Proposing Telecardiology Services on Cloud for Different Medical Institutions: A Model of Reference

Abstract

Introduction:

For a cloud-based telecardiology solution to be established in any scenario, it is necessary to ensure optimum levels of security, as patient's data will not be in the same place from where access is gained. The main objective of this article is to present a secure, cloud-based solution for a telecardiology service in different scenarios: a hospital, a health center in a city, and a group of health centers in a rural area.

Methods:

iCanCloud software is used to simulate the scenarios. The first scenario will be a city hospital with over 220,000 patients at its emergency services, and ∼1 million outpatient consultations. For the health center in a city, it serves ∼107,000 medical consultations and 16,700 pediatric consultations/year. In the last scenario, a group of health centers in a rural area serve an average 437.08 consultations/month and around 15.6 a day.

Results:

Each one of the solutions proposed shares common features including the following: secure authentication through smart cards, the use of StorageGRID technology, and load balancers. For all cases, the cloud is private and the estimated price of the solution would cost around 450 €/month.

Conclusions:

Thanks to the research conducted in this work, it has been possible to provide an adapted solution in the form of a telecardiology service for a hospital, city health center, and rural health centers that offer security, privacy, and robustness, and is also optimum for a large number of cloud requests.

Introduction

The possibility of virtualizing resources on a cloud will provide health staff with sufficient mobility and accessibility to be able to consult any data they may need with transparency and without the need to worry about its physical location, thus enabling staff to perform tasks as they see fit with the information they require at any time.^1

–4 Given that the data will not physically be in the same location, special care needs to be taken with the way of requesting such services, ensuring optimum levels in the specific case being described in this study, in which security and privacy are essential factors.⁵

One of the essential factors that needs to be dealt with is storage, as a large amount of patient's health records will be stored on the cloud, and in addition, depending on which scenario, images will also be stored that may be of use in certain diagnoses made by health specialists' patient treatment.^6
–8 The storage systems on the cloud are among the most successful applications. One needs to take into account the area of storage systems on the cloud, the different types, systems and security copy software, and use of shared files, as well as taking into consideration the fact that it is used to ensure that cloud-based storage systems interact.^9
–11 The features that define a cloud-based storage system include frequent Web access through a browser, supply according to demand, user control, and often, adherence to open standards, insofar as storage on the cloud may be neutral in terms of operative and file systems.^4,6
–8 Therefore, any cloud-based storage solution must comply with authentication when starting a session, high encoding (at least 128 bits) of data transfer from end-to-end, at least regarding data that are transferred through the Internet, and data compression without loss so as to improve performance.^2,11
–13

Combining cloud computing with e-health will provide us with a virtual view of resources, making them accessible without needing to worry about the geographic location or physical space they may occupy. The main objective should therefore be to provide security solutions for a cloud computing-based solution for e-health, including telecardiology.

Fernández-Cardeñosa et al. proposed two examples of cloud-based solutions for Electronic Health Records (EHRs).¹⁴ Rodrigues et al. analyzed the security requirements of EHR solutions on the cloud.¹⁵ The authors of this research proposed different secure and robust cloud-based solutions for equipping a set of rural health centers near Valladolid, Spain, with e-health services such as EHRs, telecardiology, teleconsultation, and telediagnosis.¹⁶ This article proposes secure cloud-based solutions for a telecardiology service in different scenarios. These scenarios are a city hospital, a city health center, and a group of health centers in a rural area. The theoretical solutions may prove useful for establishing future situations, meaning that the contribution made by this work is very important in helping to consolidate secure cloud-based solutions in the field of e-health. The points that will be covered in this article are, initially, a description of the scenarios being proposed and then the secure solutions proposed for each scenario will be shown, together with the relevant explanation. Finally, the conclusions drawn from the work will be provided.

Methods

The scenarios will be analyzed separately in this section, given that, depending where we happen to be, we will need to take into account the type of storage system we will be using, what we will need according to each e-health application, the infrastructure to be used together with security and privacy policies and systems, the volume of patients to be attended to, and the staff at each center and their knowledge in information technologies. In addition to the geographic location where the project is being set in motion, the functions that each e-health application may provide according to the infrastructure we are using must be taken into consideration. iCanCloud software will be used to carry out the simulations within the different scenarios, which provide a type of modeled physical structure with which the user is able to work.^16,17

Different factors such as technical problems deemed to be outside the scope of this project will not be taken into consideration, as the project is not geared toward dealing with unrelated infrastructure-related problems. A series of conditions will be considered viable to ensure that the project is successful and a possible theoretical solution can be provided within the different frameworks that are going to be taken into consideration. Data from each center will be estimated and/or approximated in comparison to different situations that will be referenced in an attempt to show solutions that are as realistic as possible in terms of the theoretical margin proposed for each scenario. Therefore, the scenarios in which a theoretical cloud computing solution is to be considered in terms of privacy and security for a telecardiology application will be a hospital, a health center within the city, and health centers in a rural situation.

