ITU Kaleidoscope 2019 - ICT For Health

Download as pdf or txt
Download as pdf or txt
You are on page 1of 234

11TH ITU ACADEMIC CONFERENCE

ITUKALEIDOSCOPE
ATLANTA 2019
ICT for Health:
Networks, standards and innovation
4-6 December

ITUKALEIDOSCOPE ICT for Health: Networks, standards and innovation


Atlanta, Georgia, USA

International
Telecommunication
Union
Telecommunication
Standardization Bureau
Place des Nations
CH-1211 Geneva 20
Switzerland

ISBN 978-92-61-24301-2
ISBN: 978-92-61-28401-5

99 77 88 99 22 6 1 2 84 43 0 1 25 Hosted by Technically co-sponsored by In collaboration with Organized by


Published in Switzerland
Geneva, 2019

Atlanta Global Studies Center


Center for Computing and Society
Center for Health and Humanitarian Systems
Center for International Strategy, Technology, and Policy
Center for Serve-Learn-Sustain
Georgia Tech Research Institute
Institute for People and Technology
ISBN:
978-92-61-28401-5 (electronic version)

Disclaimer

The opinions expressed in these Proceedings are those of the paper authors and do not necessarily reflect the views
of the International telecommunication Union or of its membership.

 ITU 2019
All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior
written permission of ITU.
Foreword
Chaesub Lee

Director
ITU Telecommunication Standardization Bureau

The ITU Kaleidoscope academic conference has gained a reputation for providing an in-depth
discussion on matters relevant to the ITU membership. This year, in collaboration with the World
Health Organization (WHO), Kaleidoscope 2019: ICT for Health: Networks, standards and
innovation provided a forward-looking perspective on the future developments for better healthcare
delivery.

Kaleidoscope is ITU’s flagship academic event. Now in its eleventh edition, the conference supports
productive dialogue between academics and standardization experts. I wish to thank the Georgia
Institute of Technology for stimulating this dialogue and providing the space for such engagement in
the hosting of Kaleidoscope 2019 in Atlanta, Georgia, USA.

The research presented at this conference focused on how information and communication
technologies (ICTs) are set to further revolutionize the heath sector, looking into the technical aspects
such as digital health strategies, smart technologies and access networks for healthcare, as well as
issues of safety, security and data protection. The various sessions, including the special panel
designed by the WHO Department of Evidence and Intelligence for Action in Health, highlighted
how we can use ICT developments to ensure that the goal towards universal, quality health coverage
is achieved. These discussions also aided in the understanding of how ITU’s work on standardization
can advance the digitization of the health sector.

I would like to express my great appreciation to the Kaleidoscope community and the larger ITU
Academia membership for their enduring support to this series of conferences. With over
160 academic and research institutes now members of ITU, the Kaleidoscope series is certain to
continue growing in strength.

My sincerest thanks go to WHO for collaborating with us on Kaleidoscope 2019, to our host, the
Georgia Institute of Technology, Atlanta, Georgia; our technical co-sponsors, the Institute of
Electrical and Electronics Engineers (IEEE), the IEEE Communications Society and The Lancet
Digital Health. I would also like to thank our academic partners and longstanding ITU members,
Waseda University, the Institute of Image Electronics Engineers of Japan (I.I.E.E.J.), the Institute of
Electronics, Information and Communication Engineers (IEICE) of Japan, the Chair of
Communication and Distributed Systems at RWTH Aachen University, the European Academy for
Standardization (EURAS), and the University of the Basque Country.

–i–
I would especially like to thank the members of the Kaleidoscope 2019 Technical Programme
Committee (TPC) and the members of our Steering Committee: Michael Best, Georgia Tech;
Christoph Dosch, IRT GmbH; Kai Jacobs, RWTH Aachen University; Mistuji Matsumoto, Professor
Emeritus Waseda University; Sameer Pujari, WHO; Rupa Sarkar, The Lancet Digital Health; Mostafa
Hashem Sherif, USA (also TPC Chair) and Daidi Zhong, Chongqing University. I would also like to
thank the distinguished General Chairman of Kaleidoscope 2019 and Executive Vice Director of
Research at Georgia Tech, Chaouki Abdallah.

Chaesub Lee
Director
ITU Telecommunication Standardization Bureau

– ii –
Chairman’s message
Chaouki Abdallah
General Chairman
The use of innovative applications and advanced information
and communication technologies (ICTs) are set to continue to
affect the health sector globally, providing significant
developments and ensuring that communities around the world
are capable of providing necessary and efficient healthcare.
Georgia Institute of Technology is proud to provide a space for the presentation and discussion of
essential research towards this year’s ITU Kaleidoscope academic conference on ICT for Health:
Networks, standards and innovation, at our campus in Georgia, Atlanta, USA, 4-6 December 2019.
The establishment of the ITU Academia membership category in 2011 brought greater significance to
Kaleidoscope’s role in fostering academic engagement in the work of ITU. As a member within this
category, Georgia Tech is committed to continuing its support to the Union, and particularly in the
pursuit of research and academic engagement.
The Technical Programme Committee chaired by Mostafa Hashem Sherif selected 20 papers through a
double-blind peer-review process supported by 75 international experts. I would like to thank the
Committee and the reviewers for selecting high-caliber papers for presentation at the conference and
identifying papers eligible for awards.
Among the various keynotes presented in this year’s programme, the first by Valerie Montgomery Rice,
President and Dean of the Morehouse College of Medicine, explored the possibilities of leveraging
digital health technology to advance health equity. Ian F. Akyildiz, the Kenneth G. Byers Professor in
the School of Electrical and Computer Engineering here at Georgia Tech, offered insightful research
into the technical aspects of health applications in the context of an Internet of Bio-Nanothings. Both
keynotes emphasized the importance of investigating the convergence of engineering and medical
research in the pursuit of the global good. John Vertefeuille, of the US Centers for Disease Control and
Prevention, delivered his keynote speech titled, “Polio eradication and how technology is reaching the
last mile,” discussing how digital health plays a key role in combatting disease.
The first Kaleidoscope 2019 invited paper, “Towards international standards for the evaluation of
Artificial Intelligence for health,” co-authored by Markus A. Wenzel and Thomas Wiegand, from
Fraunhofer Heinrich Hertz Institute, explored how international standards are necessary for thoroughly
validating AI solutions for health, and how such standards could create trust among stakeholders. This
presentation also highlighted the achievements of the ITU/WHO focus group on “AI for Health.”
Kaleidoscope 2019 was developed as a joint collaboration between ITU and the World Health
Organization (WHO). In light of this partnership, Marcelo D’Agostino, WHO’s Senior Advisor on
Information Systems and Digital Health, delivered a keynote speech as part of the opening plenary on
“Digital Health in the Information Society: Working together to leave no one behind.” Mr. D’Agostino
also moderated the WHO special panel session titled, “Digital transformation of the health sector: The
power of Artificial Intelligence and the potential of unstructured and Big Data for public health.” Yuri
Quintana from Harvard Medical School discussed the potential power of Artificial Intelligence to
support patients, families and healthcare providers. Ian Brooks of NCSA University of Illinois explored
what potential there might be for public health, given the uses of unstructured data and Big Data today,
and Jennifer Nelson from the Interamerican Development Bank in the United States focused on the
challenges and opportunities surrounding digital transformation in Latin America.

– iii –
Brian Scarpelli, presented part of the second special panel on “Essential considerations for
policymakers addressing the role of Artificial Intelligence in healthcare,” from Connected Health
Initiative, USA. Ilise Feitshans, Fellow in Law at the European Scientific Institute in France, presented
her research on “Global health impacts of personal data protections under European laws and beyond.”
This presentation focused on understanding the role of privacy in society as well as its influence on
personal health, including whether health concerns affect the application, use and disclosure of personal
data in light of the GDPR provisions.
Selected papers from each year’s Kaleidoscope conference are considered for publication in a special-
feature section of IEEE Communications Standards Magazine. In addition, special issues of the
International Journal of Technology Marketing (IJTMKT), the International Journal of IT Standards
and Standardization Research (IJITSR) and the Journal of ICT Standardization may publish extended
versions of selected Kaleidoscope papers. Authors of outstanding Kaleidoscope 2019 papers have also
been invited to contribute to the work of the ITU/WHO Focus Group on ‘AI for Health.’
All papers accepted and presented at the conference will be submitted for inclusion in the IEEE Xplore
Digital Library. The Conference Proceedings from 2009 onwards can be downloaded free of charge
from http://itu-kaleidoscope.org.
I would like to thank our technical co-sponsors, supportive partners and Alessia Magliarditi and her
team at the ITU for their role in ensuring the continued success of the Kaleidoscope series of academic
conferences.

Chaouki Abdallah
General Chairman

– iv –
TABLE OF CONTENTS
Page
Foreword ............................................................................................................................................. i
Chairman's Message ............................................................................................................................. iii

Committees ........................................................................................................................................... vii


Keynote Summary

PANACEA: An Internet of Bio-NanoThings application for early detection and mitigation


of infectious diseases
Ian F. Akyildiz (Georgia Institute of Technology, USA) .......................................................... xiii
Session 1: ICT infrastructure for healthcare

S1.1 5G-enabled health systems: Solutions, challenges and future research trends
Di Zhang; Teng Zhang; Yunkai Zhai; Joel J. P. C. Rodrigues; Dalong Zhang;
Zheng Wen; Keping Yu; Takuro Sato ....................................................................... 1
S1.2 Community healthcare mesh network engineering in white space frequencies
Hope Mauwa; Antoine Bagula; Emmanuel Tuyishimire; Tembisa Ngqondi ........... 9
S1.3 Exploration of the non-intrusive optical intervention therapy based on the indoor
smart lighting facility
Jian Song; Xiaofei Wang; Hongming Zhang; Changyong Pan ................................ 17
S1.4 Access technologies for medical IoT systems
Junaid Ahmed Siddiquee........................................................................................... 23
Session 2: Medical ICT

S2.1 Module structure for foot prosthetic and interface standardization


Yoshitoshi Murata; Tomoki Yamato ......................................................................... 33
S2.2 Development of hearing technology with personalized safe listening features
Shayan Gupta; Xuan Xu; Hongfu Liu; Jacqueline Zhang; Joshua N. Bas;
Shawn K. Kelly.......................................................................................................... 39
Session 3: Medical IoT

S3.1 Facilitating healthcare IoT standardization with open source: A case study on
OCF and IoTivity
Hongki Cha; Younghwan Choi; Kangchan Lee........................................................ 49
S3.2 Empirical study of medical IoT for patients with intractable diseases at home
Kentaro Yoshikawa; Masaomi Takizawa; Akinori Nakamura; Masahiro Kuroda .. 59
Session 4: Digital health strategies

S4.1 Invited paper - Towards international standards for the evaluation of artificial
intelligence for health
Markus A. Wenzel; Thomas Wiegand ....................................................................... 67
S4.2 Redesigning a basic laboratory information system for the global south
Jung Wook Park; Aditi Shah; Rosa I. Arriaga; Santosh Vempala ........................... 77

–v–
Page
S4.3 #RingingTheAlarm: Chronic "Pilotitis" stunts digital health in Nepal
Ichhya Pant; Anubhuti Poudyal................................................................................ 85
S4.4 Designing national health stack for public health: Role of ICT-based knowledge
management system
Charru Malhotra; Vinod Kotwal; Aniket Basu......................................................... 95
Session 5: Smart technologies for caregivers

S5.1 Elderly health monitoring system with fall detection using multi-feature based
person tracking
Dhananjay Kumar; Aswin Kumar Ravikumar; Vivekanandan Dharmalingham;
Ved P. Kafle .............................................................................................................. 105
S5.2 A healthcare cost calculator for older patients over the first year after renal
transplantation
Rui Fu; Nicholas Mitsakakis; Peter C. Coyte........................................................... 115
S5.3 Automatic plan generating system for geriatric care based on mapping similarity
and global optimization
Fei Ma; Chengliang Wang; Zhuo Zeng .................................................................... 125
Session 6: Data and artificial intelligence era

S6.1 Invited paper - Preparing for the AI era under the digital health framework
Shan Xu; Chunxia Hu; Dong Min............................................................................. 135
S6.2 Operationalizing data justice in health informatics
Mamello Thinyane .................................................................................................... 145
Session 7: Safety and security in healthcare

S7.1 Thought-based authenticated key exchange


Phillip H. Griffin ....................................................................................................... 155
S7.2 Cyber-safety in healthcare IoT
Duncan Sparrell........................................................................................................ 163
Session 8: Data protection and privacy in healthcare

S8.1 Technical and legal challenges for healthcare blockchains and smart contracts
Steven A. Wright ....................................................................................................... 173
S8.2 Design of a credible blockchain-based e-health records (CB-EHRs) platform
Lingyu Xu; Antoine Bagula; Omowunmi Isafiade; Kun Ma; Tapiwa Chiwewe ....... 183
S8.3 The GDPR transfer regime and modern technologies
Melania Tudorica; Trix Mulder ................................................................................ 191
Abstracts ............................................................................................................................................. 199
Index of Authors ................................................................................................................................... 209

– vi –
COMMITTEES
Steering Committee

 General Chairman: Chaouki Abdallah (Georgia Institute of Technology, USA)

 Michael Best (Georgia Institute of Technology, USA)


 Christoph Dosch (ITU-R Study Group 6 Vice-Chairman; IRT GmbH, Germany)
 Kai Jakobs (RWTH Aachen University, Germany)
 Mitsuji Matsumoto (Waseda University Emeritus Professor, Japan)
 Sameer Pujari (World Health Organization (WHO))
 Rupa Sarkar (The Lancet Digital Health, UK)
 Mostafa Hashem Sherif (Consultant, USA)
 Daidi Zhong (Chongqing University, China)

Host Committee

 Co-Chairs: Michael Best (Georgia Institute of Technology, USA)


Elizabeth Mynatt (Georgia Institute of Technology, USA)

 Jennifer Hirsch (Georgia Institute of Technology, USA)


 Pinar Keskinocak (Georgia Institute of Technology, USA)
 Leigh McCook (Georgia Institute of Technology, USA)
 Sebnem Ozkan (Georgia Institute of Technology, USA)
 Alasdair Young (Georgia Institute of Technology, USA)

Secretariat

 Alessia Magliarditi, ITU Kaleidoscope Coordinator


 Erica Campilongo, Collaborator
 Nolwandle Simiso Dlodlo, Collaborator
 Marine Kern, Collaborator
 Emer Windsor, Executive Assistant
 Pascal Borde, Promotional support

– viii –
Technical Programme Committee

 Mostafa Hashem Sherif (Consultant, USA)

 Marco G. Ajmone Marsan (Polytechnic University of Turin and Institute IMDEA Networks, Italy)
 Ahmad Alaiad (Jordan University of Science and Technology, Jordan)
 Rafael Asorey-Cacheda (Technical University of Cartagena, Spain)
 Chaodit Aswakul (Chulanlongkorn University, Thailand)
 Luigi Atzori (University of Cagliari, Italy)
 Antoine Bagula (University of the Western Cape, South Africa)
 Paolo Bellavista (University of Bologna, Italy)
 Michael Bove (Massachusetts Institute of Technology, USA)
 Marcelo Carvalho (University of Brasilia, Brazil)
 Shelly Chadha (WHO, Switzerland)
 Periklis Chatzimisios (Alexander TEI of Thessaloniki and Bournemouth University, Greece)
 Kejia Chen (Nanjing University of Posts and Telecommunications, China)
 Luca Chiaraviglio (University of Rome Tor Vergata, Italy)
 Mahmoud Daneshmand (Stevens Institute of Technology, USA)
 Alessio Diamanti (Orange & Cnam, France)
 Christoph Dosch (ITU-R Study Group 6 Chairman; IRT GmbH, Germany)
 Tineke Mirjam Egyedi (Delft University of Technology, The Netherlands)
 Marcos Fagundes Caetano (University of Brasilia, Brazil)
 Erwin Folmer (University of Twente, The Netherlands)
 Luca Foschini (University of Bologna, Italy)
 Ivan Ganchev (University of Limerick, Ireland / University of Plovdiv "Paisii Hilendarski", Bulgaria)
 Joan Garcia-Haro (Universidad Politécnica de Cartagena, Spain)
 Antonio Javier Garcia-Sanchez (Technical University of Cartagena, Spain)
 Katja Gilly (Miguel Hernandez University, Spain)
 William J. Gordon (Brigham and Women's Hospital, USA)
 Smrati Gupta (Microsoft Corporation, USA)
 Dijiang Huang (Arizona State University, USA)
 Eva Ibarrola (University of the Basque Country, Spain)
 Kai Jakobs (RWTH Aachen University, Germany)
 Ved P. Kafle (National Institute of Information and Communications Technology, Japan)
 Tim Kelly (World Bank, USA)
 Katarzyna Kosek-Szott (AGH University of Science and Technology, Poland)
 Ken Krechmer (IEEE, USA)
 Dhananjay Kumar (Anna University, India)
 Andreas Kunz (Lenovo, Germany)
 Tsung-Ting Kuo (University of California San Diego, USA)
 Mark Leeson (University of Warwick, UK)

– ix –
 Jie Li (Shanghai Jiaotong University, China)
 Fidel Liberal (University of the Basque Country, Spain)
 Luigi Logrippo (Université du Québec en Outaouais, Canada)
 Rafael Marin-Perez (OdinS, Spain)
 Mitsuji Matsumoto (Waseda University, Japan)
 Arturas Medeisis (ITU Arab Office, Riyadh station)
 Ahmed Mohammed Mikaeil (Shanghai Jiao Tong University, China)
 Alejandro Molina Zarca (University of Murcia, Spain)
 Yoshitoshi Murata (Iwate Prefectural University, Japan)
 Kazuhide Nakajima (NTT Corporation, Japan)
 David Palma (Norwegian University of Technology and Science, Norway)
 Vitaly Petrov (Tampere University of Technology, Finland)
 RangRao Venkatesha Prasad (Delft University of Technology, The Netherlands)
 Alexander Raake (Technische Universität Ilmenau, Germany)
 Julia Rauscher (University of Augsburg, Germany)
 Anna Riccioni (Università degli Studi di Bologna, Italy)
 Domenico Rotondi (FINCONS SpA, Italy)
 Mihoko Sakurai (Keio University, Japan)
 Andreas Sciarrone (University of Genoa, Italy)
 Stefano Secci (Cnam, France)
 Cristina Serban (AT&T Security Research Center, USA)
 Mostafa Hashem Sherif (Consultant, USA)
 Minrui Shi (Shanghai Telecom, China)
 Antonio Skarmeta (University of Murcia, Spain)
 Michele Solimando (University of Bologna, Italy)
 Jian Song (Tsinghua University, China)
 Duncan Sparrell (sFractal Consulting LLC, USA)
 Christian Timmerer (Information Technology (ITEC) Alpen-Adria-Universität Klagenfurt, Austria)
 Marco Torello (University of Bologna, Italy)
 Valerio Torti (European University of Rome, Italy)
 Taavi Valdlo (Estonian IT Standardization Technical Committee, Estonia)
 Riccardo Venanzi (University of Bologna & University of Ferrara, Italy)
 Honggong Wang (University of Massachusetts, Dartmouth & College of Engineering, USA)
 Jinsong Wu (University of Chile, Chile)
 Keping Yu (Waseda University, Japan)
 Richard Yu (Carleton University, Canada)
 Daidi Zhong (Chongqing University, China)

–x–
KEYNOTE SUMMARY
PANACEA: AN INTERNET OF BIO-NANOTHINGS APPLICATION FOR
EARLY DETECTION AND MITIGATION OF INFECTIOUS DISEASES

Ian F. Akyildiz

Georgia Institute of Technology, USA

The state-of-the-art diagnostics, monitoring, and therapy are limited by the imprecise nature of
current methods and use of devices that are either external, or when implanted, suffer from large size.
A breakthrough is eminent since we are at a critical crossroad in biomedical research in which our
ability to miniaturize sensors and electronics is unprecedented, and our understanding of biological
systems enables fine-grained manipulation and control of behavior of cells down to the molecular
level. These technologies will be leveraged to create Internet of Bio-NanoThings (IoBNT), which
is envisioned to be a heterogeneous network of nanoscale bio-electronic components and engineered
biological cells, so called Bio-NanoThings (BNT), communicating via electromagnetic waves, and
via molecular communication. The objective of this concept is to directly interact with the cells
enabling more accurate sensing and eventually control complicated biological dynamics of the human
body in real time.
As the enabler of IoBNT, Molecular Communication (MC) arises from the observation of chemical
communications in and among the basic units of life, i.e. biological cells, where the information is
represented, exchanged and stored in the form of molecules. The key processes of chemical reactions
and molecular transport are at the basis of encoding, propagation, and processing of information
bearing molecular signals. The focus of this discipline is on the modeling, characterization, and
engineering of information transmission through molecule exchange, with immediate applications in
biotechnology, medicine, ecology, and defense, among others. In the past decade of MC research, the
first studies focused on the physical layer characteristics of communication channels where MC
techniques are defined based on the transport mechanism such as diffusion-based and flow-based MC,
chemotaxis, and molecular motors. However, there is still limited investigation on the definition of
technologies for practical applications of MC. Here, we present a novel perspective on the theory of
MC by expanding on existing and future studies for its application to healthcare.
To illustrate how MC brings together biological and cyber worlds for healthcare applications, we
introduce the concept of a new cyber-physical system called, PANACEA (a solution or remedy for
all difficulties or diseases in Latin), which is a closed-loop solution to the problem of monitoring
infections. PANACEA leverages cutting-edge technologies in the cyber (i.e. machine learning, big
data analytics, cloud computing, security) and physical (i.e. bio-nanosensors, magnetic and wireless
communications) domains to continuously monitor the tissues at risk of serious infection for early
detection and mitigation of infections. By tapping into cell-to-cell communication mechanisms of
bacteria infecting human body, it is possible to estimate the increase in the population of the bacteria
indicating an infection even before the patient shows symptoms. Bio-nanosensors sense
communication molecules, so-called quorum sensing molecules, exchanged among the infectious
bacteria. Quorum sensing is the major cell-to-cell communication mechanism where bacteria produce
and release chemical signal molecules whose external concentration increases as a function of
increasing cell-population density. Therefore, by sensing the concentration of its quorum sensing
molecules, it is possible to estimate the density of the infectious bacteria population. This can be used
to detect infection, which is the invasion of various healthy human tissues by pathogenic bacteria that
are multiplying and disrupting tissues’ operation, causing diseases.

– xiii –
The physical domain of PANACEA will comprise all the bio-nanosensors and actuators (e.g. drug
delivery devices, pacemakers, etc.) embodied by the RIMOR (explorer in Latin) subsystem, which
consists of 3 parts: bio-nanosensor, sensor interface chip, and a coil/inductor for wireless
communication to wearable hub outside of the body. The bio-nanosensor can be diversified by
sensing quorum sensing signals directly or via a reporter bacteria. Moreover, the signals generated
by bacteria can be sensed by utilizing electro-chemical or fluorescence methods. The bio-nanosensor
of RIMOR, has two parts, namely, the bacterial sensor and the physical sensor. The bacterial sensor
senses molecular communication signals generated by the bacteria in the body, and produces light
detected by the physical sensor which converts light to electrical current. This way, MC signals are
transduced to electrical signals to be further relayed to the wearable hub. Interactions between
physical and cyber domains are established by heterogeneous wireless communication modules that
utilize radio-frequency (RF), ultrasonic and molecular communications through RIMOR and
wearable devices.
The cyber part of the PANACEA is in charge of collecting sensing data and performing complex data
processing and learning procedures for the early detection of diseases and infections. The access to
PANACEA is made possible by the Human-Machine Interface (HMI), which provides an easy and
intuitive Data Visualization Interface (DVI) enabling the visualization of relevant information of each
patient and provides alert message management to notify both caregivers and patients when an
infection occurs. The DVI allows human-in-the-loop control thus making it possible for caregivers to
dynamically and actively interact with the system and to regulate drug delivery through ad-hoc
control primitives and APIs exposed by actuator devices. PANACEA not only facilitates interactions
with humans, but it also enables advanced automated drug delivery systems that rely on supervised
machine learning. The learning block is fed with both data collected by the physical system and
supervised input data generated by caregivers. Such an approach makes it possible to train
PANACEA with patient-dependent data so that individual medical treatments can be achieved for
each patient.
Even though applications such as PANACEA are very promising since they are based on the better
defined and more studied MC technique of bacterial communication, a plethora of biomedical
applications can be enabled by the rest of the MC techniques such as calcium signaling, nervous
networks, endocrine network, and molecular motors. The standardization efforts in molecular
communication started in 2014 with the IEEE P1906.1.1 - Standard Data Model for Nanoscale
Communication Systems and they have released IEEE 1906.1-2015 - IEEE Recommended Practice
for Nanoscale and Molecular Communication Framework. Although this standard is a step towards
developing MC as an implementable technology, it only covers the basic diffusion-based molecular
communication and it also includes THz band communication under the nano-communication
umbrella which overlooks underlying challenges arising from the biological nature of MC. Despite
the prior work in the field on the channel characterization, estimation, and capacity calculations of
these aforementioned techniques, a unifying information-theoretic framework that captures the
peculiarities of an MC channel over classical communication systems for all the various MC
techniques, is currently missing.
We aim at filling the aforementioned research gap by providing a mathematical framework rooted in
chemical kinetics and statistical mechanics to define the main functional blocks of MC, to abstract
any MC system and determine or estimate the information capacity of their communication channels.
By using the general formulation of the Langevin equation of a moving nanoscale particle subject to
unavoidable thermally driven Brownian forces as a unifying modeling tool for molecule propagation,
we build a general mathematical abstraction of an MC system. Then, we derive a methodology to
determine (or estimate, whenever closed-form analytical solutions are intractable) the MC channel
capacity based on the decomposition of the Langevin equation into two contributions, namely,
propagation according to the Fokker–Planck equation followed by a Poisson process.
We classify diverse implementations of MC based on their underlying physical and chemical
processes and their representation in terms of the Langevin equation. MC systems based on random

– xiv –
walk, such as calcium signaling in cell tissues, neuron communication by means of neurotransmitters,
and bacterial quorum sensing, include only the contribution of the Brownian stochastic force f. MC
systems based on drifted random walk, such as MC in the cardiovascular system, microfluidic
systems, and pheromone communication between plants, include both f and a drift velocity vn(t) as
function of the time t for each molecule n, which is independent of the Brownian motion. MC systems
based on active transport, such as those based on molecular motors and bacteria chemotaxis, include
instead a deterministic force Fn(t) added to f. For each of these categories of MC systems, and based
on the aforementioned Langevin equation decomposition, we provide a general information capacity
expression under simplifying assumptions and subsequently discuss these results in light of the
functional blocks of more specific MC system models, including cases where a closed-form capacity
expression cannot be analytically derived. This statistical-mechanics-based framework provides a
common ground that not only allows existing researchers in this field to formalize their direction
taken in the last decade in this high-level framework but also provides future researchers with a well-
defined methodology to evaluate the performance of the existing and to-be-discovered MC systems.
We believe this contribution will be foundational for this discipline on the way to standardization,
and an important milestone for the engineering of future MC systems.
MC promises to better understand communications in biological systems, and reciprocally develop
biologically-inspired approaches for communication systems. Since it provides a disruptive
technology based on interfacing directly with living cells and organisms which enables an
unprecedented way of reaching health information in the living body, which we believe will be at the
core of next-generation ICT technologies for human health.

