Embed Size (px)
Citation preview
COMPUTERS IN HEALTH-CARE INFORMATICS – Smart Card Applications in Telemedicine by
Dr. A. MukherjiEmeritus Professor, Dept. of Electrical Engineering, Academy of Technology
Synopsis
Much has been written and discussed in this country about the effect of Telemedicine in Health-Care Delivery, especially over the last two years, and many protocols and projects identified in the process. In the meanwhile, there has been a paradigm shift, with Medical Diagnoses being more and more outsourced from Western countries to India rather than the other way around. The wheel of Medical Informatics, it seems, has turned a full circle-and the remorseless process of BPO apparently is affecting this area also. It is in this context, we are proposing the introduction of a new technology, which could be the next step in Telemedicine: smart-card based storage of medical information – and data – in a condensed and encrypted form, but retrievable any personal computer. Thus, the need for specialized systems could disappear leading to an open system, ideally suited for easy encoding, analysis, storage, transmission and retrieval. The significance of this project is that both the hardware and the software have been developed indigenously, and thus could have wider ramifications than Medical Informatics alone(e.g. personal data encryption, secure e-commerce, universal identification/medical card, etc.). In another sense, it is a firmware carry-over of the A.N.A.H.I.T.A. protocol presented in an earlier conference, and could form the foundation for a new Indian standard in this field.
1. Introduction
Some years have passed since the first Conference on Telemedicine was held in Sikkim, as part of the ICMR-WHO Workshop on Accessing information in Medicine, in which the author had presented a glimpse of a standardization system we were working on at that time, under the generic name of the “A.N.A.H.I.T.A.” protocol (Acquisition & Networking Algorithms for Health Information Transmission & Archiving). This had to do with acquisition and pre-processing of medical text, data, images and waveforms, followed by near loss-less compression for transmission and reception on the Internet. Since then, many developments technologically have taken place the world over, with increasing emphasis being placed on (i) storage and correlating multi-modal data in hospital computers in a secure manner for physicians and administrators,(ii) interfacing medical equipment directly with the Internet, for data-transmission and fault-finding, and (iii) compressing and encrypting medical data, with the principle aim of storing on universally readable smart-cards. Shorn of technical jargon, the present paper addresses the third problem, taking into account the importance being attached by the Government and the Medical profession alike, in making available unique smart-cards available to all citizens in the future for multivariate information to be stored and retrieved in a secure and efficient manner. The technology for this has already arrived on the scene in commercial fields : it is now to be seen how it could be harnessed in the field of medical informatics for health-care delivery.
2. Review of the ANAHITA Protocol
ACQUISITION & NETWORKING ALGORITHMS for HEALTH-CARE INFORMATION
TRANSFERRENCE & ARCHIVING
The project is a culmination of multi-modal Health Care Information and Analysis Modules.
The Object is to have an integrated, secured and web-based transmission of patient data system which could be communicated for expert opinion, life-saving decision making, and collaborative health research, in near real-time, and with minimum storage/software overheads.
The integrated modules will allow hospitals/ health care units to have patient’s clinical information on electronic records, which will be efficiently compressed, securely managed, and easily accessible to authorized users, who can store it securely in their own VPNs (Virtual Private Networks).
-2-
The software so designed is to be Hardware and Operating System “independent”, which makes Java the obvious choice of an universal platform.
A. This integrated module currently developed consists of the following:
Patient’s Personal Information Patient’s Medical History Patient’s Pathological Record Patient’s Medical Images ( X - Ray, CT-Scan, Ultra Sound, MRI) etc. Patient’s ECG up to 12 Leads
B. The Software system will also provide the following analysis capabilities:
Medical Image Analysis for better detection of the abnormalities. ECG Arrhythmia Analysis to detect abnormalities of the heart’s functioning Data-acquisition system modalities, from medical equipment
C. Filtering and enhancement of the raw Medical Data:
Images to be enhanced for better visualization from the Radiologists’ console (incl. colouring) ECG signal filtering to reduce errors in the wave form; to add in future ECG analyses algorithms
D. Single module and Loss- Less Compression of the Entire Data Files:
A proprietary, secured and compressed file will include the entire data
Overall Status of the Research:
The project is currently at a very advanced stage. All of the above except for the ECG analysis is successfully implemented, and can be demonstrated as required.