Hospital

A solution will be provided for each e-health application proposed within the hospital framework. This will be assumed to be a city hospital, that is, a large infrastructure. To get an idea about the framework within which we need to use the infrastructure, in 2009 Hospital Universitario la Paz, Spain, serves over 50,500 people at its facilities, over 220,000 patients at its emergency services, and about 1 million outpatient consultations–some of them complex such as the case of transplants carried out at the hospital. To deal with this volume of activity, Hospital La Paz employs a team of nearly 7,000 professionals over a 180,000 square meter area, and also has all the equipment and technology at its disposal required for such purpose. It is therefore a very large infrastructure for this scenario, but one which helps us to get an idea of the volume of patients and, therefore, data and infrastructure that would be needed to lend support to the different cloud-based e-health applications.

City Health Center

Although a health center in this milieu does not handle similar numbers to that of a city hospital, it may be of about 2,500 square meters and serve around 40,000 inhabitants. A good example of this is the Ciudad Jardín Health Center (Córdoba, Spain), which has 26 surgeries for doctors and nurses, 8 for pediatric consultations, 1 multipurpose, several rooms (for extractions and treatment, dentistry, minor surgery, and health education), and large service and administrative areas. It employs 13 GPs, 3 pediatricians, 11 nurses, 1 social worker, and 1 dental surgeon, as well as the technological team. The Government Delegate for Health, María Isabel Baena, Spain, estimated that they attend to around 107,000 medical consultations and 16,700 pediatric consultations, from where we obtain an estimate of the number of EHRs that could be dealt with at the center.

Rural Health Centers

These are health centers that offer basic care to different rural areas, with more serious cases or those that require specialist care being referred to the nearest hospital. By way of an example, in a rural health center in a rural region (province of Valladolid, Spain), 5,677 patients were attended to with an average 437.08 a month and around 15.6 a day. Attention should also be drawn to the fact that most cases, 93%, were dealt with at the health center itself, whereas 6.8% were referred to the hospital owing to problems of differing seriousness, as they were not able to be attended to at the rural health center. This example is an area of around 8,560 inhabitants attended to by the physical presence of one doctor and one nurse, and it should also be taken into account that these centers provide coverage to small nearby villages, whereby the flow of patients is variable and cannot be estimated accurately.

Results

Secure Authentication for all Solutions

All the solutions must be properly authenticated irrespective of the scenario. This is an essential, indisputable factor that needs to be taken into account, as otherwise, data may be used by persons who are unauthorized to do so, which could entail loss of information or fraudulent use.

The computer or computers located in the rooms where health staff works are equipped with a Card Acceptance Device (CAD), which is a smartcard reading device of which the client part of the system will take charge. This is sufficient for a Java Virtual Machine (JVM) and an Open Card Framework (OCF) bookstore. A smartcard's Open Card Framework or OCF is merely a type of middleware implemented in Java that enables an application to be made aware of the presence of the card and be able to interact with it in accordance with the ISO/IEC 7816-4, −8, and −9 standard.^18,19

Figure 1 shows the Remote Method Invocation (RMI) server part, which in this case will be the load balancer and application server when the former is implemented on the cloud. Secure authentication of the data stored on the cloud is obtained and its privacy is assured, as this is extremely sensitive, bearing in mind it contains data about patients' health. When a client wishes to update information about a patient on the clinical data base, they call the suitable remote object methods with the data in encrypted and signed format. The data are sent to the RMI server thread through the RMI channel on Transmission Control Protocol/Internet Protocol (TCP/IP) with parameter marshalling. The thread then prepares the data and sends it to the remote object. All the control and connection operations of the data base are abstracted to the clients, in this case to the relevant doctors. The remote controls in RMI servers comply with such operations on behalf of clients and the Model View Controller (MVC) layer of the system's architecture.

Fig. 1.

RMI server part.