_______________________
*
This talk is based on the following three papers:
1. Akyildiz, I. F., Guler, U., Ozkaya-Ahmedov, T., Sarioglu, A. F., Unluturk, B. D., “PANACEA: An Internet of
Bio-NanoThings Application for Early Detection and Mitigation of Infectious Diseases,” submitted to IEEE
Access, 2019.
2. Akyildiz, I. F., Pierobon, M., Balasubramaniam, S., “An Information Theoretic Framework to Analyze
Molecular Communication Systems Based on Statistical Mechanics,” Proceedings of the IEEE, vol. 107, no. 7,
pp. 1230-1255, 2019.
3. Akyildiz, I. F., Pierobon, M., Balasubramaniam, S., and Koucheryavy, Y., "Internet of BioNanoThings,"
IEEE Communications Magazine, vol. 53, no. 3, pp. 32-40, March 2015.

– xv –
SESSION 1

ICT INFRASTRUCTURE FOR HEALTHCARE

S1.1 5G-enabled health systems: Solutions, challenges and future research trends
S1.2 Community healthcare mesh network engineering in white space frequencies
S1.3 Exploration of the non-intrusive optical intervention therapy based on the indoor smart
lighting facility
S1.4 Access technologies for medical IoT systems
5G-ENABLED HEALTH SYSTEMS: SOLUTIONS, CHALLENGES AND
FUTURE RESEARCH TRENDS

Di Zhang 1 ; Teng Zhang 2 ; Yunkai Zhai 3,4 ; Joel J. P. C. Rodrigues 5,6 ; Dalong Zhang 1 ; Zheng Wen 7 ; Keping Yu 7 ;
Takuro Sato 7
1
School of Information Engineering, Zhengzhou University
2
Interventional Operating Theater, the First Affiliated Hosital of Zhengzhou University
3
School of Management Engineering, Zhengzhou University
4
National Engineering Laboratory for Internet Medical Systems and Applications, China
5
Federal University of Piauí (UFPI), Brazil
6
Instituto de Telecomunicações, Portugal
7
Waseda University, Japan

ABSTRACT unrealistic to force medical doctors to move to remote


areas. It is also inhumane to force the people in remote
In the literature, Information communication technology areas to move to big cities. In this case, leveraging some
(ICT)-assisted health systems have been intensively technical methods will be a good choice, for instance,
discussed. However, it has seldom become a reality. Information communication technologies (ICT)-assisted
This is mainly due to the current wireless technologies’ health systems.
limited transmission rate, few connected devices and
In literature, ICT-assisted health systems is not a new
high latency. On the contrary, the fifth generation (5G)
topic. For example, the cloud computing paradigm for
wireless communications can connect more devices,
e-health and the leak risks of patient’s sensitive health
provide faster transmission rates and a lower latency.
information were discussed in [3]. The conclusion from
In this article, we first introduce the 5G-enabled health
this study is that the precautions must be taken into
systems and our specific implementation in the first
consideration before storing the sensitive data in the
affiliated hospital of Zhengzhou University (FAHZZU).
cloud. In the study of [4], authors reviewed the diffusion
Afterwards, the potential challenges and future research
of telemedicine and analyzed the factors influencing the
trends on demonstrating the 5G-enabled health systems
diffusion. It was found that going back to 2007, residents
are discussed.
and doctors in China living in remote areas mostly
had less knowledge about information technology (IT),
Keywords - 5G, health systems, smart hospital,
and they were unwilling to use telemedicine [4]. It
telemedicine
was thus hard for the implementation of telemedicine
at that time period. Authors suggested that a
1. INTRODUCTION
comprehensive force from both central government and
High-quality hospitals mostly locate in big cities, local government, and various methods not only limited
whereas the villages and remote areas lack such medical to education and scientific popularization, were needed.
institutions. The rapid siphon effect of big cities makes On the other hand, authors in [5] demonstrated the
the remote area’s health conditions even worse. With real-time off-the-shelf integrated telemedicine devices
technology advancing, the digital division between big for emergency medical cases in Germany.
cities and remote areas is getting bigger. The young and Nowadays since ICT technologies have been widely
middle-aged people can move to big cities, but it is hard used, people has more positive attitude to telemedicine.
for the elderly, ill and disabled people to do this. However, wireless connections of existing ICT-assisted
On the other hand, for the digital-technology health systems are based on the previous wireless
development such as fifth generation (5G) Internet of technologies (for instance, long term evolution (LTE)
things (IoT) [1] [2], most of our attention is confined and Wi-Fi). Limited connected device number, lower
to the big cities, and our effect is to deliver a faster transmission rate and higher latency may be risky
transmission speed, better cellular coverage and larger issues for the implementation of ICT-assisted health
number of connected devices for these dense area. Less systems. On the other hand, as fifth generation (5G)
attention has been paid to the remote areas. This is and beyond has claimed, compared to LTE systems, it
mainly due to its less potential revenue compared to can connect more than 1000 times of the number of
the potential revenue for more dense areas. It is the devices, support more than 1000 times of the devices,
society’s responsibility to provide people in remote areas support more than 100 times the traffic volumes and
with better health services. However, it is unfair and provide 1 out of 10 latency performance (less than 1 ms)

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 –1– Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

[1]. All these characteristics match the requirements of 5G-assisted health systems is a more realistic choice. In
ICT-assisted health systems perfectly. In 5G, massive literature, the ICT-assisted health systems have been
multi-input multi-output (MIMO) [6], non-orthogonal discussed a lot. However, due to the current restrictions
multiple access (NOMA) [7], and full duplex (FD) are of latency, transmission speed and number of connected
emerging technologies for these claimed targets. devices, the telemedicine services are inefficient.
The 5G and beyond wireless technologies provide The 5G-enabled health systems, on the contrary, can
perfect solutions to ICT-assisted health systems, which solve these problems. The most promising technologies
inspires 5G-enabled health systems. For example, with of 5G being applied to the health systems is the URLLC.
the help of ultra-reliable low latency communications Additionally, the massive machine type communications
(URLLC), a 5G-enabled ambulance can provide remote (mMTC) and enhanced mobile broadband (eMBB)
diagnosis and operation. 5G-enabled ambulance can characteristics can further improve the experience of
also automatically respond to an emergency call and ICT-assisted health systems [7, 8]. As is known
plan an optimal route in advance to save precious rescue to all, compared to the fourth generation wireless
time. Besides, URLLC is also a critical issue for remote communications (4G), 5G aims to offer less than 1 ms
surgery. Otherwise, the wound area will be big and latency, more than 20 billion connected devices and up
might cause some risks to the patient’s life. 5G’s large to 1 Gb/s experienced transmission speed. All these
volume real-time medical image transmission also makes features make remote diagnosis and treatment a reality.
remote expert consultation a reality. Moreover, in
general and specialist hospitals, patients or their escorts
2.1 5G-enabled remote diagnosis and
need to press the widely used emergency call-buttons to
treatment
call the medical staff whenever an emergency happens.
It is time-consuming and might even waste precious Telemedicine
rescue time. The 5G-enabled monitoring systems, on vehicle
Remote diagnose
the other hand, can reduce the consumed time and
save the patient’s life especially in emergency conditions. Remote treatment

The 5G-enabled monitoring systems can also provide


remote ward-round and real-time vital signs monitoring
Remote operation
services.
Remote diagnose Community clinic
In this study, we first discuss the solutions and introduce and district hospital
Remote consulation
the demonstrations of our 5G-enabled health systems, 5G network
i.e., 5G-enabled remote diagnosis and treatment, Remote treatment

5G-enabled remote surgery and 5G-enabled smart Digital database

monitoring. Based on these works, we discuss the


challenging issues and potential future research trends Remote operation
Speciality and
general hospital
on implementing 5G-enabled health systems. The rest
of this paper is organized as follows: we introduce the
demonstration of 5G-enabled health systems in section
Figure 1 – 5G-enabled health systems for remote areas.
2. The challenging issues on achieving the 5G-enabled
health systems are discussed in section 3. Section 4 5G-enabled remote diagnosis and treatment is first
is the future research trends. We finally conclude this discussed. As demonstrated in Figure 1, with 5G
paper in section 5. network’s help, we can offer better service for remote
diagnosis and treatment to residents in remote areas.
2. SOLUTIONS OF 5G-ENABLED HEALTH We can also offer remote operations with 5G URLLC?s
SYSTEMS less than 1 ms latency. On the other hand, the
district hospital and the general hospitals can mutually
The specific demonstrations and implementations of share the digital medical information. The automatic
5G-enabled health systems in the first affiliated hospital ambulance vehicles can respond to emergency calls
of Zhengzhou University (FAHZZU) will be discussed and provide in-vehicle remote diagnosis and treatment
in this section. We categorize the 5G-enabled health services with wireless connections to the hospitals.
systems into three 5G-enabled remote diagnosis and Figure 2 demonstrates remote diagnosis in FAHZZU.
treatment, 5G-enabled remote surgery, and 5G-enabled The remote community clinic is connected with
smart monitoring. FAHZZU via 5G wireless networks. In this case, the
As mentioned before, currently there are less people remote community clinic can share the high-quality
living in remote areas as more people move to the big medical resources from FAHZZU. According to our
cities. In addition, most of the people living in remote test, by leveraging the 5G’s fast transmission speed,
areas are the elderly and the young that urgently need the high-definition 1080P consultation video was
the high-quality medical services. In order to eliminate successfully transmitted. In our test, the downlink peak
the difference between big cities and remote areas, speed is about 1 Gb/s, 15 times that of the 4G wireless

–2–
ICT for Health: Networks, standards and innovation

Figure 3 – Demonstration of the 5G-enabled


ambulance in FAHZZU.
2.2 5G-enabled remote surgery

Figure 2 – Remote diagnosis demonstration of


5G-enabled remote diagnosis in FAHZZU.
transmissions; and the uplink peak speed is about 100
Mb/s, 10 times that of the 4G wireless transmissions.
The latency at the remote user side is about 7.6 ms Figure 4 – 5G-enabled remote surgery system.
according to our test, which is reduced by 73% compared
to the 4G wireless connections. With the help of Moreover, 5G’s faster transmission speed (especially
5G-enabled diagnosis and treatment, patients can be in the uplink) and URLLC merits make the remote
remotely diagnosed by the FAHZZU?s specialists while surgery robot a reality. This is because that in
sitting in the remote community clinic without actually previous generations of ICT-assisted remote surgery
traveling there. systems, the network reliability is a big challenge.
A moment’s disconnection or even a bad connection
5G-enabled ambulances is another application scenario quality will result in surgery failure, which might
of 5G-enabled remote diagnosis and treatment. It take away the patient’s life. In prior ICT-assisted
connects the first-aider, ambulance, command center, remote surgery, the operating doctor relied on the
remote clinic and the specialist and general hospital two-dimensional streaming media information, they
via 5G wireless networks. In this case, the 5G-enabled were unable to clearly see the wound or distance.
ambulance can act as the mobile hospital and share This is an arduous task, any mistake or miscalculation
the information with remote specialized doctors. It will result in serious consequences. The argument is
can check the patient?s vital signs and share these that reality/virtual reality (AR/VR) technology can
results in nearly real time. Moreover, it can provide remedy this disadvantage with its three dimensional
remote diagnosis and treatment services with the help scene reconstruction ability to assist the surgery [9].
of equipped high-definition cameras. Compared to The VR application also relies greatly on 5G’s higher
existing methods, the 5G-enabled ambulance has better transmission speed URLLC merits. In this case,
latency performance and even faster uplink transmission compared to prior wireless solutions such as LTE, 5G
speed, which are vital for the high-definition streaming is an ideal choice for ICT-assisted health systems.
media information transmission. As shown in Figure 3,
medical staff can remotely look up the electronic medical As depicted in Figure 4, in our considered 5G-enabled
record, monitor and upload the patient?s vital signs, remote surgery system, 5G networks and AR/VR
communicate with the specialized medical doctor to save technologies are used. The control center and the
the precious rescue time. The 5G-enabled ambulance remote surgery robot workbench are connected via 5G
can also be used in an emergency rescue scenario while wireless networks. We divide the remote surgery robot
connecting to the remote control center. system into two scenarios, i.e., the ambulance scenario

–3–
2019 ITU Kaleidoscope Academic Conference

and the remote clinic (hospital) scenario. The control massive Internet of things (IoT) devices connected to
center is in FAHZZU, whereas the remote surgery robot the Internet in order to continuously monitor the vital
workbench can be installed at either the ambulance side signs.
(Figure 3) or the remote clinic (hospital, control center, As depicted in Figure 5, in the 5G-enabled smart
etc.) side. In order to offer reliable connections between ward, we connect ward equipment such as the body
the control center and the surgery robot workbench, we vital sign monitoring sensors, intravenous injector, to
employ both the 5G wireless and extranet connections. a 5G wireless network. The patient’s vital signs and
The 5G wireless connections are used for the ambulance venous transfusion can be remotely monitored and
scenario because of the frequently moving demands. On controlled. Whenever the transfusion is about to finish,
the other hand, the extranet connections are used for the the transfusion monitoring system can inform the nurse
remote clinic (hospital) scenario. Different from the 5G station via 5G networks to withdraw the needles. In
wireless networks, the extranet network can offer more contrast, patients and their escorts need to watch closely
reliable connections. the transfusion speed, and call the nurse by pressing the
Asides from the remote diagnosis and treatment, emergency button if needed.
specialized doctors can remotely operate the surgery if Secondly, doctors and nurses in ward rounds can share
needed. Severely injured patients do not need to travel the patient’s information with each other, and also
to the big hospitals in case of long distance traveling share with the doctor’s office. Real-time information
may cause serious damage. Additionally, it can save can also be transferred to the security office in case
precious rescue and operation time. The remote clinic of encountering a medical dispute. Security offices can
scenario, on the other hand, can provide remote surgery immediately respond to these disputes and record the
operations with less risk compared to the ambulance videos as evidence if needed.
scenario as it does not need any travel. However, due
to the operational risk, we so far have not demonstrated 3. CHALLENGING ISSUES
or tested the 5G-enabled remote surgery yet.
We have introduced the potential solutions and our
implementations of the 5G-enabled health systems in
2.3 5G-enabled smart monitoring the previous section. In the sequel, we will discuss
challenging issues that are faced on implementing
5G-enabled health systems. Currently, eMBB and
mMTC can be easily accomplished by emerging 5G
NR technologies. However, it is still difficult to realize
the URLLC requirements, especially the less than 1 ms
latency. In this regard, we might need some trade-off
strategies between the latency and reliability. Moral
ethics is another challenging issue for implementing
5G-enabled health systems.

3.1 Trade-off between ultra-reliable and low


latency

According to Shannon theory, the system achievable


capacity can be given as

Pt
C = log(1 + SINR) = log(1 + ), (1)
Pi + σ 2

where SINR is the signal to interference plus noise ratio


(SINR). As claimed by its definition, it is the allocated
power for transmission (Pt ) divided by the channel
interference power (Pi ) and channel noise power σ 2 .
Figure 5 – Demonstration of the 5G-enabled smart
With achievable capacity in hand, system achievable
monitoring in FAHZZU.
transmission speed R will be R = BC, where B
The 5G-enabled smart ward and 5G-enabled in-home denotes the allocated carrier bandwidth. From these
monitoring are two typical application scenarios of two equations, it is quite straightforward that more
our 5G-enabled smart monitoring implementations. transmission power and wider bandwidth will yield
Similar to the 5G-enabled remote diagnosis and high achievable transmission speed. Moreover, we can
treatment, 5G-enabled smart ward and 5G-enabled employ some new radio technologies and architectures
in-home monitoring greatly rely on URLLC and eMBB to achieve faster transmission speeds and connect more
characteristics. The in-home monitoring also requires devices.

–4–
ICT for Health: Networks, standards and innovation

However, story will be different when talking about precision in surgical procedures. Thanks to 5G, we
URLLC. In prior wireless evolution, most of our can reconstruct the three-dimensional view and transmit
attention has been on the transmission speed and these high-definition streaming media [13]. Remote
network capacity enhancement, less attention has been body vital sign monitoring sensors can be used for the
paid to the latency and reliability (successive packet in-home health monitoring, diagnosis and treatment and
rate delivery (SPRD) [10]). This is because that the 10 rescue ambulance. It can save rescue time, travel costs,
ms magnitude latency and 1 − 10−2 reliability are not and reduce the number of outpatients.
challenging technical issues (e.g., the channel coding and However, ICT-assisted health systems propose some
re-transmission can achieve 1 − 10−2 SPRD). However, new challenging issues to the legal and ethical fields. In
when it comes to less than 1 ms latency and 1 − literature, the relationship between robots and humans
[10−9 , 10−5 ] reliability, things become difficult. Albeit has been long argued even after Isaac Asimov’s “Three
the less than 10 ms and 1 − 10−2 are almost enough Laws of Robotics”. One of the widely discussed problems
for the majority of wireless communications, but not is the conflict of interactions between human verdict
in remote surgery. In addition, less latency and higher and robot command. For example, when faced with a
reliability always the mean the better performance and potential traffic accident, should the automatically drive
less operational risk. ambulance hit the pedestrian or avoid it even through
In reality, it is a dilemma to achieve the ultra-reliable it might cause some serious injury to its passengers?
connections and low latency communications. For ICT-assisted health systems also raise some pitfalls
example, hybrid automatic repeat request (HARQ) to the ethics, e.g., patient-doctor relationship erosion,
re-transmissions is a good choice for higher reliability, threat to patient information privacy. If this and
but it will cause higher latency performance [10]. similar ethic dilemmas cannot be perfectly solved, we
Most of the existing works on low latency divide the may not be able to largely and widely implement the
information into short packets, which will generate ICT-assisted health systems. The rapidly and even
network jams because of the large volume of short accelerating technical advances on AI and bio-robot
packets. In addition, the short packet strategy is raise new moral dilemmas, e.g., when the robot is
incapable of VR/AR streaming media information intelligent enough, shall we treat it (or him/she) as a
transmission. This is because AR/VR streaming media human or just a robot?
information transmission requires intensive computing
and a large packet transmission strategy. Recently 4. FUTURE RESEARCH TRENDS OF THE
transmission without guarantee emerges as a hot topic 5G-ENABLED HEALTH SYSTEMS
in terms of low latency [11]. However, since there is no
We focus on the future research trends of 5G-enabled
transmission guarantee, transmission reliability will be
health systems in this section. Due to the author’s
reduced. In this case, for the URLLC requirements,
background, we mainly talk about the 5G NR
some trade-off strategies might be more reasonable
technologies and network architecture redesigning topics
choices [12].
here.
Besides, URLLC solely for the wireless access part might
be easy, yet it will be difficult from the whole network 4.1 5G new radio technology
perspective. Redesigning the network architecture is
required in this regard. For the upper layer technologies, As discussed before, eMBB, mMTC and URLLC
mobile edge computing can offload the network load to are inevitable elements of the 5G-enabled health
edge server, reduce the distance from the subscriber systems to transmit high-definition streaming media
to the vendor and provide edge computing ability for data, to connect more devices to monitor the
signal processing at the edge side. It thus can greatly vital signs, and to reduce the response time. In
enhance latency performance [12]. Network slicing literature, massive multi-input multi-output (MIMO),
is emerging as a promising technology for the new non-orthogonal multiple access (NOMA) and full duplex
network architecture design and URLLC requirements. (FD) are some emerging technologies to accomplish the
It can create some delegate network slicing services eMBB, mMTC and URLLC requirements. For instance,
for specific applications. In network slicing studies, in the work of [6], it is proved that with antenna numbers
substantial works are still needed, for instance, the increasing, uncorrelated noise and fast fading effects
routing algorithm, labeling method, file division and have vanished. Increasing the antenna numbers also
cache strategy, orchestration of various network slicing leads to less required transmitted power per bit, which
pieces. yields better capacity and faster transmission rates per
user. However, the merits of massive MIMO are greatly
3.2 Ethics of 5G-enabled health systems hampered by the pilot contamination. Novel precoding
and beam-forming algorithms are good topics for future
The ethics of 5G-enabled health systems is another research on massive MIMO.
challenging issue on its implementation. As we know, Asides from massive MIMO, NOMA is another
a remote surgery robot has contributed to the greater emerging 5G technology. It utilizes the superposition

–5–
2019 ITU Kaleidoscope Academic Conference

18
ergodic capacity of FD-NOMA can be given as [7].
16
M X
N n+1 t+1
X XX ( γ̄ 1 )
14
C ≈ π log2 e e i,j ×
i=1 j=1 k=1 s=1 (2)
System capacity (Bit/s/Hz)

12 p (−bk bs γ̄ 1 )
ak bk as e i,j ,

10
where M, N denote the transmitter number and
8 receiver number, respectively. We denote αi,k
as the FD self-interference from transmitter i to
6
receiver j. Moreover, γ̄i,j can be given by γ̄i,j =
ραi,j
4 ρ( N
P
α +ηα )+1
, with αi,j , ρ, η, αi,k the NOMA
l=i+1 i,l i,k

power coefficient, signal to noise ratio (SNR), FD


2 coefficient and its corresponding FD self-interference.
With regard to ak , bk , as , bs , we have ak = θk −θπ k−1 , bk =
0
cot θk−1 −cot θk
5 10 15 20 25
π , as = θs −θπ s−1 , bs = cot θs−1π−cot θs , and 0 ≤
SNR (dB)
θ1 < ...θk < ... π2 , 0 ≤ θ1 < ...θs < ... π2 . On the contrary,
Figure 6 – System capacity comparison between the half-duplex (HD) based NOMA capacity expression
HD-OMA, HD-NOMA, FD-OMA, and FD-NOMA. can be obtained while removing the FD self-interference
part. In literature, capacity expressions for HD-OMA
and successive interference cancellation (SIC) for and FD-OMA have been investigated a lot, we omitted
simultaneously encoding and decoding multiple user’s the derivations here.
information[7]. In NOMA studies, we generally assumed In this comparison, we paired 3 users of the NOMA
that SIC can perfectly eliminate the interference from scheme with normalized channel noise. The allocated
other users within the same resource block that are NOMA powers are [4, 2, 1]. We average the allocated
with inferior channel conditions. This is an ideal power for the OMA scheme, i.e., the power allocation
assumption, which is almost impossible. Moreover, SIC for OMA user is 4+2+1 = 3.5. The comparison
2
is a time-consuming and of great complexity method, results are given as in Fig. 6. We can find that
which might even be beyond the processing ability of combining the FD and NOMA always has better
current electronic devices. In future studies, some novel capacity performance compared to the half duplex (HD)
encoding methods besides SIC might be needed. and OMA schemes. However, due to self-interference,
the merit of FD-NOMA is reduced.
Compared to massive MIMO and NOMA, FD enables
synchronous transmission and reception. FD offers 4.2 Redesigning the networking architecture
even lower latency and better capacity performance technologies
[7]. The weakness of FD lies in the self-interference
[14] generated by its own transmitter. In order to The current driving force of wireless evolution is
deal with this problem, we may employ interference from the data-centric with the aim to connect more
cancellation devices at the receiver side. This is devices and provide even faster transmission speeds
not a simple job because digital-domain cancellation for the devices. As we know, massive connected
can be successfully implemented only when up to its devices and their faster transmission speeds bring in
effective dynamic range of the analog-to-digital (ADC) traffic overload, especially to wireless networks such
(suppose the FD terminal uses a B-bit ADC, the as base stations (BS). Nevertheless, users do not
range is about 6.02(ENOB − 2) dB [15]. Additionally, care about how and where the data comes from
this cancellation implementation generally has multiple but only the quality of service (QoS) and quality
stages. Due to the consumed processing time of of experience (QoE) of its service. In order to
these multiple stages, latency is increased. In future, solve this problem while catering to the driving
self-interference cancellation algorithms and some fast force’s shift from data-centric to information-centric,
processing devices can be some good topics for the FD the information-centric networking (ICN) and edge
studies. Besides, combining these 5G NR technologies computing technologies receive increasing attention [16,
can further improve performance, which is another 17, 18, 19].
interesting topic for future studies. In Fig. 7, we compare the network throughput
between the edge computing-assisted ICN and
We compare the capacity performance between conventional network TCP technologies while
half duplex-NOMA (HD-NOMA), FD-NOMA, increasing the subscriber numbers with per subscriber’s
HD-orthogonal multiple access (HD-OMA) and transmission rate 10 MBit/s. As depicted by this
FD-OMA by considering the Relay channel model. figure, with subscriber numbers growing, curves
According to previous work, the achievable system of edge computing-assisted ICN remain constant