The compression algorithm is already completed for all except for Medical Images. So far we have been able to compress the data to a remarkable 86%.
The software development work for the same on Medical images is in progress.
A web-centric front end of some of the results are provided for reference; compressed data files demonstrating loss-less compression may be provided when required.
While the basic research work has been successfully completed till date, implementation of data-acquisition, presentation & packaging is in progress, including incorporation into indigenously developed smart-card read/write facilities , described in Section 3 & 4 below.
This is being set to parallel testing on different hardware, and operating systems. Testing was performed on Linux, and Windows Operating systems with diverse Web browsers on Unix Workstations, PCs and a portable notebook computer.
Leads I, II, and III of ECG data has been compressed to :
Test1.crf [3.2 KB] , which is the multi-modal Patient Data File with a proprietary extension “.crf” which means Clinical Record File”
The Web- centric front end was designed keeping in mind a Net -communicable stand-alone version, as well as extensible full-fledged enterprise version. This is currently being integrated and packaged with the back-end. A sample “snapshot” of 12-lead ECG from a Holter recording is shown below in Figure-1; the actual memory occupied is 81KB. Similarly, the CT-scan of the bony tissue shown in Figure -2 occupies 148 KB of memory, and would normally require image compression.
-3-
FIGURE-1 A DIGITIZED 12-LEAD ECG RECORDING
CRF -ECG Application : This is a universal gateway Medical ECG application which is aimed at serving as an unified container for ECG waveforms, including Holter or similar long term examination based records.This application serves as a proof of a concept to demonstrate digital data archiving, visualization, analysis and compression.
In order to achieve the most neutral data structure, the application assumes as retrieved data to be in ASCII (X-Y i.e. frequency/amplitude) format. Several ECG equipment suppliers provide the computer interface of their data in their own proprietary equipment. However, the study reveals that the data culture adopted in this application serves the most neutral format and the application can be integrated with any vendors hardware with an added ADC interface that converts analogue signals into the accepatable (frequency/amplitude) mode, mimicking a standard ECG strip-chart recording.
This application is Java based, as mentioned, and thus truly implementable in any Operating System.
On Screen Fundamentals:The application supports ECG analysis whereby one can analyze a single lead waveform at a time. One needs to double click and the entire ECG strip would pop-up in a separate window, and then again double-clicking on the mouse to analyze the ECG record. Data of all 12 leads is archived into a single proprietary format ( .ecg), for security.
-4-
FIGURE-2 A DIGITAL (CT) SCAN OF BONY TISSUE
The Pathological slide of the Lung Biopsy shown digitized in Figure-3 occupies 160 KB and the Pulmonary function test-report for the same patient, requiring 181 KB memory, is shown in Figure-4.
FIGURE – 3 PATHOLOGICAL SLIDE OF A LUNG BIOPSY
-5-
FIGURE -4 PULMONARY FUNCTION ANALYSIS
3. All about Smart Cards Microprocessor-based embedded Smart cards provide an acceptable method for authenticating devices, identifying users, their preferences, and keeping records. Any e-commerce transaction requires privacy, integrity, authenticity verification and non-repudiation, which are of vital importance in various types of secure transactions over the Internet. With encryption and/or Biometrics (highlighted in Section 6 below), e-commerce users can use smart cards with more confidence.Although credit and debit cards look more or less like smart cards in size and shape, these are not smart cards, which, according to the definition by International Standard Organization, is a plastic strip with a printed and integrated circuit – a chip with a tiny computer embedded in it that includes a memory as well as a processor. Technically, a smart card is called a “chip card” and also an IC card. The operating system used on this tiny embedded computer is called a Card Operating System. This COS is very reliable in providing network security, data and transaction security.