Telecardiology Service at a Hospital

A Wide Area Network (WAN) will be required for this telecardiology service at a hospital, authentication will be made secure through smartcards, and storage will involve the same infrastructure and file system. This also applies to access and the StorageGRID technology that is required to administer the data.

Figure 2 below shows graphically how StorageGRID works. StorageGRID is a type of virtualization software that can be used on the data base server, and whose purpose is to create a type of virtualization that combines storage of different storage devices in a single administrative system. StorageGRID is able to administer data from Network File System (NFS) and Common Internet File System (CIFS) on Hypertext Transfer Protocol (http) networks. This is very useful as we can interact with NFS and CIFS with Storage Area Network (SAN) file Systems that will be a New Technology File System (NTFS) to enable the data base to be treated as BLOB objects, as explained previously.

Fig. 2.

Cloud storage system with tolerance to errors. ByCast StorageGRID.

In Figure 3, the diagram showing implementation of cloud computing technology for a telecardiology e-health application within the environment of a city hospital can be seen. Attention should be drawn in Figure 3 to the use of a new WAN infrastructure that is connected to electronic tools available for such purpose. A new proxy/firewall server has been installed, whose function is described below. Moreover, files are created on a local level and then transmitted on the cloud. Thus, the specialist or house doctor may access these data from any location, provided they have a connection available to do so.

Fig. 3.

Diagram of the cloud-based infrastructure for full implementation of telecardiology at a hospital.

The cardiologist's tools are available from any section within the browser and, furthermore, bearing in mind this configuration can be scaled, the scanning service may be expanded to other sites and result in a new capacity for handling additional work loads. If a decision is made to convert the cardiologist's images into a different format, this can be done from a central location, whereby it will be necessary to pass from equipment to equipment connected to individual scanning systems.

Telecardiology Services at a City Health Center

Secure authentication will be assured through smartcards, using StorageGRID technology. The data base and Web servers perform the same tasks together with the agent, and there must be communication with the hospital to obtain telecardiology support. A cloud-based cardiology connection infrastructure is required at the nearest hospital to provide telecardiology support at the city health center.

In the diagram shown in Figure 4 is a theoretical solution to the telecardiology service that is fully implemented on the cloud. With this solution, it is possible for the doctor to be authenticated in the cloud-based system from the city health center through their smartcard, whereby they will gain secure access to the data base of the patient who is being treated at that time. Given that there is no telecardiology service at a health center, it is necessary to show a scenario in which the cardiologist can communicate with the GP at the city health center. The specialist has access to the data on the cloud on which they are interacting with the GP at the health center. With this solution, the doctor can communicate securely at an optimum level. The latter will then process and register it on the data base and show it on the Web server on the side of the doctor located at the city health center.

Fig. 4.

Diagram of the cloud-based infrastructure for full implementation of telecardiology at a city health center.

Telecardiology Service at Rural Health Centers

As in the previous cases, there are common features in terms of secure authentication through smartcards and the use of StorageGRID technology. The data base and Web servers perform the same tasks together with the agent, and the load balancers will remain essential for this solution. There must be direct communication with the hospital through WAN to obtain telecardiology support. Bearing in mind we are referring to a rural milieu, this is essential as the rural health center itself does not provide this service. A new LAN infrastructure enables support for electrocardiograms, echocardiograms, Holters, angliocardiographies, and all electronic instruments deemed necessary for diagnoses in cardiology to be provided, in terms of communication with the hospital. This solution was previously proposed in.¹⁶

The local image can be created by the cardiologist's electronic tools at the hospital, so that it may be subsequently uploaded onto the cloud. Once the applications server has finished processing the image, it then records it on the data base and returns the result to the Web server so that the specialist or GP may display the result and take any decisions as they see fit. In terms of security, the scenario is similar to that of the previous one, both the secure information channels via firewalls and the use of the proxy/Web agent with the respective encoding keys, and the BLOB+SAN (RAID 0 + 1) file systems with backup copy and administered using StorageGRID.

No further infrastructure is required other than that with which each health Center or hospital should be equipped, namely the possibility to upload data onto the Internet. A type of private cloud is proposed in all scenarios, and the estimated cost is similar in all cases if we assume that the same Internet speed will be available (theoretically 1 Gbps), with approximate costs of €450/month.¹⁶ By way of a summary, Table 1 shows the most significant features of the solutions proposed for the three scenarios analyzed previously.

Table 1.