–6–
ICT for Health: Networks, standards and innovation

while the TCP-based network throughput is growing some strategies to balance the volume of engaged label
exponentially until reaching the system’s limitation. parameters and the processing accuracy. To this end,
This is because in an edge computing-assisted ICN a joint force from the off-the-shelf cooperative edge
scenario, we may always obtain the required content computing chips, dedicated image processing chips and
from the nearest caches without routing back to the state-of-the-art algorithms, are comprehensively needed.
remote server through the BS.
Edge computing-assisted ICN indeed has some 5. CONCLUSION
drawbacks, one of which is sub-network congestion.
In this work, the 5G-enabled health systems are
It happens especially when a bunch of sub-network
introduced. By leveraging the 5G NR and AI-based
subscribers simultaneously request the same content.
technologies, we can greatly improve the medical service
For future studies, effective routing and cache
quality for the remote areas, and upgrade in-hospital
distribution strategies can be good topics. On the
medical services. The solutions and demonstrations
other hand, optimal content division and labeling
of the 5G-enabled health systems are introduced.
strategy are some other topics for future studies.
For future studies, some new 5G NR technologies,
1000
network architecture redesigned from being data-centric
900 to information and user-centric, the image processing
800 algorithms and specialized devices are needed for better
implementation of the 5G-enabled health systems.
System throughput (MBit/s)

700

600 ACKNOWLEDGMENT
500
This work is supported by the Zhengzhou University
400
Research Startup Foundation under grant:124-32210907
300 and 124-32211247; the Natural Science and
200
Technology Major Projects of China under Grants:
2017ZX03001001-004; the JSPS KAKENHI of Japan
100
under Grant JP18K18044, the National Funding from
0 the FCT-Fundação para a Ciência e a Tecnologia
100 101 102 103
Client number
through the UID/EEA/500008/2019 Project; and
by the Brazilian National Council for Research and
Figure 7 – System throughput comparison between Development (CNPq) via Grant No. 309335/2017-5.
ICN-assisted edge computing and conventional scheme.
REFERENCES
4.3 VR/AR, medical image processing and the [1] D. Zhang, Z. Zhou, S. Mumtaz, J. Rodriguez, and
AI-based technologies T. Sato, “One integrated energy efficiency proposal
for 5G IoT communications,” IEEE Internet of
Currently, image label and detection are needed for Things Journal, vol. 3, no. 6, pp. 1346–1354, Dec.
the implementation of remote surgery and rescue. For 2016.
example, in machine learning based image detection,
we need to label the targets beforehand. We can [2] Y. Fan, L. Yang, D. Zhang, G. Han, and D. Zhang,
unmistakenly detect the target after training with “An angle rotate-qam aided differential spatial
existing objectives. However, it is still hard for the AI modulation for 5G ubiquitous mobile networks
to detect the unexperienced targets. The omitted target (accept),” Mobile Networks and Applications, 2019.
poses risks to the automatic ambulance and remote
surgery. Similarly, for the medical image applications, [3] J. J. P. C. Rodrigues, I. de la Torre, G. FernÃąndez,
we also need to label these disease symptoms, once and M. LÃşpez-Coronado, “Analysis of the security
some labels are omitted or mistakenly studied by the and privacy requirements of cloud-based electronic
algorithm, it will result in misdiagnosis. health records systems,” Journal of Medical
Internet Research, vol. 15, no. 8, p. e186, Aug. 2013.
Apart from the labeling and detection method, ML
algorithm’s processing speed is slowed down by the large [4] Y. Xue and H. Liang, “Analysis of telemedicine
scale and even growing AR/VR-based three-dimensional diffusion: The case of china,” IEEE Transactions
data volume. This is mainly due to the limited ability on Information Technology in Biomedicine, vol. 11,
of existing processing devices. In order to accelerate no. 2, pp. 231–233, Mar. 2007.
the processing speed, large scale deep learning (DL)
high-rank matrix factorization (MF) algorithms and [5] S. Thelen, M. Czaplik, P. Meisen, D. Schilberg,
dedicated processors are needed in the future. Due to and S. Jeschke, “Using off-the-shelf medical devices
the large scale and even growing data, we also need for biomedical signal monitoring in a telemedicine

–7–
2019 ITU Kaleidoscope Academic Conference

system for emergency medical services,” IEEE [16] H. Harai, K. Fujikawa, V. P. Kafle, T. Miyazawa,
Journal of Biomedical and Health Informatics, M. Murata, M. Ohnishi, M. Ohta, and
vol. 19, no. 1, pp. 117–123, Jan. 2015. T. Umezawa, “Design guidelines for new generation
network architecture,” IEICE transactions on
[6] T. L. Marzetta, “Noncooperative cellular wireless communications, vol. 93, no. 3, pp. 462–465, Mar.
with unlimited numbers of base station antennas,” 2010.
IEEE Transactions on Wireless Communications,
vol. 9, no. 11, pp. 3590–3600, Nov. 2010. [17] V. P. Kafle, Y. Fukushima, and H. Harai, “Internet
of things standardization in ITU and prospective
[7] D. Zhang, Y. Liu, L. Dai, A. K. Bashir, networking technologies,” IEEE Communications
A. Nallanathan, and B. Shim, “Performance Magazine, vol. 54, no. 9, pp. 43–49, Sep. 2016.
analysis of FD-NOMA-based decentralized V2X
systems,” IEEE Transactions on Communications, [18] A. Laghrissi, T. Taleb, and M. Bagaa, “Conformal
vol. 67, no. 7, pp. 5024–5036, July 2019. mapping for optimal network slice planning based
on canonical domains,” IEEE Journal on Selected
[8] D. Zhang, Z. Zhou, S. Mumtaz, J. Rodriguez, and Areas in Communications, vol. 36, no. 3, pp.
T. Sato, “One integrated energy efficiency proposal 519–528, Mar. 2018.
for 5G IoT communications,” IEEE Internet of
Things Journal, vol. 3, no. 6, pp. 1346–1354, Dec. [19] Z. Wen, D. Zhang, K. Yu, and T. Sato,
2016. “Information centric networking for disaster
information sharing services,” IEICE Transactions
[9] M. Mikhail, K. Mithani, and G. M.Ibrahim, on Fundamentals of Electronics, Communications
“Presurgical and intraoperative augmented reality and Computer Sciences, vol. 98, no. 8, pp.
in neuro-oncologic surgery: Clinical experiences 1610–1617, Aug. 2015.
and limitations,” vol. 128, pp. 268–276, Aug. 2019.

[10] M. Bennis, M. Debbah, and H. V. Poor,


“Ultrareliable and low-latency wireless
communication: Tail, risk, and scale,” Proceedings
of the IEEE, vol. 106, no. 10, pp. 1834–1853, Oct.
2018.

[11] S. Dogan, A. Tusha, and H. Arslan,


“Noma with index modulation for uplink
urllc through grant-free access [online:]
https://ieeexplore.ieee.org/document/8703780,”
IEEE Journal of Selected Topics in Signal
Processing, 2019.

[12] J. Liu and Q. Zhang, “Offloading schemes in


mobile edge computing for ultra-reliable low
latency communications,” IEEE Access, vol. 6, pp.
12 825–12 837, Feb. 2018.

[13] R. Siqueira-Batista, C. R. Souza, P. M. Mata,


and S. L. Siqueira, “Robotic surgery: Bioethical
aspects,” Brazilian archives of digestive surgery,
vol. 29, no. 4, pp. 287–290, Nov. 2016.

[14] X. Yue, Y. Liu, S. Kang, A. Nallanathan,


and Z. Ding, “Exploiting full/half-duplex user
relaying in noma systems,” IEEE Transactions on
Communications, vol. 66, no. 2, pp. 560–575, Feb.
2018.

[15] A. Sabharwal, P. Schniter, D. Guo, D. W.


Bliss, S. Rangarajan, and R. Wichman,
“In-band full-duplex wireless: Challenges and
opportunities,” IEEE Journal on Selected Areas
in Communications, vol. 32, no. 9, pp. 1637–1652,
Sep. 2014.

–8–
COMMUNITY HEALTHCARE MESH NETWORK ENGINEERING IN WHITE SPACE
FREQUENCIES

Hope Mauwa1; Antoine Bagula2; Emmanuel Tuyishimire2; Tembisa Ngqondi1


1 University of Mpumalanga, Mbombela, South Africa
2 University of the Western Cape, Cape Town, South Africa

ABSTRACT spectrum on an opportunistic basis comes with its own


challenges that may have never been met before by network
The transition from analog to digital television has availed planners and designers. The temporal and spatial variations
new spectrum called white space, which can be used to of the white space is one of the challenges that makes
boost the capacity of wireless networks on an opportunistic the planning and designing of communication networks
basis. One sector in which there is a need to use in white space frequencies a difficult task. Due to the
white space frequencies is the healthcare sector because of temporal and spatial variations of the white space, it is
existent protocols which are using it and the white space difficult to find a common control channel that nodes can
frequency is not as crowded as Wi-Fi. However, design use to exchange necessary control information. Zhao et
simulations of wireless communication networks in white al., [5] found that it is easier to find a common control
space frequencies have revealed dense network topology channel for neighboring nodes than finding a network-wide
because of better signal propagation and penetration availability of a common vacant channel. Cognitive radio
properties of white space frequencies. Consequently, technology is expected to eliminate this challenge as it has
communication networks designed in white space frequencies the ability to sense the spectrum widely and reconfigure itself
will require topology reduction for better communication to transmit in some targeted spectrum [6]. Another challenge
and routing. Therefore, this paper proposes a link-based that makes the planning and designing of communication
topology reduction algorithm to reduce a dense mesh networks in white space frequencies difficult is the dense
network topology designed in white space frequencies into network topology revealed by design simulations of wireless
a sparse mesh network topology. The paper also proposes communication networks in white space frequencies because
a network optimization function to introduce a hierarchical of better signal propagation and penetration properties of
backbone-based network topology from the sparse network white space frequencies. The dense network topology entails
topology for better scalability. Performance evaluation on many nodes being in communication range of each other,
the proposed designs show that the designs can guide network which may result in too many network packet collisions in
engineers to select the most relevant performance metrics the network. This is a complex operation for the MAC
during a network feasibility study in white space frequencies, protocol and too many paths to choose from for a routing
aimed at guiding the implementation process. protocol [7, 8]. Therefore, network design in white space
frequencies will require network topology control to 1) to
Keywords - Hierarchical backbone network, mesh network, improve the energy efficiency and battery lifetime of the
network topology reduction, sparse network, white space network and 2) to reduce packet collisions, protocol overhead,
and interference by means of a better control over the network
1. INTRODUCTION connections and redundancy without affecting important
The multi-hop wireless mesh networks in Wi-Fi frequencies network performance such as connectivity and throughput.
induce prohibitive costs for network carriers to deploy This paper proposes a link-based topology reduction
ubiquitous Wi-Fi, as revealed by many in-field trials [1]. algorithm to reduce a dense mesh network topology
White space frequencies provide a better and affordable network designed in white space frequencies into a sparse
option for deployment of multi-hop wireless mesh networks, mesh network topology. The paper also proposes a
which have a far greater transmission range and better network optimization function to introduce hierarchical
penetration properties than the Wi-Fi frequencies. It backbone-based network topology from the sparse network
is predicted that white space frequencies will address topology for better scalability of the network. The designs
geographic disparities that exist between cities and remote have been proposed to guide network engineers when
and under-served areas in terms of broadband internet access. selecting the most relevant performance metrics to favour
Once that is addressed, the realization of telehealth, which has during a network feasibility study aimed at guiding the actual
the potential to improve healthcare in these areas [2, 3, 4], is implementation process. To evaluate engineering efficiency
easy. achieved by the proposed designs, a performance evaluation
However, designing communication networks such as mesh was conducted on a simulated public safety mesh network
networks in white space frequencies that accesses the design connecting police stations in Cape Town, South Africa

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 –9– Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

and the results show the designs can guide network engineers The main goal of the backbone-based techniques is to find
to select the most relevant performance metrics during a a connected subset of nodes in a network that guarantee
network feasibility study aimed at guiding the implementation connectivity by allowing every other node in the network
process. to reach at least one node on the backbone in a direct way
The rest of the paper is structured as follows: section 2 [11]. A communication backbone can be created by selecting
introduces topology reduction and discusses the approaches nodes that form a connected dominating set (CDS). From
used to achieve it; section 3 discusses the proposed graph theory, a CDS of a graph is a connected subset in which
network optimization function that is used to introduce all other nodes that do not belong to that subset have at least
hierarchical backbone network topology from sparse network one adjacent neighbor inside the subset. Advantages of this
topology; section 4 discusses the proposed link-based CDS-based topology control are collisions control, protocol
topology reduction algorithm for reducing dense mesh overhead control and energy consumption reduction, efficient
network topology to sparse mesh network topology; section network organization and scalability improvement [10].
5 discusses the backbone network topology algorithm used
to introduce hierarchical backbone network topology from 3. NETWORK OPTIMIZATION FUNCTION
sparse network topology; section 6 is a performance
evaluation of the proposed designs; and section 7 concludes The network design consists of finding a network
the paper. configuration expressed by the graph G = (N, L), where N
is the set of nodes while L is the set of links connecting the
nodes with the objective of optimizing an objective function
2. TOPOLOGY REDUCTION AND APPROACHES
representing a penalty to be minimized or a profit/reward
to be gained. In this paper, the network engineering profit
While algorithms discussed in this section are designed for
function P(G) is considered. It combines reliability and
application in physical networks, the designs proposed in
quality of service (QoS) features, which are based on three
this paper are for predesigning a network topology offline
metric measures; node degree, link margin and Euclidean
before it is replicated in reality. In general, topology control
distance.
can be achieved through three main mechanisms: power
control technique, power mode mechanism and hierarchical
3.1 Network engineering design
formation technique.
In power control technique the communication range of the The profit function P(G) is expressed as follows:
wireless nodes is controlled by modifying the transmission Õ
power parameter of the nodes in the network. This way the P(G) = P(i) (1)
network nodes are able to better manage their neighborhood i ∈N
size, interference level, power consumption and connectivity P(i) = α ∗ ndi + β ∗ lmi + γ ∗ spi (2)
[9]. In power mode mechanism, the node activity is controlled
by switching between active and sleep operation modes to where, α, β and γ are coefficients of proportionality used to
dispense with redundant nodes and still achieve the desired express the preference for a given metric measure. A high
connectivity [10]. The main idea of the algorithms using value of one of the coefficients reveals a preference for the
these first two mechanisms is to produce a connected topology corresponding metric measure. The profit P(i) expresses the
by connecting each node with the smallest necessary set of resultant preference of node iN to be part of the backbone.
neighbors and with the minimum transmission power possible The metric measures are explained below.
[11]. These first two techniques are the main options for
1. Node degree: Nodes with a higher node degree lead
flat networks, where all nodes have essentially the same role
to reduced network topology for the backbone network,
[7, 13], i.e., in an homogeneous infrastructure.
which is preferred to nodes with a lower node degree.
Controlling the transmission power of the nodes or their Therefore, preference is given to nodes with a higher
activities only reduces the network topology to help save node degree than nodes with a lower node degree. The
energy but the approach does not prevent the transmission of node degree nd(i) of node i in a network graph with N
redundant information when several nodes are close to each number of nodes is calculated as:
other and may not simplify the network topology enough
for scalability [11]. The hierarchical formation technique N
Õ
addresses the scalability problem. In hierarchical formation nd(i) = xi j (3)
technique, a reduced subset of the nodes in the network j=1

is selected and given more responsibilities on behalf of a where xi j = 1 if there is a link between node i and node
simplified and reduced functionality for the majority of the j and xi j = 0 otherwise.
nodes [11]. This approach greatly simplifies the network
topology and saves additional energy by assigning useful 2. Link margin: Links with higher link margins are
functions, such as information aggregation and filtering and better for communication than links with lower link
routing and message forwarding to the reduced subset of margins. Furthermore, nodes whose corresponding
nodes [11]. A hierarchical topology can be constructed by links have smaller differences in link margins are better
using either a backbone network or a cluster-based network. for communication than nodes whose corresponding

– 10 –
ICT for Health: Networks, standards and innovation

links have bigger differences in link margins. Therefore,


to know which nodes are well connected, the link
margin of each node is considered as the coefficient
of variation corresponding to the link margins of all the
links connected to that node. For a node i, the coefficient
lm(i) of variation is calculated as follows:

Avglm (i, x) Figure 1 – Trap network topology


lm(i) = ∀ x : (i, x) ∈ L (4)
Stdlm (i, x) in the figure has three different paths between node 9 and
0, which can be found by the K-shortest path algorithm [14]
where Avglm (i) and Stdlm (i) is the mean and the
by repeating k sequences of shortest path finding followed
standard deviation of the link margins of the links
by pruning the links of the found shortest path to find k
connected to the underlying node respectively. The
disjoint paths between any source destination pair of the
numerator makes a node better if it is high and the
network. However, the myopic deployment of the K-shortest
denominator supports the idea that large differences in
path algorithm may fail to find more than one disjoint paths
link margins of the links connected to node i make the
between node 9 and 0 if path 9−8−6−3−1−0 is found first. We
node less efficient in communication.
propose in this paper a topology-aware K-shortest path finding
3. Average shortest path: It is the average distance from algorithm using a link weight/metric over-subscription model
a node i to all other nodes using the Dijkstra’s shortest to mitigate the impact of the presence of a trap topology in
path algorithm [12] given by equation 5 and denoted by a mesh network. The link weight over-subscription will lead
sp(i). to paths 9 − 7 − 6 − 3 − 1 − 0 and 9 − 8 − 6 − 4 − 2 − 0 being
sp(i) = Avgsp (i, x) ∀ x : (i, x) ∈ L (5) selected first before path 9 − 8 − 6 − 3 − 1 − 0. A high-level
description of the proposed algorithm is as described by the
The link lengths are considered to be the Euclidean two-steps KSPcoar se algorithm described below
distances separating the connected nodes. Nodes with KSPcoar se Algorithm:
lower average shortest paths are the more likely ones to
be part of the backbone than nodes with higher average Step 1. Link weight over-subscription. Adjust the link
shortest paths. weights
For each link ` ∈ L, set w(`) = w(`) + ds (`) + dd (`)
4. SPARSE NETWORK TOPOLOGY DESIGN where
The sparse network topology design consists of finding a • w(`) is the weight on link `
network configuration that maximizes/minimizes a network • ds (`) is the node density of the source node
optimization function (a reward to be maximized or a penalty on link `
to be minimized) subject to QoS constraints expressed in • dd (`) is the node density of destination node
terms of expected throughput by setting a link margin on link `.
threshold and reliability by setting a minimum requirement on
Step 2. Disjoint paths computation. For each
the path multiplicity to enable alternative path routing when
source-destination pair (S, D)
an active path fails. Mathematically formulated, it consists of
finding a network configuration Copt derived from the graph • path finding: Find a shortest path p between S and
G = (N, L) such that D
• network pruning: Prune the links of p from the
network topology T ∗
Õ
τ̂opt (Copt ) = max P(k) (6)
Cn ∈ G
k ∈N[Cn ] • stopping condition: If T ∗ is disconnected then
E xit else set K(S, D)=K(S, D) + p
subject to
KSPloose Algorithm: Note that pruning the network to
((6).1) τlm (x, y) > τlm ∀ x, y ∈ Copt discard selected links imposes a coarse constraint on the
((6).2) k sp (x, y) > τsp ∀ x, y ∈ Copt network topology. The KSPcoar se algorithm can be relaxed
by pruning from the network topology T ∗ only the links that
where N(X) is the set of nodes in the configuration X. Note do not meet a given criteria, such as links with lower margins
that constraints (6).1 and (6).2 express the QoS in terms of or links with poor white space quality, such as links where
link margin and reliability respectively. there is no common white space channels between the source
and destination of the links.
4.1 The K-shortest path algorithm
4.2 Sparse network topology design algorithm
Finding disjoint paths may be difficult when a network
contains a trap topology between a source and a destination A link-based topology reduction (LTR) algorithm (Algorithm
node as revealed by Figure 1. The trap topology presented 1) is designed to reduce a dense mesh network topology

– 11 –
2019 ITU Kaleidoscope Academic Conference

into a sparse mesh network topology. The objective of the 5.1 Backbone network design algorithm

Algorithm 1: LTR algorithm The algorithm for creating a hierarchical backbone network
1 mark all links in dense mesh network as non-visited; topology is provided by Algorithm 2. It uses a graph coloring
2 for each non-visited link of the network do approach, where the nodes of the network are initially
3 select worst non-visited link of the network; // i.e., assigned a white color and thereafter, they are colored black or
link with lowest link margin. gray, depending on whether they have qualified for backbone
4 artificially delete the link; or edge status. This algorithm returns a network configuration
5 run the K-shortest path to detect if the network is still
k-connected; // it is k-connected if you Algorithm 2: Backbone formation
can find k-disjoint shortest paths for
1. Initialisation.
each source-destination pair of the
Assign a white colour and zero height to all nodes of the
reduced network.
network,
6 if it is k-connected then
Select a node n from W hite whose profit/reward is highest,
7 remove the link permanently;
Backbone ← {n},
8 else
Grey ← all neighbours of n,
9 leave the link and mark it as visited;
W hite ← N \ ({n} ∪ Grey).
10 end
2. Select a node k from Grey whose profit/reward is highest and
height is lower.
algorithm is to improve i) quality of the links by retaining
Include k into the Backbone,
the links of high margin and pruning those of low margin Assign a black colour to k and update its height,
and ii) maintain the reliability of the network at a predefined Remove k and its neighbours from W hite,
level. In order to design fault-tolerant networks, the algorithm Include the neighbours of k in Grey.
uses the K-Shortest Path (K-SP) algorithm in [14] to compute
3. Repeat Step 2 whenever W hite , ∅.
K-shortest paths between source-destination pairs where K >
1. Links that provide K-disjoint shortest paths from each
node to the network sink are considered and included in the where the backbone nodes are colored into black and the edge
sparse network. nodes are colored into gray.

5. HIERARCHICAL BACKBONE NETWORK 6. PERFORMANCE EVALUATION


TOPOLOGY DESIGN
We conducted different experiments to evaluate the
The backbone design consists of finding a network performance of our designs. The network engineering
configuration that maximizes the reward function subject to process in Figure 2 is proposed and was followed to evaluate
similar QoS constraints as in the sparse network design but our designs. Building upon the elevation maps of an area
with the objective of partitioning the network into two sets: a where the network is to be designed, network planning
dominating set, which form the backbone and a dominated set software tool such as Radio Mobile [15] or SPLAT [16] is
forming the edge of the network. Mathematically formulated, used to produce feasible links of the targeted mesh network.
the design process consists of finding a network configuration Using the network report generated from the network
Copt derived from the graph G = (N, L) such that N is planning tool, the proposed topology reduction process is
divided into a dominating set N̂ and a dominated set Ň , and
the design objective is achieved and its constraints are met.

Õ
τ̂opt (Copt ) = max P(k) (7)
Cn ∈ G
k ∈N[Cn ]

subject to
((7).1) lm (x, y) > τlm ∀ x, y ∈ Copt
((7).2) k sp (x, y) > τsp ∀ x, y ∈ Copt
((7).3) ∀n ∈ Copt : n ∈ N̂ ∨ ∃m ∈ N̂ : (n, m) ∈ L
((7).4) N̂ ∪ Ň = ∅ ∧ N̂ ∩ Ň = N
where N(X) is the set of nodes in the configuration X. Note
that constraints (7).1 and (7).2 express the QoS in terms of link
margin and reliability respectively, while constraints (7).3
and (7).4 represent the topology control model in terms
of backbone connectivity based on the K-dominated set
model [17, 18, 19]. Figure 2 – Network engineering process

– 12 –
ICT for Health: Networks, standards and innovation

applied to map the targeted dense mesh network into a sparse


network. The final step of the network engineering process
consists of deriving a hierarchical backbone-based topology
as a topology that may be more scalable than the flat sparse
network topology.
The public safety mesh network design connecting police
stations in the city of Cape Town in South Africa depicted
in Figure 3 was used. The network design was simulated in
TV white space frequency using the Radio Mobile network
planning tool [15]. 42 network nodes were considered in the
simulation.
A Python code implementation of the LTR Algorithm 1 was
run on the network reports generated by the Radio Mobile
network planning tool [15] to map the dense mesh network
into sparse network topology. First, the GPS coordinates
of the nodes were transformed into 2-dimensional Cartesian
coordinates, which were used to compute Euclidean distances
separating the nodes before running the LTR algorithm. Figure 4 – Sparse network topology
During the reduction process, links that provided two disjoint
2. The variation of number of shortest paths per node.
shortest paths from each node to the network sink were
We let each node to be a sink and evaluated the standard
considered and included in the sparse network topology. The
deviation in the number of shortest to the sink from each
reduced network topology is shown in Figure 4.
node of the network.
6.1 Sparse network topology reliability using the link
length
3. The maximum number of shortest paths. To
We evaluated the reliability of the computation by looking at determine the liability of nodes (to be sinks), we
the number of disjoint shortest paths computed by considering computed this metric, which shows the node to which
the sparse network topology with the link length as the routing other nodes can reach using more alternatives paths.
metric. The algorithm described in section 4.1 was used
to compute the disjoint paths for each node of the sparse
topology. In the rest of this paper, we refer to the number of Figure 5 shows that node 0 is the most reliable since it has
disjoint paths from a node to all the other nodes of the sparse the highest average number of disjoint shortest paths and in
network as the disjoint path multiplicity (DPM) for that node. this case, node 29 is less reliable. Figure 6 shows when node
We considered the following performance metrics: 29 is chosen to be the sink, the number of shortest paths from
each node to it varies less. However, choosing node 0, the
1. The average number of disjoint shortest paths per number of shortest paths from each node varies most. Figure
node. We let each node be a sink and evaluated the 7 confirms that node 1 is the most reliable but reveals that
standard deviation in the number of shortest to the sink when node 29 is the sink, the number of shortest paths from
from each node of the network. each node is minimum.

Figure 3 – Public safety mesh network of police stations in


Cape Town, South Africa Figure 5 – Average DPM

– 13 –
2019 ITU Kaleidoscope Academic Conference

Figure 8 – Hierarchical backbone network topology


Figure 6 – DPM Variance
the network are also likely to be chosen as backbone nodes
according to Algorithm 2.
The table reveal the advantage of using a backbone model by
showing links with better quality in terms of link margin
and a higher node degree, representing the potential of
finding alternative paths for the traffic when a link/node fails.
However, this is balanced by the path multiplicity, which is
1 because all the edge nodes are directly connected to the
cluster heads thus offering a single path for the edge nodes
while a flat network has the potential of building 2 paths for
the edge network.