The input/output of data from and to the smart card is made through card readers which are also called Card Acceptance Devices or Interface Device (see Section 4 below). The card-readers are divided into different categories according to the type of the card needed to be read, the various functions it can offer, the applications carried out and the various PC ports. Smart cards may be contact-based or contact-less. When contact-based cards are inserted into a smart card reader, the data transmission takes place through physical contact points on the gold-plated surface of the card. Contact-less cards can work without direct physical contact although these demand a close proximity to the card reader. The contact is made through antenna using Radio Frequency. There are also combination reader-writers that can read both contact-based and contact-less cards.
Most contact-less cards obtain their power source from the electromagnetic field that sets up the contact. Alternatively, the card is normally kept in a container, which has both battery and antenna (a clumsy solution). Another alternative is that the card itself has an embedded battery. Smart card batteries are very tiny, no thicker than the card or, to be precise, a fraction of a millimeter for a three-volt rechargeable battery. For some applications, the batteries have to withstand sub-zero temperatures to more than 100° C.
The USA is planning to introduce smart cards in passports that will contain chips in the covers which will hold facial and fingerprint recognition data for biometrics, and some other personal information. Similarly, e-visa has also been planned in many countries. The market is growing. Gartner Dataquest predicts the global smart
card market will reach 1.16 billion units in 2004. At an average cost of seven dollars a unit at present, the market is estimated at $ 8 billion, though the prices of both smart-cards as well as card-readers will fall drastically once they become industry standards for PCs, and widely acceptable to users, Government agencies, and commercial organizations.
-6-
A basic smart card standard follows ISO 7816 specification (described later in Section 5) but other standards are emerging with modified features. Philips has brought out a Non Field Communication-based Bluetooth enabled contact-less smart cards with a data transfer rate of 1 Mbit/sec over a distance of 20 cm while the usual rate is about 200 Kbit/sec. An entirely different range of smart cards is being experimented with for moving vehicles and products in an assembly line, which may work at a distance of several metres. Contact-less smart card readers must additionally adhere to the ISO standard 14443 (10 cm distance between reader and smart card) or ISO 15693 (150 cm distance between reader and smart card).
On the basis of computing capability, contact-based cards are of two types: memory card and processor card. Memory cards can store a large volume of data related to critical information like Biometric identification of a person, driving license number, personal index number used at ATMs, credit card number, digital signature key and related algorithm. Processor cards contain both memory and processor, and other features. An indegenous Smart Card/Reader system is shown below in Figure-5 below, as developed by the ASPECT technology group (cf. Section 4).
FIGURE-5 The ASPECT Smart-Card Reader/Writer System A modern technology is the Java card technology, which is platform independent. These Java cards are more versatile compared to the other smart cards. The typical Java card contains 16 KB of Read Only Memory, 8 KB of Electrically Erasable Programmable ROM and 256 KB of Random Access Memory. It can load programmes so Java cards also offer compatibility to run different third-party applications that also satisfy ISO norms. Other manufacturers have come out with 1 MB smart-cards, though in India cards up to 256 KB memory only are available at present.
Thus, smart cards are gradually expected to replace typical credit cards that have limited use. A smart card may contain a database which is upgradeable and as a result, a mammoth distributed database can be handled to reduce network traffic and processing overhead on the main computer, especially using VPN (Virtual Private Network). The price of a chip is also falling, making smart cards cost-effective and affordable. In fact, credit and debit cards of the future will actually be smart cards. But although smart cards do provide a more secure transaction, hacking in cyberspace cannot be fully ruled out, unless Biometrics is incorporated (as shown in Section 6).