Summary of Solutions for Each Scenario

SCENARIO	NUMBER OF HARDWARE ELEMENTS REQUIRED FOR A SECURE CLOUD-BASED SOLUTION	ELEMENTS REQUIRED TO ENSURE SECURITY	SUITABLE CONNECTION SPEED	TYPE OF CLOUD	MONTHLY PRICE OF THE SOLUTION (€/MONTH)
Hospital	7	Smartcards	From 1 Gbps	Private	450
		StorageGRID technology
		Load balancer
		Firewall
		2 Web/Proxy servers
Health center in urban area	9	Smartcards	From 1 Gbps	Private	450
		StorageGRID technology
		Load balancer
		2 Web/Proxy servers
Health center in rural areas	10	Smartcards	From 1 Gbps	Private	450
		StorageGRID technology
		2 load balancers
		2 Web/Proxy servers

Discussion and Conclusions

Many clinics, hospitals, and health centers in general are becoming jammed by the growing amount of information they need to process and administer. What is being sought in this study is to devote more attention to patients by automating the recording, administering, and consultation of information about health records.

The use of cloud computing technology together with e-health applications constitutes a major step forward both in terms of the quality of treatment provided to patients and the work carried out by healthcare staff. Cloud computing technology has been researched in this work to ascertain whether secure solutions for cloud-based telecardiology e-health applications can be provided through the cloud, what infrastructure would be viable for this proposal, and whether it could be implemented while ensuring the protection of patients' sensitive data. It has proved possible to centralize information on the cloud by offering facilities that improve use of the system in both a fast and simple way, resulting in better treatment for the patient, above all in environments that lack certain medical services such as health centers.

The use of this cloud-based computing technology alongside the smartcard system being proposed for authentication of doctors helps healthcare centers to electronically administer all health data about patients, enabling the former to reliably update and modify such data. This means that privacy, security, and robustness in an extremely sensitive data system are assured.

Any authorized staff, doctor, or health professional may access the services provided by the different e-health applications at any time and from any location in the different scenarios being put forward, taking into account the privileges they enjoy regarding the cloud-based system by using their smartcard to access the data.

Controlling access to the system, the use of firewalls configured with IP failover, the greatly enhanced security offered by the use of encoding keys through the Proxy, and the agent and storage system being proposed, increase the privacy and security of all communication from beginning to end. Moreover, they ensure the robustness of the data. These mechanisms enable secure copies to be created on independent physical media within the cloud as a backup server.

A series of considerations should be taken into account, which refer to the limitations of the proposed model. Any control over access, generation of passwords, and administering or storage of deficient data may give rise to loss of data with harmful consequences, and may also lack a suitable policy for destruction of data. Special consideration should be given to providing some system for information backup and backup copies.

The providers of the service may carry out a control of personnel and their data protection policies, in addition to arranging for security audits to be conducted by bodies outsourced by these firms to ensure required compliance with the guidelines governing security of information. Nonetheless, this is not sufficient, as firms need supplier assessments and strict control to filter access by personnel to data that said supplier is in charge of storing.

Authentication measures need to be established beyond cloud computing, as the technology does not provide certain security in that aspect and so this needs to be guaranteed by other mechanisms beyond the scope of said technology, such as identity cards, biometrics, or different mechanisms for ensuring identity and presence.

Following a review of the literature on telecardiology systems on the cloud, it has been noted that there are not many publications on the subject available and they tend to focus less on matters of data and image security. Costa and Oliveira developed a plug-and-play telecardiology service,²⁰ in which they validated the solution in some real environments with optimum results. In our case, the proposed model in the three scenarios, hospital, city health centers, and health centers in rural areas, might serve as a complement to the work carried out by these authors.

Hsieh and Hsu created a 12-lead ECG telemedicine cloud service, which enables interhospital 12-lead ECG reports to be delivered ubiquitously through different cell phones.²¹ They tried it out in rural and urban areas on a research level and used the Windows Azure platform. In terms of the costs of using the platform, the results obtained from this research amounted to USD $9.99 per GB per month. One of the differences with our study is that this solution does not require so much in terms of security and privacy, and focuses mainly on sending ECG reports.

Thanks to the research carried out in this article into cloud computing technology, together with other technologies required to provide the system with excellent authentication. An adapted and secure solution has been created for a telecardiology service at a hospital and city and rural health centers. This solution offers privacy and robustness, while also being optimum for a large number of cloud-based requests. This model can be adapted for other healthcare institutions, centers, or hospitals with similar characteristics.