6.4 Impact of the design parameters on the backbone


size

In this subsection, we study the effect of parameters on the


size of the backbone. In each case, two parameters were fixed
as the third parameter was being varied from 0 to 100. Figure
Figure 7 – Maximum DPM 9 shows how the size of the backbone changed by varying the
node degree. The figure shows that the size of the backbone
6.2 Hierarchical backbone topology design
varied but generally decreased down to the convergent point
(10 nodes) as the node degree increased.
A Python code implementation of Algorithm 2 was run on
Figure 10 shows how the link margin parameter affects the
the network reports for the sparse network topologies to
size of the backbone. Like the trend shown by Figure
introduce hierarchical backbone network topologies. Using
the coefficient parameters in Equation (1) set as α = β = γ =
10, the hierarchical backbone network topology produced is
shown in Figure 8.

6.3 Impact of backbone design on network performance

Experiment 1: Using the link length. Table 1 shows the


main characterization of the formed backbone network and
the sparse network for the Cape Town Public Safety network.
The average node degree and the coefficient of the link margin
variation for the backbone are greater than that of the sparse
network. This is because a node with the highest degree or
coefficient of variation is likely to be chosen as a backbone
node according to Algorithm 2. On the other hand, the
table shows that the average shortest path for the backbone is
smaller. This is because the nodes closest to many nodes in Figure 9 – Impact of α on backbone size

– 14 –
ICT for Health: Networks, standards and innovation

Table 1 – Backbone network topology vs sparse network topology

Network performance Reduced network Backbone


Node degree 3.81 4.03
Coefficient of variation (link margin-(dBm)) 2.83 3.86
Shortest distance (km) 12.88 12.31
Path multiplicity 2 1

9, the network backbone decreased towards a convergence. 7. CONCLUSION


However, the decrease is slower and hence the backbone size
converges to a higher number of nodes. In this paper, design challenges expected to be met when
designing mesh networks using opportunistic access to the
white space frequencies were explored and discussed. Dense
Considering the effect of shortest distance between nodes,
network topology was highlighted as one of the design
Figure 11 shows a different trend. The size of backbone
challenges that network planners and designers in white space
increased in general until it converges to a maximum.
frequencies will face and the paper focused on addressing
this challenge. A link-based topology reduction algorithm
The conclusions drawn from the three graphs depicting has been developed to reduce a dense mesh network topology
impact of the design parameters on the backbone size are designed in white space frequencies into sparse mesh network
as follows: the backbone size is affected by change of each of topology and a network optimization function based on
the three parameters. These results also reveal that the node three metrics has been developed to introduce hierarchical
degree has a much higher positive influence on the backbone backbone-based network topology from the sparse network
size, leading to smaller backbones, which can allow networks topology. Performance evaluation on the designs were carried
to scale while keeping the size of the backbone constant and out and the results show that the designs can guide network
smaller. engineers to select the most relevant performance metrics
during a network feasibility study in white space frequencies,
aimed at guiding the implementation process.

REFERENCES

[1] P. Cui, Y. Dong, H. Liu, D. Rajan, E. Olinick, and


J. Camp, “Whitemesh: Leveraging white spaces in
wireless mesh networks,” In 2016 14th International
Symposium on Modeling and Optimization in Mobile,
Ad Hoc, and Wireless Networks (WiOpt), pp. 1-7. IEEE,
2016.

[2] L. Uscher-Pines, K. Bouskill, J. Sousa, M. Shen, and


S.H. Fischer. Experiences of Medicaid Programs and
Health Centers in Implementing Telehealth. RAND,
2019.
Figure 10 – Impact of β on backbone size
[3] The App Association, “Tuning into Telehealth: How
TV White Spaces Can Help Mississippi Tackle the
Diabetes Epidemic,” 2017. http://actonline.org/2017/
07/20/tuning-into-telehealth-how-tv-white-spaces-
can-help-mississippi-tackle-the-diabetes-epidemic/.

[4] A. Chavez, R. Littman-Quinn, K. Ndlovu, and C.L.


Kovarik, “Using TV white space spectrum to practise
telemedicine: A promising technology to enhance
broadband internet connectivity within healthcare
facilities in rural regions of developing countries,”
Journal of telemedicine and telecare 22, no. 4 (2016):
260-263.

[5] J. Zhao, H. Zheng, and G. Yang, “Distributed


coordination in dynamic spectrum allocation networks,”
Figure 11 – Impact of λ on backbone size In First IEEE International Symposium on New

– 15 –
2019 ITU Kaleidoscope Academic Conference

Frontiers in Dynamic Spectrum Access Networks, 2005.


DySPAN 2005., pp. 259-268. IEEE, 2005.
[6] P.H. Pathak, and R. Dutta. Designing for network and
service continuity in wireless mesh networks. Springer
Science & Business Media, 2012.
[7] H. Karl, and A. Willig. Protocols and architectures for
wireless sensor networks. John Wiley & Sons, 2007.
[8] F. Zhao, L.J. Guibas, and L. Guibas. Wireless sensor
networks: an information processing approach. Morgan
Kaufmann, 2004.
[9] N. Li, J.C. Hou, and L. Sha. “Design and analysis
of an MST-based topology control algorithm,” IEEE
Transactions on Wireless Communications 4, no. 3
(2005): 1195-1206.
[10] A. Vázquez-Rodas, and L.J. de la Cruz Llopis,
“Topology control for wireless mesh networks based
on centrality metrics,” In Proceedings of the 10th ACM
symposium on Performance evaluation of wireless ad
hoc, sensor, & ubiquitous networks, pp. 25-32. ACM,
2013.
[11] P.M.W. Rojas. Topology control in wireless sensor
networks. University of South Florida, 2010.
[12] E.W. Dijkstra, “A note on two problems in connexion
with graphs.” Numerische mathematik 1, no. 1 (1959):
269-271.
[13] K. Sohraby, D. Minoli, and T. Znati. Wireless sensor
networks: technology, protocols, and applications. John
Wiley & Sons, 2007.
[14] A.B. Bagula, and A.E. Krzesinski, “Traffic engineering
label switched paths in IP networks using a
pre-planned flow optimization model,” In MASCOTS
2001, Proceedings Ninth International Symposium on
Modeling, Analysis and Simulation of Computer and
Telecommunication Systems, pp. 70-77. IEEE, 2001.
[15] R. Coudé. Radio Mobile - RF propagation simulation
software, 1998. http://radiomobile.pe1mew.nl/.
[16] J. Magliacane. SPLAT! Because the world isn’t flat!,
1997.
ITUurlhttps://www.qsl.net/kd2bd/splat.html.
[17] J. Yu, N. Wang, G. Wang, and D. Yu,
“Connected dominating sets in wireless ad hoc and
sensor networks?A comprehensive survey,” Computer
Communications 36, no. 2 (2013): 121-134.
[18] F. Dai, and J. Wu, “On constructing k-connected
k-dominating set in wireless ad hoc and sensor
networks,” Journal of parallel and distributed computing
66, no. 7 (2006): 947-958.
[19] S. Kutten, and D. Peleg, “Fast distributed construction
of smallk-dominating sets and applications,” Journal of
Algorithms 28, no. 1 (1998): 40-66.

– 16 –
EXPLORATION OF NON-INTRUSIVE OPTICAL INTERVENTION THERAPY
BASED ON THE INDOOR SMART LIGHTING FACILITY

Jian Song1, Xiaofei Wang1, Hongming Zhang1 and Changyong Pan1

1
Tsinghua University, Beijing, P. R. China

ABSTRACT development of electric light sources. Current statistics show


that 25% of the world's electricity was depleted by lighting
Light, originally the natural light, is one of the important before LED was used as a source replacement. With the full
contributing factors to the creation of life on earth, the use of LED lamps, the electricity usage for lighting could
evolution of human beings and the development of eventually be reduced to 4%, which would clearly change the
civilization. With the emergence of electric light sources, whole world profoundly. Dr. Suiji Nakamura and other
more specifically the LED lighting lamps which are now colleagues won the Nobel Prize in physics in 2014 precisely
being utilized all over the world, the concept of Internet of because of this century's contribution. In future, with people
light (IoL) using the existing LED illumination network with spending more and more time indoors (according to EPA
the combination of ICT technologies was created. It has statistics: people have an averaged indoor time of 87%),
become popular recently and is now widely believed to have approaching LED-based lighting networks will have a much
a long-lasting impact. IoL not only improves the lighting greater impact on people’s daily lives.
efficiency, indoor lighting comfort level and other value-
added services, but also provides the possibilities for The Nobel Prize in Physiology or Medicine 2017 was
regulating human physiological rhythm, especially for the awarded to Jeffrey C. Hall, Michael Rosbash and Michael W.
alleviation of degenerative neurological diseases, even for Young for their discoveries of molecular mechanisms
the treatment and service of healthy lighting in a non- controlling the circadian rhythm [1]. They found that for
intrusive way. This paper first introduces the concept and the higher organisms which are normally light-sensitive, the
system structure of IoL, and then gives the preliminary biological clock is a functional system consisting of
results and considerations on how this integrated platform photoreceptor neurons, endocrine systems and gene timing
can be utilized to carry the life sciences research and oscillations. This produces the rhythm of day and night
potentially the future applications for the wellness of senior replacement from the gene expression at microscopic level,
people. More work could be conducted and it would be quite cellular metabolism, and to the macroscopic level behavior
necessary to take into consideration standardization from description. This research has made neuroscientists start to
the perspectives of communication, Internet of things pay close attention to the impact of visible light on living
applications, and non-intrusive optical intervention therapy. organisms.

Keywords – Alzheimer's disease, human physiological In 2018, Edward S. Boyden and Li-Huei Tsai showed that
rhythm, Internet of light, LED, non-intrusive optical optogenetically driving fast-spiking parvalbumin-positive
intervention therapy (FS-PV)-interneurons at gamma (40 Hz) can reduce levels of
amyloid-β (Aβ)1–40 and Aβ 1–42 isoforms [2].They
1. INTRODUCTION designed a non-invasive 40 Hz light-flickering regime that
successfully reduced levels of Aβ1–40 and Aβ1–42 in the
The artificial light source is perhaps one of the most visual cortex of pre-depositing mice and mitigated plaque
important inventions for human beings. Since it is not always load in aged, depositing mice to attenuate Alzheimer’s-
possible to enjoy the natural light day and night, human disease-associated pathology [3][4].
beings started to explore artificial light sources, and the
electric light source is an important outcome from this effort. On the other hand, LED lamps based on semiconductor
Thomas Edison first invented the incandescent lamp, lighting are becoming more and more popular in the world
marketed on a large scale in 1879, which is taken as the first due to their low cost, high luminous efficiency and long-life
leap in the development of electric light source. In 1938, the expectancy. Unlike the incandescent lamps or other light
birth of the fluorescent lamp (low pressure gas discharge sources in the past, one can easily adjust the intensity and
lamp) made the electric light source achieve its second giant color temperature of LED lights to accommodate people’s
leap. Later, in 1993, the famous blue-light LED technology, needs. Preliminary research results show that it could
invented by Dr. Suiji Nakamura, and successfully promoted potentially provide a new type of non-intrusive treatment by
to commercialization of the LED lighting source is changing the intensity and color temperature for the indoor
considered as the third great leap in the history of the lighting environment. At present, the problem of an aging

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 17 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

society in most countries around the world becomes much example, Internet of Radio and Light in [8][9], are discussed
more severe than ever before. Depression is a high-risk in section 5.
disease for the senior people, which seriously affects the
physical and mental health, and eventually jeopardizes the 2. SYSTEM DESCRIPTION
quality of life [5]. Numerous studies have shown that light
stimulation can effectively alleviate depression or other The strategic roadmap from 2015 to 2025 of the European
psychological disorders. Some literature has attempted to Lighting Association is shown in Figure 1, indicating that the
systematically analyze the research trends for the optical semiconductor lighting started with the environment
intervention therapy for senile depression under the indoor protection purpose is currently in the stage of intelligent
lighting environment, and to combine the current light lighting, which is about to transit to human-oriented lighting,
environment status of retirement buildings with the visual, that is, smart lighting [10]. The goal is to achieve smart
psychological and physiological characteristics of the senior lighting that supports healthy lighting by 2025 and to provide
people. Following this, key considerations of the healthy people with a healthy and comfortable indoor living
light environment of the nursing space against the depression environment. However, during the current stage of
of the seniors [6] [7], are given. As an effective treatment, intelligent lighting, the main goal is still to save energy.
the optimal dose of phototherapy treatment time, light Considering that the intensity and color temperature of LED
intensity and duration of illumination need to be intelligently light sources can be easily controlled, ICT technology
adjusted depending on the type of illness, the severity of the combined with sensors and the intelligent driver in the
condition, and individual characteristics. Phototherapy has luminaire can be used to monitor and track environmental
advantages that are easy to control and implement with changes in real time.
negligible side effect when compared with traditional drug
treatments. More importantly, phototherapy provides a
compatible aid with the regular drugs for the treatment of
mental illness, which can accelerate improvement and
alleviate the symptoms.

It is anticipated that with the continuous development of


LED lighting technologies, together with the ever-increasing
in-depth research on the relationship between LED lighting
and human health, the adjustment of the light intensity and
color temperature of LEDs without being perceived by the
human eyes will be able to effectively alleviate, treat, and
may even cure certain aging diseases and improve life
quality for human beings.

Based on the above investigation on lighting and rhythm, this


paper proposes the system structure of IoL and seeks its
feasibility of using visible light to treat Alzheimer's disease Figure 1 - The strategic roadmap from 2015 to 2025 of
and possibly other diseases considering the latest progress of the European Lighting Association [10]
semiconductor LED illumination. The paper is organized as
follows: After a brief survey on the recent developments in Scenario switchovers for lighting control, intensity
the related areas of illumination and especially in human adjustment, color temperature changes and even the color
science in section 1, the functional blocks and the major control can be fully supported to achieve a variety of lighting
research areas for IoL are briefly illustrated in section 2. The functionalities. Smart lighting (human-centric lighting) is the
experiment set-up on the mice and the preliminary impact advanced stage of lighting control. With the help of the
analysis of the visible light on the cranial, rhythm, and Internet of things, cloud computing technology and data
memory-related brain regions (hippocampus) of the cranial mining, it becomes possible to understand users’ lighting
nervous system and its intrinsic mechanisms are preferences, deeply digging into the lighting needs of users,
demonstrated in section 3, exploring the intrinsic and automatically building up the comfortable and healthy
mechanisms and mitigation impact of visible light on lighting environment by intelligent lighting control. And this
Alzheimer's disease. The significance of the results in this will be further enhanced with the support of artificial
experimental data from mice and primary explanations are intelligence technologies such as big data and machine
shown in section 4. And then the possibility of non-intrusive learning, together with the active sensing of the users’
optical intervention therapy, further experiments and environment.
medical clinical practice and proposing IoL standards, such
as binary phase shift keying (BPSK), quadrature phase shift In this paper, we proposed the concept of the Internet of light
keying (QPSK), and even orthogonal frequency division (IoL), an intelligent lighting network for indoor applications,
multiplexing (OFDM) which have been quite commonly as a platform in hope that this IoL could provide the
used in the visible light communications systems, for infrastructure to address the aforementioned diseases of

– 18 –
ICT for Health: Networks, standards and innovation

senior people. The research focus on IoL can be summarized To deal with the challenges presented by the design and
as the three following issues: optimization on IoL systems, the research should focus on (1)
joint sensing and key data extraction to improve both the
First is theoretical analysis on the multidimensional joint accuracy and coverage from a sensing perspective; (2)
sensing and intrinsic data extraction under the dense, in- resource coordination and control mechanism of the
depth illumination coverage to support the construction of heterogeneous network (wired and wireless) for reliable
ubiquitous multifunctional light-borne-based sensor access under the burst mobile environment; and (3)
networks. intelligent light control for user-centric applications which
potentially provide the possibility for non-intrusive optical
Second is investigation of a heterogeneous network structure intervention therapy.
and channel characteristics consist of wireless and wired
communication (powerline communication, PLC) systems
and corresponding resource coordination mechanisms for the
reliable, burst mobile access under massive interconnection.

Third is modeling on the application scenarios for smart


lighting and intelligent control so that intelligent lighting
services can be provided accordingly by data-mining,
extracting and analyzing user needs.

Figure 2 depicts the constitution of the smart lighting system


with the most important functional blocks while Figure 3
describes the main technical challenges and research
objectives for IoL.

In this system, each LED can serve as the sensing node after
being integrated with sensors such as the hazard gas, Figure 3 - Schematic diagram of IoL with the focus on
occupancy and moving objects; the sensing data collected by main technical challenges and research objectives
the node will be sent to the operating center any by the wired
system (i.e., PLC) or the wireless (using radio frequency, RF, Other than the advantages of energy saving, as well as the
signals) system or the combination of both for robust data low operation and maintenance costs of lighting equipment
delivery. Then the operating center will analyze those inside the building, defining and producing the specific work
received data, make decisions on the operations to be taken, environment or atmospheres and supporting LED lamp
and send the control commands to each node eventually. For interconnectivity for the value-added services based on
example, if the hazard gas is detected by one node or several intelligent lighting systems, IoL is expected to be handily
neighboring nodes, the alarm signal will be sent immediately adjusted for the circadian rhythm control of the human body
to the operating center, and then to the corresponding people and with the function of serving healthy lighting. Here, we
or the agency while the ventilation system will start working name it as non-intrusive optical intervention therapy, which
automatically. With this arrangement, IoL can be established is different from the well-known photo dynamic treatment.
by combining the naturally combined illumination and It covers quite different applications, not only the visual
power supply networks to provide information services in a health needs such as suitable brightness, no glare and no
very cost-effective way. stroboscopic illumination, but also psychological and
physical health for working place safety and working
efficiency improvement, circadian rhythm regulation and
disease rehabilitation. The natural light changes during one
day showing that the high color temperature environment
under moderate brightness can inhibit melatonin secretion,
induce alertness and improve work efficiency while the low
color temperature environment stimulates melatonin,
promotes relaxation and sleep. It is believed for an
environment with high color temperature but insufficient
brightness, people feel gloomy and depressed. Through an
intelligent lighting control system which mimics the daily
changes of the natural light for the indoor environment, LED
physiological lighting that meets people's health needs can
be used to improve lighting comfort, adjust physiological
rhythm, improve psychological mood and improve work
efficiency as well, assist and treat diseases, etc.

Figure 2 - The illustration of a smart lighting system.

– 19 –
2019 ITU Kaleidoscope Academic Conference

Our ultimate goal is to create a visible lighting strategy with


different frequencies, waveforms and duration to prevent,
relieve and treat depression, mania, Alzheimer's disease,
preferably either in the hospital or nursing home.

Unlike mice, detecting human electroencephalogram(EEG)


signals relies on non-invasive devices, such as the open-
source brain-computer interface (OpenSCI) system [11].
Both commercial software and open-source software can be
used in the analysis of collected EEG signals for verification
in conjunction with life sciences and medical
professionals[12]. This software and the hardware provide
non-invasive methods to sample the electrical activities of
the body and brain of human beings. These methods are not Figure 5 - Experiment mouse with implanted electrode
as precise as the method applied to mice in the following in hippocampus
sections but conform to medical ethics.
Two groups of mice were used in the experiments. Following
3. DESCRIPTION OF THE EXPERIMENT AND a standard procedure, the mice were implanted with
PRELIMINARY ANALYSIS OF THE DATA electrodes in the hippocampus of the brain. After surgery, the
mice were allowed to recover for a week. After restoration,
The common practice is to use the animal to conduct the the OmniPlex Neural Data Acquisition system of Plexon was
research work and confirm the effectiveness first, to avoid used to collect local field potential signals for 15 minutes as
problems such as high uncertainty and inconsistency for reference. Then, the modulated 40Hz flashing LED lamp
direct application to human beings, and most importantly the was turned on to radiate the mice for 15 minutes, and the
ethical issues. As a concept study, we used 40 Hz local field potential signal was collected at the same time.
scintillation frequency for this preliminary experiment in Data was analyzed using NeuroExplorer, which is widely
visible light irradiation on mice, motivated by the work from used in the field of neuroscience [13].
Tsai and et. al [2]. The advantage of the mouse experiment
is that we can use the multichannel in-vivo recording to As shown in Figure 6, the brain electric local field potential
record and monitor the point activity of the neuron group signal of the mouse exhibited a significant enhancement in
directly inside the brain to obtain the local field potential the 20 Hz portion in the modulated visible light irradiation.
(LFP) signal of a certain brain region (hippocampus). The two subgraphs above show the comparison of power
Compared with the signals acquired outside the skull, it has spectral density (PSD) analysis results of local field potential
higher time and spatial accuracy. In our preliminary signals of mice in the two groups. The left side is the PSD
experiments, the field status signals of the hippocampus during the radiation and the right is the PSD before the
associated with learning and memory were collected. The radiation. It can be clearly seen that the hippocampal area of
multichannel in-vivo recording technology, OmniPlex mice in the radiation has obvious discharge and energy
Neural Data Acquisition, and experiments on mice with response at the frequency of 20Hz. The third subgraph shows
implanted electrodes for collecting LFP are shown in Figures the heatmap of the hippocampal region of mice with changes
4 and 5. over time. The left side is the heatmap during the radiation
and the right is the heatmap before the radiation. It can also
easily display that the energy distribution of the hippocampal
region of mice at the frequency of 20Hz has been
significantly enhanced during the whole radiation period.
Here, we have observed the results yet lots of work needs to
be done to offer the explanation why.

Figure 4 - OmniPlex Neural Data Acquisition system

– 20 –
ICT for Health: Networks, standards and innovation

the correspondence between the behavioral model of the


mouse and the acquired signals should be carefully aligned.
Since the anatomy of the mouse brain region is quite clear,
we focus on the visual cortex, the rhythm control brain
region and the hippocampus which is responsible for
memory. The mice with Alzheimer’s disease will be
observed by dissection after the experiment, and whether the
symptoms were alleviated (i.e., whether the amyloid
deposition in the brain has been significantly reduced).

After many repetitive and more accurate experiments on


mice in the future, more experimental data of various visible
light signal constellation and modulation formats commonly
used in the visible light communications systems, light color
temperature, lighting frequency, continuous irradiation time
and other factors will be obtained for the comparative
analysis and clear conclusions can be drawn with greater
confidence. Based on this analysis, an experimental model
can be eventually established and this will pave the way, or
at least lay down the foundations, for future initial human
trials.