The importance of the advent of Smart Card technology in India can be gauged from the fact that the Department of Information Technology of the ITC Ministry, Govt. of India sponsored the 6 th Smart Cards Expo in Delhi early September 2004, in which some hundred national and international organizations participated. Part of the current work depends on the latest technologies show-cased at the Expo preceding this Conference. At the same time, embedded-chip technology has taken such a giant leap forward, that 128MB micro-cards, with concomitant readable attachments on PCI-MC slots of Desktop PCs (and most Laptops) are becoming commonplace at increasingly affordable prices (in the order of Rs 1000-2000). Considering the fact that -7-
digitized medical images (radiography as well as pathology slides) require approximately 200-400 KB of data memory per frame –without compression – and 12-lead electrocardiography of 4 sec duration requires a mere 12-48 KB nominally, it is technically feasible to store abundant biomedical data on both smart-cards as well as micro-cards even without compression; the text part of the patient-data, in the form of clinical observation, identity, even graphical inputs like Pulmonary function tests or Stress-tests, occupy comparable memory space. With encryption and compression, it should be possible to store Biomedical, Biometric, and personal/commercial information in the same card, in a short time.
In theory, it should be possible to encrypt even banking/financial information in a 512 KB Smart card, (and possibly even obviate the need for voting cards and driving licenses in the future), also making medical diagnostic and billing possible via the same media as the medical data card, using e-commerce protocols. All that is left then, in theory, is to have access to low-cost read/write card-readers, on the one hand, and universally acceptable standards, on the other, for Medial Smart Cards to become a universal reality, in the same sense as floppy-discs, CD-ROMs, ZIP-drives, or DVDs.
4. The ASPECT technology
A few years back, a small group of computer professionals from Kolkata precisely achieved this. The acronym, standing for ‘A Smart Product Ensemble for Commencing Trends’, was meant originally as a pre-cursor to an universal system- not originally meant for medical applications in particular – but aimed at employee-ID, club-membership, tourist-related, salary or wage card, cash-card, banking and customer-service. Health/Medical insurance was an additional benefit, but in the long run, it is likely to prove the most important of all the applications, given adequate memory capacity: after all, health and medical data are a necessary and universal requirement, while all other applications are optional, secondary, or could be subsumed into a Smart Card which has enough memory to hold the rest of information. The schematic diagram of the Telemedicine/Internet/Smart-Card interface is shown in Figure-5 below, and the general characteristics of the ASPECT system is given in Figure-6. From the point of view of Medical Technology, what is of importance to note is that (a) the card reader-writer systems can be miniaturized; (b) they can transfer data through a standard bus; and hence, (c) in principle, it could be embedded into the main-frame of a standard desk-top Personal Computer, at low cost and complexity, by removing the exteriors, power-supplies, wiring etc.
This is especially applicable for ASM-19 type Smart-Card reader-writer, shown in Figure- 7. Thus, one can foresee such a simple indigenous technology to become a standard part of any Hospital Computer – and in the future, hopefully for any PC, given the availability of Smart Cards of sufficiently high memory and low cost. Enhancement into Lap-top & Palm-top PCs will have to wait for necessary miniaturization of the mechatronics.
FIGURE 6 : TELEMEDICINE – SMART CARD INTERFACE
MEDICALINSTRUMENTATION
DATAACQUISITION
SYSTEM
HOSPITALCOMPUTERNETWORK
PATIENT
REMOTEPHYSICIAN’S
P C
DIAGNOSIS
FEEDBACK TO
PATIENT
INTERNET
ENCRYPTION AND
COMPRESSION
DECRYPTION AND DECOMPRESSION
SMART CARD WRITER /READER
ANYP C
FIGURE – 7 COMMON USAGES OF SMART CARD TECHNOLOGIES
Some Smart-Card reader-writer applications, comprising of hand-held, wall-mounted, desk-top and miniature systems is given in Figure-7 below.