Footnotes

Acknowledgments

This research has been partially supported by Ministerio de Economía y Competitividad, Spain, by the Instituto de Telecomunicações, Next Generation Networks and Applications Group (NetGNA), Portugal, by National Funding from the FCT—Fundação para a Ciência e a Tecnologia through the UID/EEA/500008/2013 project, by the Government of the Russian Federation, Grant 074-U01, and by Finep, with resources from Funttel, Grant No. 01.14.0231.00, under the Radiocommunication Reference Center (Centro de Referência em Radiocomunicações –CRR) project of the National Institute of Telecommunications (Instituto Nacional de Telecomunicações - Inatel), Brazil.

Disclosure Statement

No competing financial interests exist.

References

Cloud Computing, CSA (Cloud Security Alliance). Available at: www.cloudsecurityalliance.org (last accessed October 20, 2016 ).

Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration, Jericho Forum; Version 1.0, April 2009. Available at: https://collaboration.opengroup.org/jericho/cloud_cube_model_v1.0.pdf (last accessed October 20, 2016 ).

Sarathy

, et al. Next generation cloud computing architecture—Enabling real-time dynamism for shared distributed physical infrastructure. In: Mikkilinemi

, Narayan

, Sarathy

. eds. 19th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE’10), Larissa, Greece, 2010; 48–53.

Rochwerger

, et al. The RESERVOIR model and architecture for open federated cloud computing. IBM J Res Dev, 2009; 5:1–11.

SUN Microsystems. Introduction to cloud computing architecture, White Paper, 1st ed. Santa Clara, CA: Sun Microsystems Inc., 2009.

McConnell

, Steed

, Tichenor

, Hannon

. Interactive telecardiology for the evaluation of heart murmurs in children. Telemed J, 1999; 5:157–161.

, Newmark

, et al. Electronic health records in specialty care: A Time-Motion Study. JAMIA, 2007; 14:609–615.

Cloutier

, Finley

. Telepediatric cardiology practice in Canada. Telemed J E Health, 2004; 10:33–37.

Margan

, Rustemovic

, Loncaric

. Virtual policlinics—Consultation health care system for rural areas and islands. Acta Med Croatica, 2005; 59:160–178.

10.

Tunali

, Yildirim

, Dalbasti

. The use of smartcards in health care. Hermes Project Workshop, 2002; 1–6.

11.

Hansmann

, Nicklous

, Schack

, Seliger

. Smart card application development using Java. Berlin, Germany: Springer, 2000.

12.

Church

, Goscinski

, Lefèvre

. Exposing HPC and sequential applications as services through the development and deployment of a SaaS cloud. Future Gener Comp Sy, 2015; 43:24–37.

13.

Anselmi

, Ardagna

, Passacantando

. Generalized Nash equilibria for SaaS/PaaS Clouds. Eur J Oper Res, 2014; 236:326–339.

14.

Fernández-Cardeñosa

, De la Torre-Díez

, López-Coronado

, Rodrigues

JJPC

. Analysis of cloud-based solutions on EHRs systems in different scenarios. J Med Syst, 2012; 36:3777–3782.

15.

Rodrigues

, De la Torre

, Fernández

, López-Coronado

. Analysis of the security and privacy requirements of cloud-based EHR systems. J Med Internet Res, 2013; 15:e186.

16.

De la Torre

, López-Coronado

, García-Zapirain

, Méndez-Zorilla

. Secure cloud-based solutions for different E-health services in Spanish Rural Health Centres. J Med Internet Res, 2015; 17:e157.

17.

Núñez

, Vázquez-Poletti

, Caminero

, Castañé, Carretero

, Llorente

. iCanCloud: A flexible and scalable cloud infrastructure simulator. J Grid Comput, 2012; 10:185–209.

18.

OpenCard Framework. Available at: www.openscdp.org/ocf (last accessed October 20, 2016 ).

19.

Rankl

, Effing

. Smartcard handbook, 2nd ed. West Sussex, England: John Wiley & Sons, 2000.

20.

Costa

, Oliveira

. Telecardiology through ubiquitous Internet services. Int J Med Inform, 2012; 81:612–621.

21.

Hsieh

, Hsu

. A cloud computing based 12-lead ECG telemedicine service. BMC Med Inform Decis Mak, 2012; 12:77.