5. CONCLUSION AND FUTURE WORK

This paper introduces the basic concept, system architecture


and schematic diagram of the main functional modules of the
IoL network based on the combination of lighting LED and
ICT technology for indoor applications. With this
infrastructure, the concept of the non-intrusive optical
intervention therapy is proposed to support regulating the
human physiological rhythm while maintaining its main
illumination functionality. The related research plan has
Figure 6 - Results of local field potential signal analysis in
been designed and carried out through a mouse experiment
the hippocampal area of mice
to see the impact of the visible light irradiation on mice. The
feasibility of this idea is conceptually proved from the
4. DISCUSSIONS
preliminary experimental results which could bring a new
paradigm of treatments for nursing homes. In the future, we
From this preliminary experiment, it is proved that the
will further explore the possibilities from the following
hippocampus of mice, in charge of learning and memory is
aspects with the help of current medical research progress on
responsive to visible light modulation. From one side, it
degenerative diseases:
suggests that in a realistic lighting environment, appropriate
modulation methods could be utilized to help prevent, relieve
1 Treatment of Alzheimer's disease
and treat some human diseases associated with this function.
On the other hand, certain measures should be taken to
Combining more experiments on mice with advanced
reduce the possible negative impact of lighting on human
intelligent analysis, and also considering the combining
health if visible light communications with different signal
effect of other traditional therapy. People can gradually
waveforms are used in conjunction with illumination
explore the possibilities of reducing or removing
purposes for the indoor environment.
Alzheimer's disease symptoms by this non-intrusive
treatment on human beings, especially for the elderly in
The experiment is to let normal mice and mice with
nursing homes.
Alzheimer’s disease exposed to visible light with the similar
lighting environment as that for the human brain to observe
2 Regulation of depression
the behavior, rhythm and memory changes of those mice
under an LED light source operating at different operating
frequencies (mainly concerned about 20Hz ~ 50Hz), Designing and conducting the experiments on mice to
different color temperatures and different constellation and confirm the effectiveness of alleviating depressive
modulation methods. The EEG signals were obtained by symptoms by adjusting the parameters such as color
electrodes mounted outside the mouse's skull, and the temperature and intensity. The experimental treatment
electrical signals of their specific brain regions were for the elderly can then be carried out in nursing homes.
recorded by in-vivo patch clamps and other
electrophysiological techniques. When recording the data, 3 Explain how light and the nervous system interacts

– 21 –
2019 ITU Kaleidoscope Academic Conference

Study on the neurological mechanism of different factors [4] Chinnakkaruppan Adaikkan, Steven J.Middleton,
of visible light radiation (color temperature, frequency, Asaf Marco, Ping-Chieh Pao, Hansruedi Mathys,
modulation mode, radiation intensity). The significance David Nam-Woo Kim, FanGao, Jennie Z.Young,
of light in biological evolution is self-evident, yet its Ho-Jun Suk,Edward S.Boyden,Thomas J.McHugh,
molecular mechanism is still quite unclear, especially the Li-HueiTsai, “Gamma Entrainment Binds Higher-
mechanism of the direct effect of the light on the nervous Order Brain Regions and Offers Neuroprotection”,
system. One can continue to carry out mouse experiments Neuron 102, 929–943 June 5, 2019
on this platform to accumulate more knowledge in this
area. It is anticipated that successful implementation of [5] World Health Organization: Group Interpersonal
this work into the human medical applications will open Therapy (IPT) for Depression, 2016:
a new field for human recognition. https://www.who.int/mental_health/mhgap/interpers
onal_therapy/en/
There is no doubt ICT technology could play a much more
important role with the combination of the non-intrusive [6] Cui Zhe, Hao Luoxi, Xu Junli, “A Study on the
optical intervention therapy by introducing an adaptive Emotional and Visual Influence of the CICU
feedback mechanism through artificial intelligence, machine Luminous Environment on Patients and Nurses”,
learning and other methods. The therapeutic effect can be Journal of Asian Architecture and Building
tracked and the treatment process and intensity can be Engineering, 2017
flexibly adjusted to further enhance the effectiveness. Other
than that, there might be another advantage by conducting [7] World Health Organization, Mental health of older
this research. As visible light communication is considered adults. December 2017:
as a promising technology for indoor applications, it is also https://www.who.int/en/news-room/fact-
necessary to evaluate the potential impact from the low- sheets/detail/mental-health-of-older-adults
frequency operation of LED in VLC application on human
wellness. Therefore, it is quite important to consider and [8] ITU-R REPORTS
coordinate standardization efforts from the perspectives of Visible light for broadband communications:
communication, Internet of light application, and the non- https://www.itu.int/pub/R-REP-SM.2422
intrusive optical intervention therapy.
[9] J. Cosmas, Y. Zhang and X. Zhang, "Internet of
6. ACKNOWLEDGEMENT Radio-Light: 5G Broadband in Buildings," European
Wireless 2017; 23th European Wireless Conference,
The authors would like to thank Dr. Wei Shi for her great Dresden, Germany, 2017, pp. 1-6.[10]
help in arranging mouse experiments. This work was Strategic Roadmap 2025 of the European
supported by the National Key Research and Development Lighting Industry:
Program of China (2017YFB0403402) and also by the https://www.lightingeurope.org/images/160404-
Natural Science Foundation of Guangdong Province (Grant LightingEurope_Roadmap---final-version.pdf
No. 2015A030312006).
[11] openbci website: https://openbci.com/
REFERENCES
[12] EEGLAB website:
[1] Nobel prize website 2017: https://sccn.ucsd.edu/eeglab/index.php
https://www.nobelprize.org/prizes/medicine/2017/pr
ess-release/ [13] neuroexplorer website:
https://www.neuroexplorer.com/
[2] HF Iaccarino, AC Singer, AJ Martorell, A Rudenko,
F Gao, TZ Gillingham, H Mathys, J Seo, O Kritskiy,
F Abdurrob, C Adaikkan, RG Canter, R Rueda, EN
Brown, ES Boyden, LH Tsai, “Gamma frequency
entrainment attenuates amyloid load and modifies
microglia” , Nature 540:230–235, December 8, 2016

[3] Nir Grossman, David Bono, Nina Dedic, Suhasa


B.Kodandaramaiah, Andrii Rudenko, Ho-JunSuk,
Antonino M.Cassara, Esra Neufeld, Niels Kuster,
Li-HueiTsai, AlvaroPascual-Leone, Edward
S.Boyden, “Noninvasive Deep Brain Stimulation via
Temporally Interfering Electric Fields”, Cell 169,
1029–1041, June 1, 2017

– 22 –
ACCESS TECHNOLOGIES FOR MEDICAL IOT SYSTEMS

Junaid Ahmed Siddiquee

Ericsson, India

ABSTRACT required attention in budgetary allocations. To set up a well-


equipped center in every town and village will call for
ICT technologies are evolving and advances in the investment not only in money terms but also in getting the
technologies hold promise for applications in diverse trained medical and auxiliary staff to diagnose, treat and help
domains such as healthcare. Along with the development of in the rehabilitation process. To bridge the gap between the
access technologies, rapid advances are also taking place in needs and the supply of adequate and affordable healthcare
related areas, machine learning, artificial intelligence, cloud is where technology can play a major role. IoT-based e-
computing, and big data. Availing healthcare in the health and m-health applications have huge potential. A
developing countries is costly, time-consuming and, for robust and flexible ICT system is the backbone for m-health
populations located in remote areas, it also means adding in and e-health applications to work.
the cost of travel to nearby towns and cities where expert
healthcare facilities are normally available. Leveraging ICT 2. DEFINITIONS
technologies, IoT systems for healthcare can bring
affordable and quality healthcare to the population through The World Health Organization (WHO) defines e-health as
e-health and m-health applications. The role of ICT “the use of information and communication technologies
technologies is paramount to the success of IoT applications (ICT) for health” [1]. The Global Observatory for e-health
for healthcare. Two such ICT access standards are the (GOe) defines m-health as “medical and public health
3GPP-based 5G technology and IEEE-based Wi-Fi 6. practice supported by mobile devices, such as mobile phones,
However, challenges exist in the ecosystem that inhibit the patient monitoring devices, personal digital assistants
realization of the full potential of these technologies. Based (PDAs), and other wireless devices” [2]. Several definitions
on current and future requirements, the paper proposes a of IoT abound in the literature. Recommendation ITU-T
model incorporating key factors impacting an IoT Y.2060 defines IoT as “A global infrastructure for the
communication system and comes up with a set of information society enabling advanced services by
recommendations to harness the Internet of things for interconnecting (physical and virtual) things based on
healthcare. existing and evolving, interoperable information and
communication technologies”.
Keywords – 5G, Wi-Fi 6, e-health, healthcare, ICT, IoT,
m-health 3. OBJECTIVE OF THIS PAPER

1. INTRODUCTION This exploratory paper tries to answer the following broad


questions: a) What are the requirements on the access
Good health is one of the essential requirements for any network to implement an effective healthcare IoT system? b)
human. This goes hand in hand with other aspects like food, Identify the challenges that are encountered while
security, privacy and liberty that an individual need to enable implementing a solution to meet the needs of healthcare IoT.
her to perform in whatever field to maximize her full c). Propose a model for the IoT architecture with a focus on
potential. In developing countries, access to well-equipped the communication layer.
and expert healthcare remains a huge challenge. Most
modern facilities are available in the cities and urban centers. 4. DEVICES AND USERS
The rural population is often at the receiving end when they
have to avail of medical care either in response to Devices: Medical devices can range from sensors and
emergencies or in the normal treatment of ailments like heart monitors used for a range of medical conditions. The device
disease, HIV, etc. Even lifestyle diseases like diabetes and types vary depending on whether it is meant for basic
hypertension are increasingly extending beyond urban areas. treatment, diagnostic needs or monitoring. It can be expected
The lack of healthcare facilities can be due to many reasons. that in a healthcare facility there may be a mix and match of
The resources of setting up such centers bring challenges devices from different OEMs. As technology improvements
both to the public and private sectors. The government, for take place, the end devices can become more sophisticated
instance, must make decisions of allotting resources to other including equipment for remote surgery and real-time
pressing needs and rural health often does not get the

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 23 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

sensors. Device types in healthcare can be mobile handsets, Table 1 – Access technologies for IoT (Compilation)
laptops/computers, screens, cameras, diagnostic tools,
monitors and other advanced tools and equipment. 3GPP/ 2G- 3G- 4G- NB- 5G
3GPP2 GSM, WCDMA, LTE/ IOT
CDMA HSPA LTE-M
Applications: The users of the m-health applications can be:
[3] a) health professionals (physicians, nurses, midwives, Zigbee
etc.); b) public including patients and healthy individuals; c) IEEE 802.11 802.15.6
health institutions (hospitals, insurance companies, drug (Wi- (WBAN)
stores, etc.). These users would be interested in the various Fi)
lines of preventive and general treatment. Information
availed from the end points will be analyzed resulting in the LoRa
future course of action or to bring about new insights. This SIGFOX
will enable medical expertise at a central location to quickly
Bluetooth BLE BR/EDR
diagnose and send expert advice.
Weightless
5. ARCHITECTURE AND TECHNOLOGIES
6. ACCESS REQUIREMENTS OF MEDICAL IOT
There are several ways to visualize the layers making up the SYSTEMS
IoT architecture. Here we show three layers; the lowermost
layer has the IoT end points: the devices, sensors and other e-health and m-health services can be availed remotely. For
equipment that will communicate through intervening layers these services to be effective, the communication access
to talk to the application (s). The middle layer is the one that systems that talk to the end devices and the upper layers,
provides the connectivity between the devices to the including the applications, need to fulfill certain criteria. We
different modules and functions residing in the upper layer. can categorize the deployment requirements for such access
This is the access layer or the connectivity layer. The upper systems into two categories: current requirements and
layer is a conglomeration of many sublayers: the upcoming requirements. By current we define the access
connectivity management, device management and systems that are presently serving the IoT needs.
functions as the operations, billing and revenue management.
Data resides here. 6.1 Current Access Fulfillment

• Limited mobility: Most medical end-user devices are


static today. These can be monitors of various types,
sensors, counters and scales. Mobility within the same
room or building is what is available.

• Low to mid-bandwidth: Most of the applications


connected to the medical devices do not require data
guzzling pipes in gigabytes and terabytes. In most cases,
kilobytes and at most megabytes suffice.

• Tight integration with the device/equipment: Open


interfaces and protocols are not the norm. Devices and
Figure 1 – Layers in an IoT architecture applications are tightly linked. It is not expected that an
IOT device made by a medical equipment manufacturer
Several access technologies exist that are being used or can
will interwork with an application made by another OEM.
be used for IoT access. 3GPP-based standards like GSM,
CDMA, WCDMA, HSPA and LTE are available. IoT
requirements have led to the development of NB-IoT and • Integration with local databases: Cloud-based databases
CAT M1 within the 3GPP family of standards. Besides the and computing are an exception rather than the rule.
3GPP standards, IEEE-based Wi-Fi standards also cater to While manufacturers and third-party application entities
IoT needs. Proprietary standards like SIGFOX add to the are veering to exploit the efficiencies provided by cloud-
milieu. A list of access technologies (non-exhaustive) is based systems, current deployments often exist within
depicted in the table below. departments, entities and organizations with their own
private data storage. Exposure to external databases is
limited.

• Basic security: Since the devices, applications and


databases are tightly integrated, security is taken as an
inbuilt functionality.

– 24 –
ICT for Health: Networks, standards and innovation

6.2 Upcoming Access Requirements states and countries. Roaming


would be desirable to ensure that the
With developments in medical science, treatment methods end user is not restricted to one
and procedures have also evolved. Advances in technology, service provider while using the
end-user equipment and applications are taking place. medical device. Portable medical
Awareness in integrating different tools and techniques are kits are today available and roaming
leading to newer ways of treatment and use of data available support will enable flexibility to the
through the various end points, human or otherwise. These end user while being on the move.
developments place demands on technology to meet end-
user expectations. Bandwidth – low Some devices need only a few Kbps
to high to send and receive data while other
Table 2 – Access requirements devices may require higher
bandwidth in the order of Mbps. A
4K video transmitting medical
Area Description
image may require 15 Mbps to 25
Mbps throughput [5]. With higher
Low latency [4] Life-saving equipment sensors and quality 8K videos, this can be
actuators need to respond within the pushed upwards to 85-100 Mbps
shortest possible time. This leads to [6]. With remote surgery and other
the need for ultra-low latency such uses cases, the requirements of
support in the access technology to video, audio and real-time data
reduce the e2e latency from the would need enough bandwidth to
device to the application. Latencies generate quality outputs. This, in
in the range of 1-5 millisecond turn, would require the access
would be desirable as newer use technologies to support a range of
cases and applications come up. bandwidths from a few Kbps to
multiple Gbps.
Enhanced mobility Access technologies need to be able
to give mobility support to the end- Integration with As data consumption and usage in
user device. A patient with a heart large databases the medical sector increases, this
monitor should be able to use his and applications data can come from a multitude of
device from within the medical [7] sources: imaging, MRIs, EEG and
center precincts to his home which ECG, audio files, patient records
may be several kms away. and storage and the like. This
results in the medical care industry
Better quality & Unlike other applications, medical becoming one of the key users of big
reliability [4] IoT devices and applications require data [8].
high quality, from the device to the
application. The quality of service Integration with Increasing evidence of the use of
in the network should be able to other ML and AI can be seen in the
ensure prioritization of the services technologies, ML medical space, image scanning and
and availability. The reliability of and AI [7] interpretation applications,
the communication system will be radiology images and assisted
an important and life-saving need. surgery. The use of AI and big data
analysis with the computing power
Interoperability For ease of use and integration of cloud-based solutions call for
and open between devices and applications, close integration between and
standards the access technologies need to be among these technologies with the
based on open standards and available ones [9]. The access
protocols. Device to Device technologies should be able to
communication (D2D), Device to seamlessly and transparently allow
Application (D2A), the protocols this integration.
and standards in the access, data
retrieval and storage and processing Enhanced security The privacy of the end user is an
need not be restricted to any and privacy [7] unalienable right. The system
proprietary standards. This will lead [10] should be capable of thwarting
to better integration efficiencies. security breaches which can be
catastrophic. The robustness of the
Roaming support In a mobile embracing world, there system to remain resilient and
is mobility across geographies, reliable calls for implementing

– 25 –
2019 ITU Kaleidoscope Academic Conference

solutions that focus on authentication, user authentication and database access


vulnerabilities, configuration authentication exist and need to be ensured across multiple
assessments, malware defenses, as diverse systems. Can the network identify the right user and
well as activity and event allow him or her to access the upper layers?
monitoring [11]. Administrations
have begun issuing cybersecurity 6. Privacy: How much of a user’s medical records will
regulation guidelines for network- be made available, to whom and when? Can somebody pry
connected medical devices [12] [13] into a user’s health records and cause harm? Can the network
[14]. ICT access technologies will identify identity theft through appropriate mechanisms? In a
need to be in sync with the overall mix and match of technologies this aspect needs to be given
ICT deployment. careful consideration.
a. Massive IoT (mMTC) and
Support for Critical IoT (uRRLC) 7. Power requirements, availability: Medical devices
different end-user b. IP and non-IP-based device need the power to operate and be functional. Besides the
IoT types support processing done by the device, the device also would need to
be in regular contact with the access network to indicate that
7. CHALLENGES it is “alive” and can send and receive data. This will require
the end device to consume power only when it is in trans-
There exist several challenges in implementing the receive mode and consume minimal or no energy at other
requirements as mentioned in the above sections. times. The access network would need to have the required
power-saving modes and features.
1. Interoperability between different standards:
Medical user equipment will need to have newer access, like 8. Regulations are evolving especially so in the new
5G enablement, in the coming times. Devices currently have frontiers of technology. In many countries, the impact is yet
Wi-Fi enablement and some devices may have access to be studied and implemented. How much impact will it
features like infrared or other proprietary technologies. To play in IoT architectures and deployment is yet to be seen.
have interoperability, one access system needs to integrate
with other systems. For instance, a Wi-Fi system at a higher 9. e2e solution life cycle: The IoT ecosystem at the
level will need integration with, a 5G system. However, lowest layer starts from the medical device, moves through
seamless handovers between an ongoing Wi-Fi data session different layers of connectivity and management and reaches
with a 4G or 5G system does not work as well as a handover the application layer. Each layer has its hardware and
between a 4G to 4G node. software and ideally should not impact the changes in other
layers. It will be of importance to ensure that dependencies
2. Investment in the introduction of new technologies are known to the stakeholders in the chain whenever any
and architectures to enable required functionalities like low functionality of any end and intermediate layers bears an
latency, higher throughput and security. impact on other layers.

3. Quality of end devices and overall cost of 10. Standardization: Standardization organizations
ownership: exist in the telecommunication and ICT domains, where
these bodies work on enhancements in existing features and
a) Resiliency: from cyberattacks, equipment and network functionalities. There exist medical associations and trade
architecture to enable availability. Node architectures like organizations that define the ethics and ways of working for
CU-DU split in radio access nodes, CP-UP in core networks, the medical fraternity. Research is ongoing in the medical
network slices, container-based cloud applications will help field in newer and better ways of treatment and drugs. The
in application recovery and resilience. Implementation of challenge lies in ensuring that the various research and
such changes is not expected to take place rapidly and will standard organizations and associations operating for the
take time for full-scale deployment. b) End-to-end various layers are working in tandem. This is a tall order in
ownership: spanning from the devices, access systems, today’s world.
gateways, internet, applications and databases spread in the
cloud. Service Level Agreements (SLAs) of the network, 8. MODEL FOR IOT DEPLOYMENT
SLAs of the medical equipment will become relevant and
needed. Currently, e2e SLAs for IoT systems spanning The paper puts forward a model for IoT keeping in view the
across multiple layers with different ownerships are non- requirements of the healthcare sector. Multiple factors
existent or evolving. contribute to a healthy ecosystem for enabling IoT for
healthcare. The importance of each factor cannot be
5. Security a) Network security: algorithms used for discounted as the diffusion of IoT hinges on each of the
encryption and ciphering at the access layer, application enabling factors.
layer and database layer with adequate protection for the
control and traffic layers. b) User security: the end-to-end
encryption from user to application. SIM-based

– 26 –
ICT for Health: Networks, standards and innovation

be able to take in this disparate end-user equipment and


transmit and receive data from them to upper layers.

Policy & regulation: policies, laws, rules and regulations,


enforcement of the same by public institutions and
governments.

Ease of integration: should be possible to integrate


disparate IoT devices, communication systems based on
different standard and manufacturers.
Figure 2 – Impacting factors of an IoT deployment for
medical healthcare
Flexibility of deployment: IoT architectures need to provide
the mix and match of different deployment architectures,viz.
We define each of these factors in this paper as follows:
private and public networks.
Security: the confidentiality, integrity and/or availability of
TCO: Total cost of ownership=Capex+ Opex for device and
data collected by, stored on, processed by, or transmitted to
equipment over the solution life cycle.
or from the IoT device [15].

Privacy: the ability for people to selectively share, to


determine how information about them is collected, used and
passed along [16].

Quality: this determines the accuracy and sensitivity of the


data collection and transmission, quality of service, quality
of data, quality of devices, communication equipment,
methods and procedures.

Mobility: ability to take the IoT sensors, readers,


equipment(s) from a stationary position to other areas and Figure 3 – Enhanced model of an IoT healthcare system
still be functional.
The IoT architecture model has been primarily depicted as 3-
Interoperability: The diverse elements comprising IoT layer [20] [21] [22] and 4-layer [23] [24] [25] [26] in most
(devices, communication, services, applications, etc.) should IoT literature. This paper takes the 4-layer architecture and
seamlessly cooperate and communicate with each other to builds upon it to incorporate the essential elements impacting
realize the full potential of the IoT ecosystem [17]. Ability the IoT ecosystem, security, quality, privacy and policy and
to mix and match more than one OEM’s equipment and regulation. For an IoT-based system to operate all these
applications for an overall solution. elements play their role in this 4-layer architecture.
Standards: established by consensus and approved by a 9. 5G AND WI-FI 6 STANDARDS FOR IOT
recognized body, that provides, for common and repeated SYSTEMS
use, rules, guidelines or characteristics for activities or their
results, aimed at the achievement of the optimum degree of
Existing access technologies, NB-IoT, SiGFOX and LoRa
order in a given context [18]. In this paper, we refer to
are developed for massive IoT deployments where latency
standards from different bodies like 3GPP, IEEE and the like.
may not be as critical, where the power consumption of the
end devices need to last long and data transmission does not
Certification: IoT devices certified under this scheme require too much bandwidth. Access technologies need to
comply with specified requirements supported by the support both types of requirements, mass deployment with
industry to protect the availability, authenticity, integrity and low throughput and latency and IoT systems where larger
confidentiality of stored or transmitted or processed data or bandwidth and latency become increasingly important. We
the related functions or services offered by, or accessible via discuss in these paper two standards for access systems, 5G
IoT devices throughout their life cycle [19]. This covers and Wi-Fi 6. These two technologies hold promise to the use
aspects such as hardware, software, security, conformity, of applications for critical IoT which requires low latency
quality and safety across the different layers of the IoT and high bandwidths.
architecture.
5G: 3rd Generation Partnership Project (3GPP) has been
Multi-device support: Medical IoT systems have end user working on enhancing radio and core standards ever since
equipment from different manufacturers supporting different the early generations of the mobile systems. Release 15
protocols and other technical requirements. Systems should being the first set of 5G system specifications brings new
radio standards (NR) along with enhancements to the

– 27 –
2019 ITU Kaleidoscope Academic Conference

existing LTE radios. Architectural improvements like the


separation of Control and User planes (CUPs) in the core
layer and slicing where different user types can be allotted
their own virtual network helps in improving the latency that
is so critical in some use cases. These and further
enhancements bring more impetus to the deployment of IoT
systems, spectrum efficiency, higher bit rates, reduced
latency, connection density (devices/square Km) and
enhanced battery life of the devices [14] [15]. In further
updates through releases, 3GPP through NB-IoT, LTE and
5G is set to meet the needs for both massive Machine-Type
Communications (mMTC) for a large number of devices Figure 5 – Architecture of IoT with WiFi6 as an access
requiring low data and latency requirements to Ultra- medium
Reliable and Low Latency Communications (URLLC) for
the mission-critical type of IoT applications. 3GPP standards 10. DEPLOYMENT MODELS
are primarily designed for the commercial spectrum bands
for connecting IoT devices. Moreover, through solutions like There exist various options to avail access systems needed
LAA and LTE-U, LTE can also work in the unlicensed bands. for IOT applications for medical usage. This can be depicted
as given in Figure 6 below:

Figure 4 – Architecture of IoT with 5G as an access


Figure 6 – Deployment models
medium
Private networks: An enterprise may decide to build its
Wi-Fi 6: As Wi-Fi standard evolution continues, the new
private network for extending healthcare. For budget,
version of Wi-Fi known as Wi-Fi 6 based on the 802.11ax
criticality, and ease of design considerations, an enterprise
technology is offering better functionalities and features
may go along the route of not making any additional outlay
compared to previous releases: faster speeds, increased
in the procuring of spectrum by utilizing free to use spectrum
throughput using Multi-User Multiple-Input, Multiple-
in the ISM and/or 2.4 GHz and 5 GHz in most countries.
Output (MU-MIMO) and better latency through uplink and
Spectrum is expensive in many countries and if budget
downlink Orthogonal Frequency Division Multiple Access
limitations are an important factor, the choice is clear.
(OFDMA). These are intended to meet the needs of IoT
Alternately, an enterprise may procure the required spectrum
devices in consumer and enterprise environments [16]. Other
to build a privately-owned LTE or 5G network. In this case,
considerations to meet IoT needs are improved battery life in
the enterprise will take full ownership of the design,
end devices and increased network capacity and bandwidth
deployment and maintenance of the access network. This
are available in the new specifications. Many end-user
will give reliability and QoS which may be critical in certain
devices, tablets and mobile handsets have Wi-Fi capability
aspects of healthcare such as remote surgery.
as an inbuilt capability. Considering the market requirements,
3GPP has defined ways of integrating Wi-Fi systems to the
LTE and 5G networks. Wi-Fi devices primarily work on the Service providers: An enterprise can subscribe to an
2.4 GHz and 5 GHz unlicensed bands. However, Wi-Fi existing mobile or integrated service provider for IoT access
suffers from some inherent issues, roaming, scalability and requirements. This will help avoid the hassle of setting up
bandwidth. This arises because Wi-Fi utilizes unlicensed and maintaining a private network. Service Level
spectrum which is limited and the problem of “tragedy of Agreements (SLAs) need to be agreed between the provider
commons” may result in Wi-Fi systems being unable to and the enterprise. The service provider can offer systems
ensure stringent QoS and demanding requirements of operating in the commercially allotted spectrum and
applications like remote surgery. unlicensed spectrum technologies or both. In some countries,
a new breed of service providers catering exclusively to IoT
users is also available.

– 28 –
ICT for Health: Networks, standards and innovation

11. WAY FORWARD applications and takes it forward to capture the probable
This paper posits some recommendations to leverage the needs for future systems. The challenges for the deployment
potential of IoT in the ever-increasing domain of medical of IoT systems to fulfill the needs of medical systems are
healthcare. However, to effectively harness the potential of analyzed and two technological standards, 5G and Wi-Fi 6
technology, certain steps need to be taken in the overall that hold promise for meeting the future needs of medical
ecosystem. IoT systems, are analyzed. Deployment models for the
access technologies are presented. However, significant
1. Build reference frameworks changes are needed in the ecosystem and the paper suggests
This paper suggests that a reference model be formulated some actions to bring out the latent potential for the use and
keeping in consideration the unique needs of the healthcare diffusion of IoT systems in the healthcare sector.
sector. A model is proposed in this paper. This will help each
actor in the ecosystem to understand the requirements and REFERENCES
work accordingly to bring in synergies. This aspect is
significant in a fragmented environment where multiple [1] "eHealth," WHO, [Online]. Available:
OEMs and service providers are present. https://www.who.int/ehealth/en/. [Accessed 1 July
2. Regulatory guidance 2019].
In the face of fast-moving developments in the use of
technology in the healthcare industry, the regulation in any [2] WHO, "mHealth New horizons for health through
dispensation will need to be lightweight. This will help mobile technologies," Global Observatory for eHealth
innovation. Regulation needs to come up with series - Volume 3, 2011.
recommendations on individual privacy and security needs
and protecting the end consumer of medical services. Areas [3] ,. G. M. Mobin YASINIa, "Toward a use case based
like the development of technology, devices, the architecture classification of mobile health applications," Digital
of deploying the IoT systems, etc. are best left to the market. Healthcare Empowering Europeans R. Cornet et al.
Besides institutional regulation, the role of self-regulation in (Eds.) © 2015 European Federation for Medical
this emerging field calls for high ethical standards from Informatics (EFMI). , pp. 175-179, 2015.
professional bodies, manufacturers, service providers and
users.
[4] S. &. S. S. K. &. W. X. Bhandari, "Latency
3. Certification Minimization in Wireless IoT Using Prioritized
A plethora of standard bodies, 3GPP, IEEE, Open stack, Channel Access and Data Aggregation,"
OpenFOG, IETF and OMA exist today. The future is 0.1109/GLOCOM.2017.8255038, 2017.
increasingly heterogeneous and interoperability and
interworking between different standards will be the need. [5] R. Pegoraro, "You're buying a 4K TV. How much
Quality has to be the essence on which medical IoT systems Internet bandwidth do you need?," 2017. [Online].
would hinge on. An independent certification process that Available:
ensures the quality of the products and meet minimum https://www.usatoday.com/story/tech/columnist/201
standards like power consumption, interference to other 7/12/10/youre-buying-4-k-tv-how-much-internet-
systems, security aspects need to be followed. Regulation bandwidth-do-you-need/933989001/.
and certification are normally independent functions. The
certification process may need to conform to the guidelines [6] A. Kishore, "Worried About Bandwidth for 4K? Here
emanating from the regulation aide. Learnings from the Comes 8K!," 2017. [Online]. Available:
certification process may, in turn, lead to changes in https://www.lightreading.com/video/4k-8k-
regulatory guidelines. video/worried-about-bandwidth-for-4k-here-comes-
4. Demonstrate POC in real conditions 8k!/d/d-id/737330.
Healthcare conditions are unique in different countries. In
the western world, facilities are remarkably different from [7] A. P. L. D. N. &. F. F. Noemi Scarpato, "E-health-
the developing world. Proof of concepts and trial systems IoT Universe: A Review," International Journal on
help enhance the knowledge of the application of Advanced Science Engineering Information
technologies like IoT to real-world problems. Healthcare is Technology, vol. Vol.7 (2017) , no. No 6, 2017.
an area that directly touches the user and success and
confidence of IoT-based technologies will help in the [8] D. V. Dimitrov, "Medical Internet of Things and Big
acceptance of such solutions. Data in Healthcare," Healthc Inform Res, doi:
10.4258/hir.2016.22.3.156, 2016.
12. CONCLUSION
Affordable healthcare through m-health and e-health [9] U. &. D. R. Kar, "Application of Artificial
applications riding on ICT will play an important role in Intelligence in Healthcare: Past, Present and Future,"
providing healthcare to remote and rural areas. This paper Arch Biomed Eng & Biotechnol.1(1):
brings out the needs of IoT-based systems for medical 2018.ABEB.MS.ID.000503, 2018.