FIGURE-8 SOME SMART-CARD APPLICATIONS DEVELOPED BY THE “ASPECT” TECHNOLOGY
-10-
5. A brief note ISO-7816 Smart-Card Standards
ISO 7816-1 (Part1): this deals with Physical Charcteristics of Integrated Circuit Cards
This part describes the physical charcteristics of integrated circuit cards. It includes accomodation of exposure limits for a number of electromagnetic phenomena such as X-rays, UV light, elacromagnetic fields, static electrical fields, and ambient temperature of the card.
Furthermore ISO 7816-1 defines the characteristics of a card when it is bent or flexed. This is to make sure that plastic cards with embedded chips are manufactured in a way that guarantees flawless operation over the expected life time of a card. Connections between the surface connectors and the I/O pins of the embedded silicon die must be maintained and withstand mechanical stress. Bending and flexing procedures are standardized in ISO 7816.
This part of ISO 7816 is important for card manufacturers. They are the ones that choose the materials and establish a process that embeds the integrated circuit into the card.
ISO 7816-2 (Part 2): This deals with Dimensions and Location of the Contacts
ISO 7816 part 2 defines the dimensions and location of the contacts. This part includes standards about number, function and position of the electrical contacts.
The integrated circuit card (ICC) has 8 electrical contacts. They are referred to as C1 through C8. However, not all 8 contacts are electrically connected to the embedded microprocessor chip and therefore unused at the present time.
Some smart cards issued before 1990 were adherent to a different standard for the contact location and therefore can't be used with today's ISO7816-2 compliant smart card readers. These cards were deployed primarily in Europe.
ISO 7816-3 (Part 3): This deals with Electronic Signals and Transmission Protocols
This part describes electronic signals and transmission protocols of integrated circuit cards, and is a version that is available on the Internet. If you need the official version of this part, please contact ISO in Switzerland.
Most of ISO 7816- 3 is important for reader manufacturers or developers who want to establish a communication with a smart card on a very low level, the signal level. Going through ISO 7816-3 one can see what's involved in writing one’s own I/O software. This can be either to communicate from a micro-controller or a PC's serial/parallel/USB/PCMCIA port. Even if one does not intend to go that far, it is interesting to read about what one can get out of an Answer to Reset (ATR).
There are many tools out there to read an ATR. Even on the Smart Card Web- site http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-1.aspx, a remote version of a free ATR probing tool is available, that reads and interprets an ATR over the Internet. All one need is a PCSC compliant Smart Card reader attached to a PC with an Internet connection.
6. Biometric Applications of Smart Cards
Once a Smart-Card reader-writer system is in place, the next important application is an universal identity-card incorporating Biometrics : a personal data format that incorporates one or more salient features of the user, if required in a compressed and/or encrypted format. This could encompass one or more of such pictorial features as a photograph /fingerprint, and auditory features like speech-recording & voice-print, though some commercial applications prefer an image of the iris (blood-vessel connections of the retina) as the preferred mode.
-11-
In all cases, these constitute unique features of the user, which cannot be duplicated. A typical photograph, as shown in the Figure 8 (A) below in JPEG format, requires about 49KB of memory, while the finger-print next to it (B) requires about 44KB, in an uncompressed mode. Both of these could be stored and analyzed using optical pattern recognition algorithms.
(A) (B) (C)
(D)
Figure 9. Photograph, fingerprint speech-file and voice-print samples storable in a Smart-card (137 KB total). Double-click the mouse on the speaker symbol over (C) to hear the name as recorded speech.
Similarly, a voice signal recording of the user, as shown by the media-player symbol alongside (in C ) in hypertext-mode - and playable simply by clicking a mouse over it in the soft copy of this file - is about 2.8 sec signal length in 8-bit PCM mode, sampled at 15K/sec to create a 44KB wave (.wav) file. This can be stored in the card and later compared with the microphone output connected to the PC when the genuine user repeats the phrase (in this case, his own name), using standard pattern-recognition techniques. Alternatively, a voice-print could be created of the wave-file (as shown in D) using a standard software such as Sound Forge, and this could be the Biometric template for the user. A combination file of all these formats can virtually ensure total security for any person, with a reasonable amount of digital memory requirement and software overhead even in an uncompressed mode, especially with the availability of 256KB and 512 KB embedded-chip memory smart-cards in a short time.
