging Infections Diseases, vol. 9, no. 10, pp. 1197–1204, 2003. [2] D.W. Forslund and D.G. Kilman, “The impact of the global, extensible electronic health record,” in Managing Healthcare Information Systems with WebEnabled Technologies, Lauren Eder Ed. Idea Group Publishing, 2000. [3] “Developing a National Action Agenda for NHII, July 2003 [Online]. Available: http://nhii-03.s-3.net [4] J.U. Espino, M.M. Wagner, F-C. Tsui, H-D. Su, R.T. Olszewski, Z. Liu, W. Chapman, X. Zeng, L. Ma, Z.W. Lu, and J. Dara, “The RODS open source project: Removing a barrier to syndromic surveillance,” Medinfo 2004, submitted for publication. [5] The Healthcare Domain Taskforce of the Object Management Group, specifications accessed at http://healthcare.omg.org, November 2003. [6] CapeClear software. Available: http://www.capeclear.com [7] Definition of Service-oriented-architecture. Available: http://www.servicearchitecture.com/web-services/articles/service-oriented_architecture_soa_definition.html [8] OpenEMed software. Available: http://OpenEMed.org at the time of this publication, November, 2003. [9] D. Forslund, E. Umland, J.C. Brillman, E. Joyce, P. Froman, T. Burr, S.L. Judd, R. Picard, D. Wokoun, M. Joner, and M. Sewell, “Results from fielding of the bio-surveillance analysis, feedback, evaluation and response (B-SAFER) system in Albuquerque, New Mexico,” in Proc. Amer. Medical Informatics Assoc. Symp., 2003, p. 842. [10] E.T. Umland, J.C. Brillman, F. Koster, E.L. Joyce, D.W. Forslund, R.R. Picard, T. Burr, C.M. Sewell, S. Castle, and K. Bersell, “Fielding the bio-surveillance analysis, feedback, evaluation and response (B-SAFER) system,” in Proc. BTR 2003, Albuquerque, NM, Mar. 19-21, 2003, pp. 185–190. [11] Xtradyne Corporation I-DBC Domain Boundary Controller: IIOP Firewall. Available: http://www.xtradyne.de/products/i-dbc/i-dbc.htm [12] Xindice. Available; http://xml.apache.org/xindice/ [13] D.W. Forslund, R.K. Smith, and T.C. Culpepper, “Federation of the person identification service between enterprises,” in Proc. Fall Symp. of the American Medical Informatics Association, 2000. [14] Hearing on public health surveillance systems before the Subcommittee on National Security, Emerging Threats and International Relations. Available: http://reform.house.gov/UploadedFiles/Briefing M.pdf [15] R. Roos, “Signs of tularemia agent detected in Houston air,” CIDRAP News Report. Available: http://www.cidrap.umn.edu/cidrap/content/bt/tularemia/news/ oct1003biowatch.html

JANUARY/FEBRUARY 2004