– 29 –
2019 ITU Kaleidoscope Academic Conference

University Hangzhou, China-


[10] M. A. K. Sultan H. AlMotiri and M. A. AlGhamdi, https://arxiv.org/ftp/arxiv/papers/1708/1708.04560.p
"Mobile Health (m-health) System in the context of df.
IoT," 2016 4th International Conference on Future
Internet of Things and Cloud Workshops,DOI: [21] B. Silva and K. &. H. , " Internet of Things: A
10.1109/W-FiCloud.2016.24, no. ;, 2016. Comprehensive Review of Enabling Technologies,
Architecture, and Challenges," IETE Technical
[11] A. &. H. T. Chacko, "Security and Privacy Issues Review, DOI: 10.1080/02564602.2016.1276416,
with IoT in Healthcare," EAI Endorsed Transactions 2017.
on Pervasive Health and Technology. 4. 155079.
10.4108/eai.13-7-2018.155079. , 2018. [22] J. e. a. Lin, " A Survey on Internet of Things:
Architecture, Enabling Technologies, Security and
[12] F. O. f. I. Security, "Cyber Security Requirements for Privacy, and Applications," IEEE Internet of Things
Network-Connected Medical Devices," 13 11 2018. Journal, vol. 4, no. 5, pp. 1125-1142, doi: 10.110, Oct
[Online]. Available: https://www.allianz-fuer- 2017.
cybersicherheit.de/ACS/DE/_/downloads/BSI-
CS_132E.pdf; jsessionid=A73F550EB7FB2E04A98 [23] Rashmi, "IoT (Internet of Things) Concept and
6F9E477D6E8A5.1_cid360?__blob=publicationFile Improved Layered Architecture," JEDR , Volume 6,
&v=5. Issue 2, ISSN: 2321-9939, 2018.

[13] "Therapeautic Goods Administration,Department of [24] Recommendation ITU-T Y.2060 (2012), Overview
Health, Australian Givernment," TGA, 19 July 2019. of the Internet of things.
[Online]. Available:
https://www.tga.gov.au/publication/medical-device-
[25] "Infrastructure, Internet Protocol Aspects And Next-
cyber-security-guidance-industry.
Generation Networks- Overview Of The Internet Of
Things".
[14] A. Mulero, "France Drafts Medical Device
Cybersecurity Recommendations," 23 July 2019.
[26] D. Darwish, "Improved Layered Architecture for
[Online]. Available: https://www.raps.org/news-and-
Internet of Things".- International Journal of
articles/news-articles/2019/7/france-drafts-medical-
Computing Academic Research (IJCAR) ISSN 2305-
device-cybersecurity-recomme.
9184 Volume 4, Number 4 (August 2015), pp.214-223
© MEACSE Publications
[15] K. e. a. Boeckl, "Considerations for Managing http://www.meacse.org/ijcar.
Internet of Things (IoT) Cybersecurity and Privacy
Risks," National Institute of Standards and
[27] ETSI, "Why do we need 5G?," [Online]. Available:
Technology, June 2018.
https://www.etsi.org/technologies/5g.

[16] G. &. K. E. Rosner, "Privacy and the Internet


[28] 3. T. S. C. Balazs Bertenyi, "3GPP system standards
of Things : Emerging Frameworks For Policy
heading into the 5G era," Eurescom message, Spring
and Design," Center For Long-Term CyberSecurity.
issue 2014, 2014.

[17] M. Noura and M. &. G. Atiquzzaman,


"Interoperability in Internet of Things: Taxonomies [29] "Wi-Fi Alliance® introduces Wi-Fi 6," 2018.
[Online]. Available: https://www.wi-fi.org/news-
and Open Challenges," Mobile Networks and
events/newsroom/wi-fi-alliance-introduces-wi-fi-6.
Applications(2019) 24:796–809, 2018.

[30] "What is LoRa®?," [Online]. Available:


[18] P. Hatto, "Standards and Standardization Handbook,"
https://www.semtech.com/lora/what-is-lora.
Directorate-General for Research-European
Commission, 2010.
[31] "Sigfox Technology Overview," [Online]. Available:
[19] R. Atoui, "Eurosmart IoT Device Certification https://www.sigfox.com/en/sigfox-iot-technology-
overview.
Scheme".

[20] M. Bilal, "A Review of Internet of Things


Architecture, Technologies and Analysis
Smartphone-based Attacks Against 3D
printers".Department of Computer Science, Zhejiang

– 30 –
SESSION 2

MEDICAL ICT

S2.1 Module structure for foot prosthetic and interface standardization


S2.2 Development of hearing technology with personalized safe listening features
MODULE STRUCTURE FOR FOOT PROSTHETIC AND INTERFACE
STANDARDIZATION

Yoshitoshi Murata1; Tomoki Yamato2

1
Faculty of Software and Information Science, Iwate Prefectural University
2
Solution Strategic Department, DOCOMO Technology, Inc.

ABSTRACT One of the main reasons why the cost of introducing existing
powered prosthetics is too expensive may be that the
Several million people around the world live with limb loss. prosthetic market is not open. A number of manufacturers
Prosthetics are useful to improve their quality of life, and provide them as an integrated device, and the components
some powered prosthetics enable them to walk naturally. are not compatible between different manufacturers.
However, most are too expensive for most amputees to afford.
We propose a module structure for a foot prosthetic and Introducing a module structure to prosthetics and
standardized interfaces between modules to lower the price standardizing the interface between modules will enable the
of powered ones. The prosthetic is battery-powered and price of powered prosthetics to be lower. In this paper, we
controlled by data from sensors built into the heel of a shoe propose a module structure for foot prosthetics with
for a healthy foot. Some modules can be applied to people standardized components.
with walking disabilities. Such standardization can lower the
price of such modules, and many amputees and people with Our paper is outlined as follows. Existing power-assist
walking disabilities, such as hemiplegia, can easily afford prosthetic leg designs are introduced in section 2. The results
them, which can help improve their quality of life. of our research related to the gait of stroke patients are
introduced in section 3. We developed a walking assist shoe
Keywords – Amputee, foot prosthetic, gait assist, walking that has a coil and leaf spring to easily raise the heel. Its
disability structure and effect of raising the heel are introduced in
section 4. Our proposed module structure for a foot
1. INTRODUCTION prosthetic is introduced in section 5. The heel-up spring,
which is one of the modules comprising the foot prosthetic,
As the percentage of elderly people in the world’s population is derived from the results of the walking assist shoe
is increasing [1], the number of functionally impaired people, introduced in section 4. We conclude in section 6.
such as those with cerebrovascular diseases, will also
increase. People with such diseases often have walking 2. EXISTING POWER-ASSIST FOOT
disabilities, which increases their risk of falling and PROSTHETIC
consequently injuring themselves [2]. One main cause of this
is due to their inability to raise their heel and swing their toes In this section, we introduce existing powered foot
up because of muscle weakness [3]. prosthetics. Ottobock in Germany and Ösuur in Iceland
provide such prosthetics to consumers and the
There are nearly 2 million people living with limb loss in the Biomechatronics Group, a research group within MIT Media
United States [4]. Maurice LeBlanc estimated the number of Lab., has also developed some models.
amputees was approximately 10 million in the world, with
30% comprising arm amputees [5]. Therefore, the number of Ottobock provides a power-assist foot prosthetic called “1B1
leg amputees was 7 million. Leg amputees use foot Meridium [6].” Its mechanism is shown in Figure 1. It adopts
prosthetics to improve their quality of life. However, low- a hydraulic pressure mechanism, in which a hydraulic
priced foot prosthetics have rigid ankle parts and no power pressure cylinder pushes and pulls a lever on the toe plate,
drive mechanism, which makes it difficult to raise the heel causing the instep to rise and fall, respectively.
and swing the toes up. Therefore, most users need more
power to move their foot. Powered foot prosthetics enable Össur provides a power-assist foot prosthetic called
users to move their foot easily and walk more naturally. “PROPRIO FOOT® [7]” shown in Figure 2. Due to a lack of
However, such prosthetics are too expensive for most relevant material on the product's operation, we assume from
amputees. One example is that in Japan it costs more than 2 observations that an air cylinder positioned in the area of the
million yen ($18,000). Achilles' tendon raises and lowers the foot part.

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 33 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

in these figures represents when the entire shoe sole touched


the floor. The maximum angle velocity at timing A indicates
the kicking power when raising the heel, and the minimum
angle at timing B indicates the angle to the floor at terminal
swing.

The lower angle velocity at A in Figure 5 is about 420


Figure 1 – Mechanism of 1B1 Meridium, Ottobock deg./sec. On the other hand, the higher angle velocity at A in
Figure 6 is about 250 deg./sec. Thus, the participant with a
walking disability clearly has a weaker kicking power when
raising their heel compared with that of the unimpaired
participant, indicating a clear difference in terms of gait.

The higher angle at B in Figure 5 is about -18 deg. On the


other hand, the lower angle at B in Figure 6 is about -8 deg.
Thus, the participant with a walking disability expressed
difficultly when raising their toe at the terminal swing phase.
Figure 2 – PROPRIO FOOT®, Össur
Tables 1 and 2 list the averages and standard deviations
(SDs) of measured data for angle velocity at timing A and
angle at timing B. The angle velocity at timing A is clearly
different between unimpaired participants and those with
walking disabilities. There is a big difference between them
in the angle at timing B; however, this value would have
sometimes overlapped each other.

Figure 3 – Power-assist foot prosthetic developed by the


Biomechatronics Group of MIT Media Laboratory

The Biomechatronics Group of MIT Media Lab. developed


a powered foot prosthetic as shown in Figure 3 [8]. Its heel
part (in-series spring) is pulled up and down by the ball screw
driven by the motor through the timing belt. (a) WD: Sony SmartWatch 3 (b) WD mounted on foot

This prosthetic, however, is not a commercial product. Prices Figure 4 – Measuring device and WD mounting method
of the PROPRIO FOOT® and 1B1 Meridium are not
available to the public, but are assumed to be more than 2
million yen ($18,000) in Japan, which is too expensive for
most amputees.

The main purpose of our research is to provide a low price


powered prosthetic foot based on a module structure concept
and standardization interface between modules.

3. DIFFERENCES IN GAIT BETWEEN


HEMIPLEGIA PATIENTS AND
HEALTHY PEOPLE

We analyzed the walking gait cycles of unimpaired people


and those with walking disabilities using a wearable device
(WD) and a KINECT to detect warning signs of falls [3]. We
experimentally measured the output data of an acceleration
sensor and gyroscope sensor in a WD mounted on the front
of a shoe to estimate the kicking power and change of angle
between a foot and the floor.

Figures 5 and 6 show examples of changes in acceleration,


angle velocity, and angle for an unimpaired participant and
one with a walking disability, respectively. Data for two Figure 5 – Angle velocity, angle, and acceleration for
steps are plotted. Each flat period (roughly the center period) unimpaired participant

– 34 –
ICT for Health: Networks, standards and innovation

We then measured a group of 8 students who were asked to


walk as if they had a disability while wearing a normal shoe
and the assist shoe. Measured data is shown in Figure 9. In
every participant except one, their kicking power with the
assist shoe was lower and more stable than that with the
normal shoe. Authors also examined, and sensed that the
shoe compensated to raise his foot slower with weaker power
than the normal shoe and its compensation power was stable.
Measured data in Figures 8 and 9 indicate the above senses.

We measured integrated electromyogram (iEMG) readings


for two people with walking disabilities to confirm the effect
of the assist shoe. We used the wireless EMG logger from
Logical Product Corporation [9]. The wireless EMG sensors
were attached to the gastrocnemius of the right leg as shown
in Figure 10. The sampling rate was 500 Hz. Measured data
is shown in Figure 11. The results for the assist shoe are
lower than those with a normal shoe for both people. The
compensation effect of the proposed assist shoe is also
confirmed with the iEMG.

Figure 6 – Angle velocity, angle, and acceleration for


participant with walking disability

Table 1 – Angle velocity at the terminal stance

Participant Average (deg./s) SD (deg./s)


Unimpaired
509.36 18.91
participant
Participant with
342.06 86.52
walking disability Figure 7 – Assist shoe prototype

Table 2 – Angle at the terminal swing

Participant Average (deg.) SD (deg.)


Unimpaired
-17.76 8.02
Participant
Participant with
-7.45 8.02
disability

4. PROTOTYPE OF SHOE TO ASSIST PEOPLE


WITH WALKING DISABILITIES

As described in section 3, people with walking disabilities, Figure 8 – Kicking power when heel is raised with normal
such as those who suffer from hemiplegia, clearly have a and proposed assist shoes for a stroke patient
weaker kicking power when raising their heel and swing
power when swinging their toe up. We have developed a
shoe, shown in Figure 7, that assists people with walking
disabilities. This shoe has a coil spring and leaf spring to
enable a user to easily raise their heel. The spring force of
the coil spring is 15 kg. The shoe has a roller to avoid the toe
accidentally tripping.

We compare the kicking power (angle velocity) when the


heel is raised between a normal shoe and our proposed assist
shoe worn by a stroke patient. The data is shown in Figure 8.
The kicking power with the assist shoe is lower and more
stable than that with a normal shoe. Figure 9 – Kicking power when heel is raised with normal
and proposed assist shoes

– 35 –
2019 ITU Kaleidoscope Academic Conference

5. MODULE STRUCTURE AND ITS


STANDARDIZATION

One main reason why existing powered prosthetics are so


expensive is that the prosthetic market is not open in terms
of standards. A few manufacturers provide prosthetics to
replace a foot, leg and hip as an integrated device. These are
selected and adopted to each patient accordingly. However,
the components that comprise each prosthetic are not
compatible with those of other manufacturers.

Figure 10 – EMG sensors placement By introducing a module structure and standardized


interfaces between module parts, third-party manufacturers
could produce individual components, significantly reducing
the overall price of prosthetics.

5.1 Module structure

From analyzing existing powered foot prosthetics, shown in


Figures 1, 2 and 3, we propose a standardized foot prosthetic
that comprises the following ten modules as shown in Figure
12:
- socket: connecting the leg to a prosthetic;
- ankle joint: connecting the socket to the foot with
rotational connector;
(1) Person with walking disability #1 - foot: the same as a typical foot on which a battery
and control board are mounted:
- instep push/pull: enabling a foot to be raised and
lowered;
- heel-up spring: absorbing shock when landing on a
hard surface and raising the heel (optional);
- toe: triggers walking to start from a standing position,
and connects to a hard surface when walking with
wide strides (optional);
- battery: driving a single cylinder module and toe
module;
(2) Person with walking disability #2
- control board: controlling a single cylinder module
and a toe module in accordance with signals from a
Figure 11 – iEMG data when heel was raised central terminal;
- heel sensor: sensing the motion of a healthy foot;
It is clear that the proposed shoe compensates for muscle - central terminal: sending signals to a control board
weakness. However, most evaluators including authors felt to raise or lower a foot and toe (smartphone).
the timing to generate a spring reaction force is too early to
walk smoothly; the timing at which the knee comes out in As described in section 4, a shoe with a built-in coil spring
front of the ankle is best. compensates for muscle weakness. However, we believe that
this is insufficient to raise the foot module of a prosthetic in
The solid-ankle cushion heel (SACH) has been provided to the same way as a person would raise a healthy foot.
the foot prosthetic, and popularly used [10]. Most of them Therefore, we believe the instep push/pull is needed to raise
are made with rubber, and inserted as the heel part of the or lower a foot module in addition to the heel-up spring. An
prosthetic foot. It assists foot prosthetic users to walk easily, ankle joint module is necessary to connect the leg socket to
not walking disabilities. Its compensation principle would be the foot module in the same way as an actual ankle joint.
the same as the proposed shoe. Since SACHs are made with
rubber, a period of compensation effect is limited. They have In existing powered foot prosthetics, sensors have been
to be exchanged periodically. However, since metal springs incorporated into the prosthetic control board to raise or
are used in the proposed shoe, these would not need lower the foot part. However, there are differences between
exchange. a foot prosthetic and a healthy foot in motion. A computer
built into the prosthetic gradually compensates for such
The proposed shoe has a toe roller. However, as it is difficult differences. The proposed foot prosthetic is based on the idea
to have a person with walking disabilities intentionally trip that both legs and feet move in essentially the same way, but
over an obstacle, we could not quantitatively evaluate it. the motion cycle of each leg and foot is offset by half a cycle.

– 36 –
ICT for Health: Networks, standards and innovation

There are no such differences as the foot prosthetic moves reliability, etc. must be defined in standardization. On the
synchronously with the healthy foot. However, a sensor that other hand, since a computer system controls several
monitors the healthy foot is needed. From our existing modules in a powered prosthetic, not only physical
research, we determined that monitoring the heel position of information but also data-level information must be
the healthy foot is best. This is why a sensor is built into the standardized.
heel of the shoe.
The following eight interfaces shown in Figure 12 do not
The central terminal is required to control the instep have exchange information between modules, so their
push/pull module in collaboration with the control board. We interface level is physical:
believe the upper position of the foot module is ideal for - INT-1: size, connection method, and reliability
mounting the battery and control board to the foot prosthetic. between socket and ankle joint;
- INT-2: size, connection method, and reliability
We plan to use a single motor cylinder for the instep between ankle joint and instep push/pull;
push/pull module. The module is attached to the front of the - INT-3: size, connection method, and reliability
shin as shown in Figure 12. However, we plan to determine between ankle joint and foot;
whether the module should be placed on the front of shin or - INT-4: size, connection method, and reliability
on part of the Achilles' tendon on the basis of experimental between instep push/pull and foot;
results. - INT-5: size, connection method, and reliability
between foot and toe;
For the single motor cylinder, we used an Oriental Motor DR - INT-6: size, connection method, and reliability
series with a 30-mm stroke, 2-kg carrying force, and a 100- between heel sensor and shoe;
mm/sec maximum stroke speed [11]. The heel-up spring has - INT-7: DC/AC, voltage, and connector type between
a motor-driven spring-release mechanism. However, we battery and instep push/pull;
estimate that the release timing must be controlled by a - INT-8: DC/AC, voltage, and connector type between
sensor built into the heel-up spring, not one built into the heel battery and toe.
of a shoe for a healthy foot.
On the other hand, the following four interfaces include data-
We estimate the instep push/pull module and heel-up spring level information in addition to the physical level
can be applied to people with walking disabilities. In information;
particular, the heel-up spring is useful as it compensates for - INT-9:
muscle weakness, as described in section 4. This means that Physical level: connector type;
the price of the heel-up spring can be lowered. Data level: pulses from the control board to the
instep. The control board changes the direction,
speed and number of pulses to control the cylinder
speed and stroke.

- INT-10:
Physical level: connector type;
Data level: pulses from the control board to a
cylinder of the toe module. The control board
changes the direction, speed and number of pulses
to control the cylinder speed and stroke.

- INT-11:
Physical to session level: wireless connection
(Bluetooth);
Application level: controls direction, speed and
maximum angle of foot rotation.

- INT-12:
Physical to session level: wireless connection
(Bluetooth);.
Figure 12 – Module structure foot prosthetic Application level: controls direction, speed and
maximum angle of foot rotation.
5.2 Interface and standardization items
6. CONCLUSION
In the case of unpowered prosthetics, interfaces between
modules are at the physical level, since there is no control There are several million people living with limb loss in the
information transferred between them. Physical level world. Powered leg and/or foot prosthetics enable amputees
information, such as size, weight, connecting method,

– 37 –
2019 ITU Kaleidoscope Academic Conference

to walk naturally. However, most of them are too expensive [4] K. Ziegler‐Graham, E. J. MacKenzie, P. L.
for most leg amputees to afford. Ephraim, T. G. Travison, R. Brookmeyer,
"Estimating the Prevalence of Limb Loss in the
We determined through experimentation that people with United States: 2005 to 2050," Archives of Physical
walking disabilities, such as hemiplegia, clearly have a Medicine and Rehabilitation 2008, vol. 89 IS. 3,
weaker kicking power when raising their heel and a weaker pp.422‐429, 2008.
swing power when swinging their toes up than unimpaired
people. Our proposed shoe design has springs in the heel that [5] Estimated of Amputee Population 11/09/2008,
compensate for muscle weakness. https://web.stanford.edu/class/engr110/2011/LeBlan
c-03a.pdf , [retrieved: September 2019].
We proposed a module structure for a foot prosthetic derived
from our research results and observations of existing [6] Ottobock, 1B1 Meridium,
powered foot prosthetics. We also proposed standardizing https://professionals.ottobock.com.au/Products/Prost
interfaces between modules, enabling third-party hetics/Prosthetics-Lower-Limb/Feet/1B1-
manufacturers to produce prosthetic components at lower Meridium/p/1B1 , [retrieved: September 2019].
costs.
[7] Ossur, PROPRIO FOOT®,
The introduction of such modules and standardization can https://www.ossur.com/prosthetic-
lower overall prices for prosthetics, enabling them to be solutions/products/dynamic-solutions/proprio-foot ,
more affordable for foot amputees and people with walking [retrieved: September 2019].
disabilities, which, as a result, will improve their quality of
life. [8] M. F. Eilenberg, H. Geyer, and H. Herr, “Control of
a Powered Ankle–Foot Prosthesis Based on a
7. ACKNOWLEDGEMENTS Neuromuscular Model,” IEEE, Transaction on
Neural System and Rehabilitation Engineering,
Thanks to Mr. Takashi Ushizaki, Dr. Koya Sato for helping VOL. 18, NO. 2, pp. 164-173, 2010.
with this research. This work was supported by JSPS
KAKENHI Grant Number 19K11326. [9] Wireless EMG logger, Logical Product Corporation,
http://www.lp-d.co.jp/EMGSensor.html , [in
REFERENCES Japanese, retrieved: September 2019].

[1] World Population Ageing: 1950-2050, Population [10] A. Staros, “The SACH (Solid-Ankle Cushion-
Division, Department of Economic and Social Heel),” Orthopedic & Prosthetic Appliance Journal,
Affairs, United Nations, pp. 23-31, June-August 1957.
http://www.un.org/esa/population/publications/worl
dageing 19502050/ [retrieved: September, 2019]. [11] Single motor cylinder, DR series, Oriental Motor
Ltd.,
[2] W. P. Berg, H. M. Alessio, E. M. Mills, and C. https://www.orientalmotor.co.jp/products/new/1806l
Tong, "Circumstances and consequences of falls in 134l135dr/ [in Japanese, retrieved: September
independent community-dwelling older adults", Age 2019].
Ageing, Vol. 26, pp. 261–268, 1997.

[3] Y. Murata, S. Yoshida, T. Niinuma, K. Yoshida,


"Comparative Analysis of Walking Gait Cycle
between Healthy People and Walking Disabilities to
Prevent Tripping Using Wearable Device and
KINECT," IARIA, International Journal on
Advances in Life Sciences, vol 9 no 3 & 4, 2017.