-12-
The applications of the above paradigms are limitless : a one-card identification solution for all requirements of a citizen – from banking to marketing, from e-commerce to e-governance, from taxation to voting. In particular, it could circumvent problems, costs and logistics involved in the election processes ( local, state or central), as the user can use it to any PC in the country– or for the matter in the world – through the Internet, once the built-in card-reader becomes an universally accepted storage device. Personal information can be added and accessed in text-form for availability on the Net, once the Biometric security barrier has been successfully overcome.
7. Concluding remarks
So far, Telemedicine technology has been groping for paradigms and solutions for the future, in the expectation that some form of universally acceptable encoding, encryption, storage/retrieval and transmission system could be achieved acceptable to all – physicians, hospital administrators, and computer specialists alike. With the kind of Smart-Card technology described above, the fourth – and equally important – aspect of the problem has been attempted to be addressed, namely, patient (or user) acceptability and user confidence regarding security and reliability. The next step, logically, would be to have an integrated protocol to seamlessly integrate Smart Card and Internet technologies, both for Medical as well as identification usages.
The fact that the technologies presented here have been indigenously developed and affordable, make it an excellent candidate for real-life applications in the field of Computer applications in Medicine, as well as a secure all-purpose citizen’s ID card. What is required, during the course of the next few years, is the integration of three variables : availability or manufacturing of standard card reader-writers using the ASPECT technology – which can be retro-fitted into all PCs; large memory, low-cost Smart-Cards using embedded chip technology (e.g. ATMEL); and secure encrypted software like the ANAHITA protocol - goals which are clearly visible over the horizon.
REFERENCES
1) Critical-care Monitoring (by the author) : The Journal of Gen. Medicine, Vol.8, No.1, Oct- Dec 1995).2) You and the Computer : how it could change your life - and that of your patients Part I (by the author): The Journal of General Medicine, Vol.8, No.2, Jan-Feb 1996. 3) Telemedicine and Hospital Computerization (presentation by the author) :W.H.O.-I.C.M.R.
Workshop on Accessing Medical Informatics (Sikkim-Manipal Institute of Medical Sciences, Sept. 2002).
4) Computers in Medicine – the road ahead in India (presentation by the author): National Conference on Medical Informatics and C.M.E. on Hospital Management (held at Mahatma Gandhi Institute of Medical Sciences, Sevagram, Wardha, Sept. 2004).
5) Computers in Medicine – application of Smart-card Technology (by the author): Annual Conference of the Biomedical Engineering Society of India (held at GITAM Institute of Technology, Vishakhapatnam, India, Dec.2004)
ACKNOWLEDGEMENTS
The author wishes to acknowledge with thanks the following persons whose research & development work and assistance has gone into preparing this document : 1. Mr. Kishore Bhattacharyya and colleagues, ASPECT Group, Kolkata, for the smart-card reader-writers2. Mr. Indrajit Saha of R.M. Sales, Kolkata, for donating the ATMEL smart-card samples & data-sheets3. Mr. Ranjit Rangan & Mr. Sunil Aggarwal, EVENTS Technologies, Pune, for the Telemedicine protocols4. Prof. Arun Samaddar, Director, Pailan College of Management & Technology, WB, for parts of the text.
(The author is an Electronics & Control Systems Engineer (I.I.T-Kgp/I.I.T.-B’ba)y, a first-generation Biomedical Engineer (I.I.T.Madras 1972-75), former Commonwealth Scholar in the U.K .- where he obtained his Ph.D. in Medical Electronics, a Life-member of the Biomedical Society of India and the Computer Society of India, and has served as R & D, production and marketing executive in several Indian and multinational Medical Electronics and Automation & Control Industries like Keltron, Philips, Siemens and Larsen & Toubro, as well as in prominent academia in India and abroad).