– 38 –
DEVELOPMENT OF HEARING TECHNOLOGY WITH PERSONALIZED SAFE
LISTENING FEATURES

Shayan Gupta1,2; Xuan Xu2; Hongfu Liu2; Jacqueline Zhang2; Joshua N Bas2; Shawn K. Kelly2

1
Audition Technology, LLC., Pittsburgh, PA, USA
2
Carnegie Mellon University, USA

ABSTRACT exposures. The NIOSH Sound Level Meter app measures


environmental sound and provides information on hazardous
Noise induced hearing loss (NIHL) is a growing public levels [8]. The Department of Defense, Hearing Center of
health concern in the US and globally due to the emergence Excellence (DoD, HCE) along with the Army Research Lab
of lifestyle preferences and environmental exposures to (ARL) and Army Public Health Center (APHC) provide safe
sound levels exceeding safe listening limits for extended listening standards and education to mitigate NIHL risk in
periods of time. Issuance of the ITU guidelines for safe service personnel [9-11]. To address evolving young adult
listening devices/systems (ITU-T H.870) leading to the 2019 lifestyles, the ITU-T H.870 guideline and the WHO-ITU
WHO-ITU standard, along with existing US federal and global standard for safe listening devices and systems
military standards, provide a framework for developing an regulate exposure to loud sounds through personal audio
accessible tool for promoting safe listening. Our proposed devices/systems [12, 13]. In addition, the hearWHO app was
Hearing Health app, is being developed for an aggregated launched recently to serve as a hearing screening to check
assessment of a user’s daily sound exposure, through the one’s hearing status [14].
audio system and the environment (occupation and beyond)
by integrating WHO-ITU and US safe listening standards, An unmet need is the aggregation of the various UN and US
providing real-time alerts, user-centric recommendations standards for real-time, cumulative assessment of daily noise
and education that can be integrated into user lifestyles, exposure, because of daily activities and lifestyle choices,
representing a wide demographic including young adult, with features to facilitate the adoption of safe listening
adult, civilian and military populations. The overall goal of practices into one’s lifestyle. We are proposing a ‘Hearing
the app will be to increase NIHL awareness and facilitate Health App’ (App) that integrates US and UN safe listening
improvement of user’s listening behaviors. standards with features to match personal, occupational and
lifestyle needs, as well as personal preferences to improve
Keywords – App, NIHL, safe listening standards, user- listening behaviors across a wide demographic.
centric, user listening behavior
2. METHODOLOGY
1. INTRODUCTION
2.1 m-health app for hearing health
There is an increased global focus on improving hearing
healthcare due to auditory and non-auditory adverse health Mobile phones are ubiquitous devices that can have a long-
outcomes resulting from noise induced hearing loss (NIHL) range wireless communication with the Internet, as well as
[1]. The US Center for Disease Control (CDC) estimates ~ short-range wired or wireless communication with nearby
24% of US adults and WHO projects >1 billion young adults objects. Therefore, mobile phones can send and receive
worldwide are at risk of NIHL due routine, prolonged information from the Internet, as well as from a nearby
exposures to loud noise [2,3]. The lack of awareness is device with Bluetooth connectivity, such as a Bluetooth-
apparent in the latest CDC estimates, which state that 40 enabled hearing technology (personal sound amplification
million US adults (20-69 years old) have NIHL, 1 in 2 of product, PSAP). The app can be downloaded and executed
whom not having noisy jobs, and 1 in 4 US adults who report with currently available global mobile phone technology,
excellent to good hearing already have hearing damage [4]. potentially enabling global access to a hearing health tool.

Standards have been proposed to promote safe listening. In The WHO defines mobile health (m-health), a subset of e-
the US, there are safe listening standards from National health, as ‘the use of mobile wireless technologies for health’
Institute for Deafness and Communication Disorders and recognizes the value of digital technologies to contribute
(NIDCD) [5], National Institute for Occupational Safety and to advancing health aims of the Sustainable Development
Health (NIOSH) [6], and Occupational Safety and Health Goals [15]. Our selection of development of an app
Administration (OSHA) [7] to limit occupational noise acknowledges the WHO m-health directive and is guided by

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 39 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

the importance of the incorporation of user voice to promote


US APHC: Damage occurs at 85 dBA or
access, engagement and hearing health decision making. An
additional consideration for app development is the more for continuous noise
incorporation of the WHO recommended Principles of
Digital Development [16] to further facilitate access and ease DoD HCE: Limit exposure exceeding 80
of use. Overall, the Hearing Health app could serve to – 85 dBA
provide a ‘digital health intervention’ for supporting hearing
healthcare. The available US and UN safe listening standards can be
segmented into three main categories: recreational,
2.2 App functionalities occupational, and military, as summarized in Table 1. The
standards are reflective of anticipated noise exposures in
The functioning of the Hearing Health app is based on: daily life with associated standards for hearing safety.

• daily sound exposures, as a summation of A-weighted Of the various standards, only the OSHA PEL and the WHO-
sound pressure levels (SPL in dBA) over time, based on ITU provide methodology for computing A-weighted sound
daily activities related to occupation, lifestyle and pressure level exposures. The resultant exposure
recreational choices; assessments can be used to address the noise limits
• estimation of the user’s cumulative daily exposure vs recommended by the other agencies listed in Table 1. Also,
sound dosage from recommended US (occupational, OSHA recommends that when daily noise exposure is
military) and UN (WHO-ITU) safe listening standards; composed of at least two periods of different sound pressure
• risk notifications about unsafe noise exposures; levels, the combined effect should be considered, rather than
• incorporation of user voice on engagement strategies; the individual effect of each. The exposure calculations take
• option for connection to a personal hearing device, e.g., this recommendation into account.
PSAP, via Bluetooth.
The Hearing Health app calculates the user’s occupational
App functionalities and user voice implementation were environmental exposure compared to OSHA’s PEL exposure
based on user feedback from a wide demographic. using the following formula:

𝐶(1) 𝐶(2) 𝐶(𝑛)


2.3 Evaluation and incorporation of safe listening 𝐷 = 100 ∗ (
𝑇(1)
+
𝑇(2)
+ ...+
𝑇(𝑛)
) (1)
standards
where C(n) indicates the total time of exposure at a specific
Table 1 – US and UN safe listening standards [5-7, 9-13]
noise level. D represents what percentage of the OSHA
standard for daily noise exposure to which the user has
Exposure Standard already been exposed.
type
T(n) indicates the reference duration calculated by:

Recreational WHO-ITU (H.870) 8


𝑇(𝑛) =
2(𝐿−90)/5
(2)
(audio
device) Adults: 80 dBA for 40 hours a week
where L is the A-weighted SPL of the exposure.
Children: 75 dBA for 40 hours a week
For users whose sound exposure is primarily through audio
devices, the app calculates audio exposure via the WHO-ITU
Occupational CDC, NIOSH Recommended Exposure standard. The exposure is calculated by
Level (REL): 85 dBA over 8 hours daily
𝑡2
∫𝑡1 (𝑝𝑎 (𝑡))2 𝑑 t (3)
OSHA Permissible Exposure Limit
(PEL): 90 dBA over 9 hours daily
where pa(t) is the A-weighted SPL in Pa. This exposure is
then compared to WHO’s weekly dose of 1.6 pa2h for adults
NIDCD: ≤ 70 dBA is safe; > 85 dBA is
and 0.51 pa2h for sensitive users (i.e. children).
damaging over time
The remaining occupational and military standards described
Military US ARL: SPL shall not exceed an 8- in Table 1 prescribe noise dosages over a set amount of time.
hour time weighted average of 85 dBA Therefore, to address the standards specified for an 8-hour
time period (CDC, Military), the cumulative exposures can
be calculated using the OSHA formula. To compensate for

– 40 –
ICT for Health: Networks, standards and innovation

the different exposure volume for the 8-hour period, the The app samples environmental noise exposure using an
percent dosage calculation is multiplied by a factor f, where external microphone or internal phone microphone and can
f is the ratio of OSHA’s recommended 8-hour noise level (85 sample audio sound exposure from the mobile phone’s
dBA) over the other standard’s recommended 8-hour noise system audio player. The app leverages the mobile phone’s
level. short-range wireless connection to a PSAP consisting of
digital signal processor (DSP) packaged with a Bluetooth
2.4 Mitigation of discrepancies in measuring sound Low Energy (LE) module to more accurately measure the
exposure environmental and streamed sound exposure from a closer
distance to the user’s eardrum (Figure 1). Following the
There are a few causes of discrepancy when measuring a Bluetooth LE protocol will allow the app to receive data
user’s sound exposure. One such cause is the difference in points from the PSAP, subject to the particular DSP. For
distance between the ear and microphone sampling example, volume settings, battery level and ambient noise
environmental noise. Because sound attenuation is inversely levels may be available data points the app can query. When
proportional to the distance from the source, squared, the possible, hardware tests of the PSAP device can be
perceived sound at a point closer to the source of the sound performed by ensuring that input and output voltages do not
can be substantially louder than the perceived sound at a exceed those as listed in the DSP specification, as well as
point farther away. Another such cause is the type of accessing test points from the Bluetooth LE module to
microphone that is sampling. Different microphones have program and debug the module. Note that the PSAP is
different sensitivities, meaning that different microphones indicated for users without hearing impairment.
can possibly register different sound pressure levels from the
same sound signal. To mitigate these two causes of Privacy and security measures to safeguard personal
discrepancy, we propose using a microphone from a specific information include: (i) limiting data collection to that
PSAP product because the distance between the PSAP required specifically for app execution, (ii) implementing
microphone and the user’s eardrum is decreased and because Health Insurance Portability and Accountability Act
the software can be standardized to that specific PSAP (HIPAA) and General Data Protection Regulation (GPDR),
microphone’s sensitivity. and (iii) using Amazon Web Services (AWS) for cloud
security. To ensure data security, the app only collects
3. RESULTS amplitudes of the sound in decibels and stores them in
dynamoDB using s3 provided by AWS, which highly
3.1 App overview emphasizes security and strictly meets US and international
compliance requirements.
The Hearing Health app (Figure 1) is designed as a software
tool to serve as a companion for personal hearing health that 3.2 User voice assessment for app personalization
prompts a user to make informed decisions about personal
listening behaviors based on personal listening trends. An initial assessment of user awareness of NIHL and
Throughout the day, the app monitors sound levels to preferences for app personalization features was conducted
estimate the user’s sound exposure, while also presenting in several user segments to represent a wide demographic
alerts and notifications to the user to indicate how the and is summarized below. The user segments included
personal listening behavior compares to sound doses military and civilian, young adults (age 18-25 years) and
prescribed by safe listening standards. The app also provides adults (age >25 years), with or without perceived hearing
personalized recommendations to limit or counteract unsafe impairment.
noise exposure that is relatable to daily lifestyles.
CIVILIAN, young adult, not aware of personal impairment:

• limited awareness of NIHL;


• general perception that NIHL is not a risk for them;
• prefer to use personal audio devices throughout the day,
even during classes and face-to-face conversations;
• some would like to mitigate NIHL risk;
• app would be helpful; but need to integrate to daily life.

CIVILIAN, young adult, with hearing impairment, tinnitus:

• some awareness of NIHL;


Figure 1 – Hearing Health app overview • may or may not wear hearing aids or hearing protection
devices as they are inconvenient or not effective;

– 41 –
2019 ITU Kaleidoscope Academic Conference

• app could be helpful to assess and potentially mitigate


risk;
• willing to make incremental lifestyle changes after
NIHL awareness using hearWHO App .

CIVILIAN, adult, not aware of personal impairment:

• some awareness of NIHL;


• sound measurement accuracy and use of reliable
standards important;
• app should provide continuum of assessment, alerts and
meaningful recommendations throughout the day that
can be readily incorporated into daily activities; Figure 2 – Hearing Health app functionalities
• privacy and security concerns need to be addressed.
TRACK - Real-time volume level and cumulative sound
CIVILIAN, adult, with hearing loss, tinnitus: pressure exposure: Real-time volume level is measured in
dBAs, capturing the sound exposure the user is experiencing.
• strong concern about NIHL; This lets the user see the sound level of their current
surroundings, meanwhile allowing the app to sample this
• reluctance to take action due to stigma;
exposure and make recommendations based on the sample.
• concerned about hearing aid amplification being used;
could damage hearing further;
Cumulative sound pressure exposure monitors the user’s
• want personalized and relatable feedback to integrate
daily and weekly noise dosage based on adjustable user
into daily life and potentially decrease further loss;
preferences. The user can leave the microphone on for
• receptive to using phone to measure sound exposure. continuous sampling throughout the day or turn the
microphone on during different parts of their day where
MILITARY, young adult, not aware of personal impairment: exposures are anticipated to be high, for example sampling
their commute route or gym routine.
• understand high risk of NIHL due to instructions from
senior personnel; ALERT - Risk of NIHL: Risk alerts are in place for
• do not consistently use hearing protection devices as potentially unsafe exposure, calculated based on the US and
these prevent hearing normal conversation and impact UN standards as described previously, with a timer for the
completion of duties; remaining amount of time left that is recommended for the
• only wear hearing protection devices when operating user to continue listening at that exposure level. Additional
machinery; often still exposed to loud sounds, such as notification options (e.g. set at fixed time intervals) are
artillery; available based on user preference.
• app could help to assess risk during off-duty hours or
post-discharge; potentially help in preserving residual REPORT - Personalized to user activities: Daily and weekly
hearing. exposure reports are based on calculations aligned with US
and UN standards. Recommendations are made based on the
In summary, there was varying awareness of NIHL and its app’s analysis of the user’s listening behaviors. These
consequences; however, it was encouraging that there was notifications would advise the user based on their sound
interest in personal hearing health and support for a tool that exposure such as to lower phone volume, listen to music of
could be integrated into daily life. a different genre, use hearing protection based on their
environment, shorten exposure duration by suggesting
3.3 App functionalities to implement safe listening breaks and alternative sound exposure options (guided by
standards and personalization daily activities) if there are continuous exposures above safe
listening.
The Hearing Health app functionalities (Figure 2) were
designed based on user feedback and the WHO-ITU toolkit EDUCATE - NIHL awareness and preventative measures:
[17] as presented in Figure 2. As the purpose of the app is to help users practice hearing
wellness, relevant education and information on NIHL from
medical, federal, military and regulatory sources will be
provided. This material would cover the causes of hearing
loss, who is at risk, and current standards that regulate noise
exposure. Concerned users can learn more about various
hearing healthcare topics relevant to their lifestyle, easily
accessible options to check their hearing (e.g. hearWHO

– 42 –
ICT for Health: Networks, standards and innovation

app), considerations for selecting hearing protection based As depicted in Figure 3, the app presents the highlights of
on their needs and preferences, and other recommended the user’s noise exposure in the Hearing History and the
practices aimed at preventing hearing loss. Listening Profile modules. The Hearing History module
displays graphs of the user’s measured noise exposure over
The main goal of the app is to encourage and facilitate the time period to which the user toggles (i.e. past hour, past
healthy listening behaviors by creating a personalized sound day, past week). The listening profile keeps track of the
exposure profile and with engagement tools personalized to qualitative aspects of the user’s listening experience, such as
the user. Based on the functionalities described above, there what genre of music to which the user frequently listens and
are three main approaches for user interface personalization: periods of the user’s day where the noise exposure is
(i) active and customizable monitoring, (ii) awareness of heightened (i.e. an exercise class or a noisy commute).
personal exposure and (iii) feedback.

Personalized monitoring is accomplished selecting intervals


at which noise exposure is sampled and logged into the
cumulative exposure assessment. This flexibility allows for
improving accuracy by recommending the user to increase
the sampling rate, and accounts for efficiency by letting the
user pick times of the day to sample based on daily habits.
The user also has the flexibility of choosing the interval of
alerts and recommendations. This enables the user to select
timing when the information will be useful and likely to be
acted upon.

Personalized real-time exposure monitoring overcomes the


fact that a user cannot always perceive noise exposures that
have the potential to impair hearing. For example, short-term
loud volume levels (e.g., impact sounds) or long-term
exposure to seemingly tolerated sound levels may not cause
discomfort to otherwise alert the user of unsafe exposure.
The app’s functionality provides the user with a method of
estimating personal exposure, through defined standards,
which can then be used to assess the risk of such exposures.
The user’s estimated real-time noise exposure with effective
visual and haptic cues indicate potentially damaging
exposure levels. The cumulative noise exposure acts
similarly to indicate the potential risk faced by the user based
on the cumulative exposure duration.

Personalized feedback is derived from a comparison of


trends in the user’s real-time sound pressure level and
cumulative sound pressure exposure to the user’s desired
sound exposure, as per the relevant standards. The generated
feedback addresses outliers in the user’s noise exposure with
suggested recommendations to address the unsafe exposures.
These feedback mechanisms are iterative, in that previous
feedback is evaluated alongside changes in listening
behavior to assess the usefulness of that feedback to the user.
In the case that the previous feedback did not produce the
desired change in listening behavior, feedback offering
different solutions will be presented to the user.

3.4 Hearing Health app visual interfaces

The following interfaces display a sequence from login, user


profile selection, personal sound exposure report, alerts with
recommendation, education.

– 43 –
2019 ITU Kaleidoscope Academic Conference

Build for sustainability: Effective and continued adoption of


the app is being ensured by core features that can be readily
integrated to a user’s lifestyle with core app functionalities
based on UN and US standards. These will be continuously
updated based on the evolution of standards, as well as user
needs.

Be data driven: The app utilizes personal sound exposure


data to calculate cumulative and real-time exposures. Focus
is on obtaining the highest possible level of accuracy in
capturing sound exposures and associated computations to
inform users. Personalization features such as customizable
monitoring, personal exposure reports and feedback are
anticipated to have a positive impact on user’s listening
behaviors.

Use open standards, open data, open source, and open


innovation: The app implements public regulatory standards.
The user can share data obtained by the app at his/her
discretion.
Figure 3– Examples of Hearing Health app interfaces with
personal sound exposure, time-based alert and education Reuse and improve: Ongoing development of the app will
include modular user recommendations and interfaces for
3.5 Incorporation of principles of digital specific user subsections (e.g. based on age, occupation).
development
Address privacy & security: All user data is taken with the
To enhance the value of the app, the nine principles of digital user’s consent, as per HIPAA guidelines. Only the user can
development are being implemented as follows: export his/her data. Future plans are for alignment with EU
GDPR. All data is stored in AWS to ensure security.
Design with the user: User-centricity is highlighted in the
personalization features described previously. An iterative Be collaborative: The app development is a culmination of
process incorporating user feedback to further adapt input from regulatory agencies (including the US Food and
personalization features is planned. Drug Administration) and end users from various
demographics.
Understand the existing ecosystem: The app integrates
WHO-ITU and US occupational and military standards. The 4. CONCLUSIONS
app will be available for use with Android and iOS operating
systems and will connect to a user’s PSAP. Additional To facilitate the integration of safe hearing standards to
features addressing the FDA OTC Hearing Aid Rule (to be influence an individual’s listening behaviors, we propose the
finalized by Aug 2020) is anticipated. Features and claims of Hearing Health app, available on both iOS and Android
the proposed app are in alignment with FDA’s Patient operating systems. The app can be paired to hearing
Decision Support guidance [18] that is exempt from technology hardware, including a PSAP, to track daily
regulatory oversight. exposures to audio and environmental sounds, provide alerts
based on WHO-ITU and US (federal and military) standards,
Design for scale: Achieving greater outside communication and engage users by providing recommendations and
is planned by the following activities: outreach to WHO education that can be integrated into their occupational needs,
(hosting World Hearing Day, attending 2019 UNICEF- daily lifestyle and recreational activities. The app
WHO Exhibition on Assistive Technology), US Military development is aligned with WHO principles of digital
(presentation at 2019 Military Health System Research development and is envisioned to function as a companion
Symposium), CDC and NIOSH. Small business funding tool to encourage safe listening behaviors.
applications to the Department of Defense, NIDCD,
National Science Foundation are ongoing. The current proposal is focused on implementation of
Commercialization strategies that allow for distribution on aggregated safe listening standards primarily for users with
larger scales include app distribution on AppStore and no perceived hearing impairment. An advancement of the
Google Play and participation in UN Global Marketplace. app will be for users with hearing impairment with the
objectives of evaluating appropriate standards for use with
hearing aids and engagement strategies for effective use of

– 44 –
ICT for Health: Networks, standards and innovation

hearing aids, preservation of residual hearing and [7] OSHA standard 1910.95, Occupational noise
improvement of quality of life. exposure, accessed 2019:
https://www.osha.gov/laws-
The app development has been influenced by the global need, regs/regulations/standardnumber/1910/1910.95
priorities for systems and services for assistive products as
announced by the UN Global Partnership for Assistive Appendix A Noise exposure computation
Technology [19]. For hearing aids, one of the five identified https://www.osha.gov/laws-
‘priority’ products, the proposed app could serve as a tool to regs/regulations/standardnumber/1910/1910.95App
advance overall hearing healthcare while addressing needs A
for global awareness, access and user-centric innovation.
[8] NIOSH Sound Level Meter App, 2019:
In the US, the National Academies of Science, Engineering https://www.cdc.gov/niosh/topics/noise/app.html
and Medicine (NASEM) report on improving access and
affordability for hearing healthcare identifies the need for [9] Department of Defense, Design criteria noise limits.
innovative solutions for patient-centered care with a 2015:
recommendation for a new category of over-the-counter https://www.arl.army.mil/www/pages/343/MIL-
hearing devices [20]. The report also recommends engaging STD-1474E-Final-15Apr2015.pdf
a wider community by awareness, education and support.
We envision the Hearing Health app to be a component of [10] U.S. Army Public Health Command. Hearing loss
an OTC hearing aid system that would engage the user in and noise. 2019:
better management of personal hearing health needs https://phc.amedd.army.mil/PHC%20Resource%20
supporting effective use of the hearing aid. Library/HEARING_LOSS_AND_NOISE.pdf

Cumulatively, the experience from users with and without [11] Department of Defense, Hearing Center of
hearing impairment could be of significance for potential Excellence, accessed 2019:
extensions of Recommendation ITU-T H.870 to other use https://hearing.health.mil/Prevention/Preventing-
cases. Noise-Induced-Hearing-Loss/How-Loud-is-Too-
Loud
REFERENCES
[12] ITU-T. H.870. Guidelines for safe listening
[1] J. Eichwald, F. Scinicariello, J.L. Teffer, and Y.I. devices/systems, 2018. https://www.itu.int/rec/T-
Carroll. “Use of personal hearing protection devices REC-H.870-201808-I/en
at loud athletic or entertainment events among adults
– United States, 2018. Morbidity and Mortality [13] WHO-ITU Standard. Safe Listening Devices and
Weekly Report, vol. 67 no. 41, pp 1151-1155, 2018. Systems, 2019.
https://apps.who.int/iris/bitstream/handle/10665/280
[2] National Institute on Deafness and other 085/9789241515276-eng.pdf?ua=1
Communication Disorders, 2017:
https://www.nidcd.nih.gov/news/2017/us-adults- [14] World Health Organization, hearWHO, 2019.
aged-20-69-years-show-signs-noise-induced- https://www.who.int/deafness/hearWHO/en/
hearing-loss
[15] WHO guideline, Recommendations on digital
[3] World Health Organization, 2019: interventions for health system strengthening, 2019:
https://www.who.int/deafness/en/ https://apps.who.int/iris/bitstream/handle/10665/311
941/9789241550505-eng.pdf?ua=1
[4] Centers for Disease Control and Prevention, 2017:
https://www.cdc.gov/vitalsigns/HearingLoss/ [16] Principles of digital development, accessed 2019:
https://digitalprinciples.org/principles/
[5] National Institute on Deafness and other
Communication Disorders, 2019: [17] WHO-ITU toolkit for safe listening devices and
https://www.noisyplanet.nidcd.nih.gov/kids- systems, 2019:
preteens/keep-listening-to-the-beat https://apps.who.int/iris/bitstream/handle/10665/280
086/9789241515283-eng.pdf?ua=1
[6] NIOSH Occupational noise exposure, revised
criteria, 1998: https://www.cdc.gov/niosh/docs/98- [18] FDA Draft Guidance. Clinical and Patient Decision
126/pdfs/98- Support Software, 2017:
126.pdf?id=10.26616/NIOSHPUB98126 https://www.fda.gov/media/109618/download

– 45 –
2019 ITU Kaleidoscope Academic Conference

[19] ATScale, Global Partnership for Assistive [20] Hearing health care for adults. Priorities for
Technology, 2019: improving access and affordability, NASEM, 2016.
https://static1.squarespace.com/static/5b3f6ff171069
9a7ebb64495/t/5ca3cfd3fa0d60051a9a7703/155423
9448526/ATscale_Strategy_Overview_February_20
19.pdf

– 46 –
SESSION 3

MEDICAL IOT

S3.1 Facilitating healthcare IoT standardization with open source: A case study on OCF and
IoTivity
S3.2 Empirical study of medical IoT for patients with intractable diseases at home
FACILITATING HEALTHCARE IOT STANDARDIZATION WITH OPEN SOURCE:
A CASE STUDY ON OCF AND IOTIVITY

Hongki Cha1, Younghwan Choi1 and Kangchan Lee1


1
Electronics and Telecommunications Research Institute (ETRI), Daejeon, Republic of Korea
{cha8476, yhc, chan}@etri.re.kr

ABSTRACT patients’ health conditions and respond to immediate


medical conditions more proactively and predict conditions
Healthcare Internet of things (IoT) opens up seamless based on the data collected from IoT devices. Hospitals can
opportunities by unleashing possibilities to implement better keep track of medical devices embedded with geolocation
healthcare services. Increased interest in this led to active sensors such as wheelchairs and oxygen pumps to better
standardization in various standards development locate patients.
organizations (SDOs). However, the proliferation of
different international healthcare standards has not brought Taking into account that healthcare IoT has the potential to
about full deployment of healthcare IoT services and change people’s lives and can deliver a significant impact on
business opportunities in the healthcare domain. the medical domain, an increased interest in this has led to
Nevertheless, there have been some efforts to take advantage active standardization in various standards development
of open-source projects as an enabler to facilitate better organizations (SDOs). The Open Connectivity Foundation
deployment of healthcare IoT standards. In this paper, the (OCF) defined several healthcare devices which can
authors develop a case study of their efforts to standardize interoperate with other OCF smart home devices in the OCF
healthcare IoT with IoTivity, with the Open Connectivity ecosystem. IEEE specified the base architecture and device
Foundation (OCF). Then they discuss the benefits of IoTivity specializations for healthcare and medical devices, which
and how it has led to the enhancement of standardization were reflected in Continua guidelines of Personal Connected
efficiency and acceleration in healthcare IoT. The authors Health Alliance (PCHA). Health Level 7 International (HL7)
conclude by recommending ITU-T to continue their efforts to provides a common data model framework named Fast
seek the roles of open-source implementation for faster Health Interoperable Resources (FHIR). IEC/TC 62 defines
adoption of not only healthcare IoT standards but also their international standards for healthcare electrical systems and
overall Recommendations. software.

Keywords – healthcare, IoT, IoTivity, OCF, open source, However, the proliferation of different international
standardization healthcare standards has not brought about a wide
deployment of healthcare IoT services and business
1. INTRODUCTION opportunities. The fragmentation of standards hindered the
access and usage of developed standards because
Digital health, an integral part of the "Fourth Industrial implementing such standards did not always guarantee
Revolution", revolutionizes the medical and healthcare interconnectivity and compatibility between services and
domain, and in turn, helps us overcome the technical and devices. In addition, it was difficult to assure that such
socio-economic challenges we face around health. Leaping healthcare devices can interoperate with other devices from
to the next level of connected healthcare services is only different silos. Such concerns eventually isolated healthcare
possible when taking advantage of the Internet of things devices to communicate with other devices from other
(IoT), 5G and other emerging technologies. Such a globally domains.
connected healthcare ecosystem facilitates remote medical
services which act as a bridge between medical practitioners Nevertheless, there have been some efforts in taking
and people who are especially in need. advantage of open-source projects as an enabler to better
deploy healthcare IoT standards. Most recent and remarkable
Healthcare IoT opens up seamless opportunities by efforts include the standardization activities in the Open
unleashing possibilities to better implement healthcare Connectivity Foundation (OCF). The OCF sponsors an
services to patients, physicians and hospitals. Patients with open-source project to provide reference implementations of
wirelessly connected devices can seamlessly track their the OCF specifications. IoTivity, an open-source project of
health conditions and request emergency assistance from the Linux Foundation, is sponsored by the OCF and aims to
physicians and hospitals. Physicians can track or monitor bring the open-source community together to accelerate the

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 49 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

deployment of OCF specifications. The reference [6], loss of productivity and motivation at work [7], and
implementation of healthcare devices such as blood pressure violation of license policy [8].
monitors helps developers to install pre-written code very
quickly and allows them to test and enhance the software. 2.2 Governance, organization and the process of
innovation in open-source software projects
In this paper, the authors develop a case study of their efforts
to standardize healthcare IoT with IoTivity, with the OCF. Competitive dynamics enforced by open-source innovation
First, the authors conduct a literature review on open-source in organizations, from the governance perspective, has led to
innovation to provide a theoretical background to the case more interest and resolutions to better adoption. It was found
study. Second, the authors introduce the OCF, its policy that the share of corporate contributions is much larger in
called “3-pillar alignment” and IoTivity to illustrate what large and growing projects [9], which implies that the
open-source implementation means to the OCF. Third, the contributions of companies are growing in volume.
authors discuss how they proposed new healthcare devices
and data models and how they eventually published the first Meanwhile, the operational efficiency potential and business
healthcare devices in the OCF. Finally, the authors discuss agility of open-source adoption are expected to mitigate the
the benefits of taking advantage of IoTivity and how it led to difficulty of accepting new models for designing, developing,
the enhancement of standardization efficiency and testing and deploying network solutions to the
acceleration in healthcare IoT. telecommunications industry [10]. In this sense, the 2016
World Telecommunication Standardization Assembly
2. RELATED WORKS (WTSA-16) resolved that the Telecommunication
Standardization Advisory Group (TSAG) pursue their work
In this section, the authors review relevant literature and on the benefits and disadvantages of the implementation of
studies on open-source innovation to provide a theoretical open-source projects in relation to the work of the ITU
background to this paper. A large volume of research on Telecommunication Standardization Sector (ITU-T), as
open-source innovation has found that such organizational appropriate [11]. More general research on this subject was
principles and operational culture has attracted competent a review that authors provided a framework which classified
individuals and organizations. The authors mainly focus on six distinctly different ways in which organizations adopt
existing findings, especially to understand why open-source open-source software [12].
innovation and projects attract people and organizations. The
review helps us understand why the OCF has put a particular Based on the common understanding of open-source
emphasis on taking advantage of open-source projects to innovation and why they attract individuals, the authors
provide reference implementations of OCF specifications proceeded to discuss a specific case of the OCF on how they
since its establishment. took advantage of open-source projects to develop healthcare
standards.
2.1 Motivations of open-source software
contributors 3. INTRODUCTION TO OCF

Motivations of open-source software contributors have In this section, the OCF, its unique policy called "3-pillar
always been the leading interest for research on open-source alignment" and its open-source project “IoTivity” are
innovation. These studies on open-source innovation introduced to provide a basic understanding of the OCF.
claimed that the popularity growth of open-source products
and platforms from various perspectives are: career concern 3.1 OCF
[1], ego gratification incentive [2] that motivate
programmers to participate in open-source projects, and Founded in 2014, the OCF comprises of over 400 member
organization and process of innovation [3]. These authors companies including Samsung Electronics, Intel, LG
commonly stressed that the success of an open-source Electronics, and Qualcomm to provide an IoT framework
project is attributed to its modularity, fun challenges to that works in various vertical domains including smart home,
pursue and credible leadership. healthcare, etc. [13] The OCF aims to provide
interoperability among IoT devices not only in the OCF
There also have been studies which summarized five ecosystem but also outside OCF boundaries to support
characteristics that have led to the proliferation of multi- multiple verticals. Legacy vertical services are traditionally
disciplinary research with regard to open-source innovation. designed as silos where there are no universal ways to
They include impact, transparency, theoretical tension, interwork between them. However, the OCF sets its goals to
communal reflexivity and proximity [4]. It is noted that specify and provide a foundational middleware platform for
open-source licenses are designed to ensure the rights of heterogeneous vertical applications. They develop technical
future users against appropriation [5]. Nevertheless, there are specifications to provide a foundational architecture, security,
significant advantages to open source whereby resources and bridging and other requirements, which in turn allow devices,
contributors involved in innovation are widely distributed regardless of manufacturers, to communicate between
throughout the globe. However, other studies have stressed themselves. Table 1 describes the list of OCF specifications
the drawbacks of open-source innovation such as free-riding and OCF healthcare devices that the authors proposed and

– 50 –
ICT for Health: Networks, standards and innovation

Table 1 – List of OCF specifications and OCF healthcare devices

OCF specifications OCF healthcare devices Releases


OCF Core Specification Blood pressure monitor 2.0.0
OCF Core Optional Specification Glucose meter 2.0.0
OCF Bridging Specification Body scale 2.0.0
OCF Resource Type Specification Body thermometer 2.0.0
OCF Device Specification Heart rate monitor 2.0.4
OCF Wi-Fi Easy Setup Specification Pulse oximeter 2.0.4
OCF Device to Cloud Services Specification Sleep monitor 2.0.4
OCF Resource to AllJoyn Interface Mapping Specification Activity tracker 2.0.4
OCF OneM2M Module Class Mapping Specification Continuous glucose meter 2.0.4
OCF Resource to Zigbee Cluster Mapping Specification Cycling power meter 2.0.5
OCF Security Specification Cycling speed sensor 2.0.5
OCF Onboarding Tool Specification Cycling cadence sensor 2.0.5
OCF Cloud Security Specification

Table 2 – OCF specification development process and validation to OCF specifications. The OCF provides the
conformance test tool (CTT) to authorized test laboratories
Process Description (ATLs) and specification developers to validate devices.
1 Identify use cases, scope, and requirements Specification developers must define new test cases to the
2 Write draft specification
CTT to test whether devices comply with the proposed
specification or not. The OCF gives logos to the devices that
3 Develop open source code and test cases
pass the certification test. The final pillar is the open-source
4 Distribute draft specification for IPR review reference implementation of the OCF specifications.
5 Publish final specification Specification developers have to provide a properly working
defined as part of the OCF Device Specification. The open-source code to guarantee whether the proposed
development of OCF healthcare devices are further specification is valid or not. The CTT validates the reference
elaborated in section 4. implementation. A new specification is allowed to be
published if all three pillars are satisfied.
The OCF offers RAND-Z as its intellectual property rights
(IPR) to facilitate the deployment of OCF technology among 3.3 IoTivity
members. Offering manufacturer-friendly IPR policies
enables the growth of the market by attracting not only large IoTivity is an OCF-sponsored open-source project, which
enterprises but also start-ups. After a continuous merger with implements all mandatory features of the OCF specification
UPnP and AllSeen Alliance, the OCF has become one of the along with some optional features [15]. It provides a
most significant industrial consortia for IoT standardization. reference implementation of OCF specifications to ensure
Most recently in November 2018, the OCF announced that interoperability between OCF devices and certification of
OCF 1.0 specifications have been ratified as international OCF products. OCF members take advantage of IoTivity
standards by ISO/IEC JTC 1 and approved as ISO/IEC because publication of OCF specifications requires open-
30118 (Parts 1-6) [14]. source implementation and certification. In this sense,
IoTivity provides the fastest and the easiest way to develop
3.2 3-pillar alignment not only standards but also products. IoTivity can be
installed in many IoT devices, even in class 2 constrained
devices [16] to minimize CPU load, traffic and bandwidth.
Unlike any other industry groups or SDOs, the OCF has a
IoTivity uses an Apache 2.0 license with its accompanying
unique policy when developing its specifications: the policy
patent grant.
is titled the "3-pillar alignment", which mandates
specification developers to provide not only specifications,
but also a proof of passing the certification program provided 4. HEALTHCARE SPECIFICATION
by the OCF, and finally, an open-source reference DEVELOPMENT IN OCF USING IOTIVITY
implementation of the proposed specification. The ultimate
goal of 3-pillar alignment is to ensure full interoperability In this section, the authors carry out an in-depth analysis of
between devices and compatibility to specifications. their standardization efforts for the development of
healthcare IoT devices for the OCF specification and how
The first pillar is the specifications which define baseline they engaged in open-source reference implementations. The
functionalities and vertical profiles for OCF devices as authors primarily focus on the interaction with IoTivity and
described above. The second pillar is the certification why using the open-source solution was crucial during the
program to carry out conformance testing for interoperability specification development. The authors explain how IoTivity
offered a solution to meet the challenge of developing

– 51 –
2019 ITU Kaleidoscope Academic Conference

Table 3 – OpenAPI code snippet of blood pressure The authors also emphasized that healthcare IoT devices
could keep track of the people at risk of developing chronic
{
"swagger": "2.0", disease and manage their ailments. These devices can weave
"info": { into everyday lives, seamlessly collect activity metrics, and
"title": "Blood Pressure", encourage maintaining healthy behaviors. Furthermore, the
... authors stressed that standardizing the healthcare ecosystem
}, was the way forward to ensuring peer to peer independence,
... user’s confidence and data, which eventually lead to
"definitions": { actionable business insights. Since the healthcare industry is
"BloodPressure": { affected by many regulatory bodies, the new group intended
"properties": {
to account for privacy, security and global regulatory bodies.
...
"systolic": { The OCF approved the establishment of the Healthcare
"description": "Systolic blood pressure", Project and the specification development was initiated.
"minimum": 0.0,
"readOnly": true, 4.2 Write draft specification
"type": "number"
}, Defining a new OCF device is twofold: Specify the behavior
"diastolic": { and requirements of a new device, and design any necessary
"description": "Diastolic blood pressure",
data models which need to support the new device. The
"minimum": 0.0,
"readOnly": true,
authors leveraged the existing core functionalities including
"type": "number" the protocol used for transmission [17], data modeling
}, practices [18], and security [19] to ensure the OCF healthcare
... devices are interoperable with other OCF devices from
"type": "object", different silos.
"required": [
"systolic", The authors designed each healthcare device as follows. The
"diastolic" authors specified a minimal set of resources that shall be
]
implemented by the device and an additional optional set of
}
} resources that may be exposed by the device. A blood
} pressure monitor, for example, must expose blood pressure
information (systolic blood pressure, diastolic blood pressure,
healthcare applications. Table 2 summarizes the etc.) but may expose mean arterial pressure (MAP), pulse
specification development process in the OCF. The table rate, units (mmHg or kPa), associated timestamp [20] and
provides an overall view of how the authors developed OCF user identification. Defining mandatory and optional
specifications. resources separately allowed minimizing payload
transmitting between OCF devices.
4.1 Identify use cases, scope and requirements
Next, the authors defined healthcare data models based on
New specification development in the OCF starts with the OpenAPI specification [21]. The OpenAPI specification
identifying use cases, scope and technical requirements. In is an open-source project which defines programming
this sense, the authors proposed the Healthcare Project to language-agnostic RESTful APIs. The specification is
initiate standardization on healthcare IoT. The objective of expressed by Swagger [22]. Table 3 is a snippet of authors’
the new group was to evaluate use cases, derive proposed data model for blood pressure. The data model is
interoperability requirements and develop technical uploaded to OCF Github [23] and oneIoTa [24], which is the
specifications for the healthcare vertical within the OCF's official web-based data model repository. The data
framework of the OCF. model specifies how blood pressure data shall be exposed on
the wire. For example, all systolic blood pressure
The goal of the specification was to define OCF healthcare communicated within the OCF must be a read-only floating
devices in healthcare, fitness and medical domains of the number titled “systolic” whose minimum value is 0. The
OCF ecosystem. Regardless of devices, the authors proposed proposed data model was approved by OCF reviewers as
a simplified operational scenario which involves OCF final prior to open-source development because the open-
servers (e.g. body scale, glucose meter, etc.) and OCF clients source reference implementation had to comply with the
(monitoring devices such as smartphones). Eventually, the predefined approved data model.
collected data could be used for tracking users’ fitness
conditions or transferring them to medical institutes to In addition, the authors defined an additional functionality
receive remote services. The technical requirements for and requirement to the core specification [17] to ensure
healthcare specifications were to provide additional better interoperability among OCF devices. In certain use
healthcare device types and data models and, if deemed cases, healthcare devices require that the information of
necessary, additional functional requirements to be added to multiple resources be only accessible as a group and
the core specification [17]. individual access to this information of each resource by an

– 52 –
ICT for Health: Networks, standards and innovation

Table 4 – C++ Code snippet of blood pressure monitor First of all, the authors wrote a C/C++ code which
encapsulates the requirements and functionalities of the
//-----------------------------------------
// Title: [IoTivity][Blood Pressure Monitor] Linked Resource proposed additional functional requirement (atomic
Type: Blood Pressure measurements), which had the potential to affect the core
// Description: Defines "oic.r.blood.pressure" and its behaviors specification [17]. There existed two ways to develop: first
//----------------------------------------- was to modify the core code of IoTivity by adding new APIs
... to the IoTivity library [25] with regard to the new functional
OCRepPayload* getBP1Payload(const char* uri) requirement, and second was to build an application which
{ runs on top of the existing core IoTivity code but not adding
OCRepPayload* payload = OCRepPayloadCreate(); new APIs to the IoTivity library. The authors chose the latter
if(!payload) because building a separate application would save much
{
more time.
OIC_LOG(ERROR, TAG, PCF("Failed to allocate
Payload"));
return nullptr; In this sense, the authors developed a proof of concept (PoC)
} of blood pressure monitor reflecting the atomic
size_t dimensions[MAX_REP_ARRAY_DEPTH] = { 0 }; measurements requirements and uploaded to GitHub for peer
review [26]. Table 4 is a C/C++ code snippet which describes
dimensions[0] = 1; the payload transferred from the blood pressure monitor. The
char * rtStr[] = {"oic.r.blood.pressure"}; payload had to comply with not only the schema in Table 3
OCRepPayloadSetStringArray(payload, "rt", (const char but also the atomic measurement requirements that the
**)rtStr, dimensions);
authors proposed. Thus, several APIs defined in IoTivity C
OCRepPayloadSetPropString(payload, "id",
"user_example_id"); SDK [27] and IoTivity C++ SDK [28] were used to describe
OCRepPayloadSetPropInt(payload, "systolic", 0); the payload. For example, OCRepPayloadCreate() function
OCRepPayloadSetPropInt(payload, "diastolic", 0); was used to create a new payload and
OCRepPayloadSetPropString(payload, "units", "mmHg"); OCRepPayloadSetPropInt() was used to set an integer
property to that payload. Meanwhile, the way to encapsulate
return payload; the overall payload and send them on the wire required
} certain routines of combining functions and triggering error
OCF client is prohibited. For example, users need to be able messages. Taking advantage of the existing SDK allowed the
to retrieve their blood sugar level and the time of authors to easily duplicate, test and eventually improve the
measurement simultaneously from his or her glucose meter, deliverables in the future.
in order to properly keep track of the daily glucose level
fluctuation. In this sense, the authors named this additional Finally, the authors proposed new healthcare device
feature as "atomic measurement" and defined its common definitions and asked for a pull request by adding lines of
properties, normative behavior, security considerations and device and resource definitions in JSON format to the OCF’s
other requirements. The proposal was also drafted but had to GitHub repository where the OCF manages all device,
be discussed at a different group (Architecture Task Group) resource and enumeration definitions [29]. In the repository,
where the Core Specification [17] is developed. there is a folder where the information of the device
specification in a machine-readable format is stored. This
4.3 Develop open-source code and test cases repository intends to provide the information in a machine-
readable format for CTT, which in turn, ensures the latest
While the authors were developing the specification for new information of OCF devices for certification program. The
healthcare devices and additional functional requirements, pull request was eventually merged as final.
they had to simultaneously develop the open-source
reference implementation of the proposed specification and Concurrently, the authors had to develop test cases while
test cases for the certification and CTT. developing the code. Test cases in the OCF aim to verify if
the written code well complies with the specification. All
In the OCF, developers are free to choose any open-source mandatory requirements of OCF specifications must have
code for reference implementations. Similarly, the authors corresponding test cases which ensure compatibility and
had the freedom to choose from existing open-source interoperability of OCF devices. The test cases should be
projects which implement OCF specifications or could start able to run in all OCF devices regardless of manufacturers
from scratch. As introduced above, IoTivity has been an and platforms. The approach here for authors was also
OCF-sponsored open-source project since the establishment twofold: the test cases for mandatory resources of each
of the OCF. The project was initiated and developed by healthcare device and the test cases for atomic measurement.
architects of Intel and Samsung Electronics, and periodically The authors developed all necessary test cases, and the test
published stable releases. Any developers can download, cases were incorporated into the CTT. The CTT was
fork, commit and contribute to the existing project to file eventually ready for Plugfest, which is an official OCF
bugs and improve the code. The authors thus decided to take interoperability and compatibility certification event for
advantage of the existing architecture and APIs of IoTivity OCF members to test their device against the CTT and the
using C/C++ [25]. OCF devices of other companies.

– 53 –
2019 ITU Kaleidoscope Academic Conference

Figure 1 – Healthcare PoC at CES 2018 motivations, such reference implementations lowered the
boundaries of OCF specifications, and it was clear that
IoTivity led to better organizational innovation [3] because
the authors fully benefited from the existing code provided
by IoTivity and its contributors. The authors were able to
spend dramatically less resource compared to what the
authors might have spent when developing from scratch. The
authors found that it is especially useful in the healthcare
domain because developers can put more efforts on privacy,
security and other regulatory aspects, which is considered
much stricter than those in the smart home domain.

4.4 Distribute draft specification for IPR review The authors stress that reference implementations using open
source enhances standardization efficiency. There is a
When all three pillars, including the specification, the test considerable population of companies, start-ups and
cases for certification, and the open-source reference hobbyists who are low on resources but interested in
implementation, were considered stable enough by OCF developing applications and products based on the published
members, the draft specifications including the new standards. An open-source community discloses extensive
healthcare devices and data models were put through IPR opportunities for those who need help from external experts
review. In general, the OCF posts new draft specifications around the world. Requesting a public review by other
for 60-day member IPR review when the test cases and open- experts can decrease debugging time. Also, it accelerates
source code are also ready for distribution. The comments better exposure and deployment of emerging technology
are subsequently submitted to the OCF and are reviewed by standards. It must also be noted that free-riding [6] by other
the relevant members if deemed necessary. If any OCF stakeholders could discourage development. However, it is
members intend to exclude necessary claims from the OCF’s highly recommended to use appropriate open-source licenses
IPR policy, they must provide a complete, appropriate and to protect ownership and track history of code change [5].
timely written notice of such intent to the OCF, no later than
the IPR review deadline. Since sufficient discussion was 5.2 Acceleration in healthcare IoT
made during the specification development and data models,
the authors received no additional comments with regard to Developing reference implementation using IoTivity opened
the new healthcare devices and data models. the potential and accelerated the healthcare IoT best
practices of IoT application developers. Reference
4.5 Publish final specification implementation eventually allowed manufacturers of other
domains to connect healthcare devices to their devices.
After the IPR review, the OCF published the new healthcare When the authors developed their PoC, the IoTivity code
devices and data models as part of OCF 2.0.0 Specification was also used and developed by other OCF members who
in June 2018 [30]. Publication of new OCF specifications were smart home device vendors. Thanks to the same code
implies full support of certification and open-source base, which acted as the same foundational software
reference implementation. In addition to the first four architecture, the IoT devices from different domains were
published healthcare devices, the authors defined five able to be tested with less challenge.
additional healthcare devices, which in turn, were published
as part of OCF 2.0.4 Specification in July 2019. The active corporate participation and contribution to
IoTivity lured more member companies into joining IoTivity.
5. DISCUSSION While contributions were growing in volume [9], the OCF
was able to exhibit the devices of its members at CES 2018.
In this section, the authors discuss the benefits of taking The devices were developed with IoTivity. At CES 2018,
advantage of IoTivity and how it has led to the enhancement The authors presented their healthcare PoC, including blood
of standardization efficiency and acceleration in healthcare pressure monitors, body thermometers, body scales and other
IoT. healthcare devices. The devices were able to connect and
interoperate with other smart home devices. Figure 1
5.1 Enhancement of standardization efficiency displays a user's health information, which was measured
using healthcare devices developed by the authors, to another
The main benefits of using IoTivity as an enabler was to OCF member's refrigerator. The exhibition at CES 2018
improve the development efficiency of the reference provided the viewers with insight on how the future of
implementation of the OCF healthcare specification. healthcare IoT would look like upon its realization.
Typically, sharing the same open-source project allows
developers to share best practices among peers while using 6. CONCLUSION
the code. These peer IoTivity developers may contribute to
the IoTivity project hoping for better promotion [1], or In this paper, the authors discussed the standardization of
perhaps pursuing self-satisfaction [2]. Regardless of their healthcare IoT at the OCF while focusing on IoTivity as its

– 54 –
ICT for Health: Networks, standards and innovation

enabler for the reference implementation. First, a literature incentives when standards developers provide reference
review on open-source innovation was carried out to provide implementations of Recommendations. For example, inside
a theoretical background to this paper. Second, the OCF, "3- the ITU-T’s template for A.1 justification for a new work
pillar alignment" and IoTivity were introduced to offer a item (NWI) proposal [35], a new line asking for plans for
contextual background to this paper. Third, a case study on reference implementations of Recommendations could be
the authors' efforts to specification development for added. By the time of completion of the Recommendation,
healthcare devices in the OCF using IoTivity was illustrated. the draft Recommendation could be evaluated and consented
Finally, the benefits of taking advantage of IoTivity and the based on the reference implementation, which complies with
implications for better enabling healthcare IoT the proposed Recommendation.
standardization were discussed.
From the technological perspective, developing reference
6.1 Prospective future works implementations would require Recommendation
developers to take advantage of existing open-source
IoTivity was discussed as a best practice for a reference projects to save time and resource. During code development,
implementation of OCF specifications, as well as an enabler developers would seek guidance for external experts, which
of facilitating the healthcare IoT. To harmonize with other will in turn, produce more mature deliverables. From the
SDOs outside the OCF, however, ensuring interoperability marketing perspective, active participation in open-source
between different healthcare standards groups using a projects would result in better promotion and exposure of
universal healthcare bridge could be a next step forward. The ITU-T Recommendations.
OCF has already defined an OCF bridging specification to
specify a high-level framework to translate between OCF Taking into account some best practices in the industry
devices and other ecosystems [31]. including IoTivity, the authors strongly recommend that
ITU-T, within their core mandates, continue their efforts to
However, work on developing a specific healthcare interface seek the roles of open-source implementation for faster and
mapping standard is not yet initiated. For example, HL7 equal adoption of not only healthcare IoT but also their
FHIR specifies over 100 data formats and elements, APIs to overall Recommendations. Such efforts could lead to the
exchange electronic health records (EHR) in the medical active participation of developers who can provide codes
domain [32]. Similar to IoTivity, there exists an open-source immediately applicable to production and deployment,
project called HL7 Application Programming Interface which helps companies who are especially in need of
(HAPI) to provide reference implementations of HL7 FHIR standardization development resources. Such practice could
[33]. In this sense, connecting the OCF and HL7, by eventually facilitate wider adoption of ITU-T
developing an interface mapping standard could surely bring Recommendations.
synergy not only to the OCF and HL7 but also to future
healthcare IoT ecosystems. Such prospective work could be 7. ACKNOWLEDGEMENT
accompanied by IoTivity and other possible open-source
activities for developers to understand the collaborating This work was supported by the Institute for Information &
standard more rapidly. communications Technology Promotion (IITP) grant funded
by the Korea government (MSIT) (No. 2019-0-00137,
6.2 Proposed efforts to ITU-T Standards Development of Platform and Networking
Interworking for IoT Interoperability).
International standards organizations are recognizing the
importance of open-source innovation. The WTSA-16 REFERENCES
instructed all applicable and relevant Study Groups of the
ITU-T, to consider output from TSAG on open source [1] J. Lerner and J. Tirole, “Some Simple Economics
mentioned in section 2, within available financial resources, of Open Source,” J. Ind. Econ., vol. 50, no. 2, pp.
to study the benefits of using open source to develop 197–234, Mar. 2003.
reference implementations of ITU-T Recommendations [11].
Likewise, JTC 1 recently reconstituted the Advisory Group [2] J. Lerner and J. Tirole, “The Economics of
on Open Source Software (ISO/IEC JTC 1/AG 3) to assess Technology Sharing: Open Source and Beyond,” J.
JTC 1’s current and potential requirements and opportunities Econ. Perspect., vol. 19, no. 2, pp. 99–120, 2005.
with regard to open-source software [34]. The ISO/IEC JTC
1/AG 3 also seeks to identify areas where open-source [3] G. Von Krogh and E. Von Hippel, “The Promise of
software can be used to initiate or accelerate standardization Research on Open Source Software,” Manage. Sci.,
projects and work programs within JTC 1 scope. vol. 52, no. 7, pp. 975–983, 2006.

ITU-T requires industry’s adoption and exposure of their [4] G. Von Krogh and S. Spaeth, “The open source
Recommendations. One possible way to facilitate the software phenomenon: Characteristics that promote
adoption and exposure of their Recommendations is granting research,” J. Strateg. Inf. Syst., vol. 16, pp. 236–
253, 2007.

– 55 –
2019 ITU Kaleidoscope Academic Conference

[5] G. Von Krogh and E. Von Hippel, “Special issue on [18] ISO/IEC 30118-4:2018 - Information technology --
open source software development,” Res. Policy, Open Connectivity Foundation (OCF) Specification
vol. 32, pp. 1149–1157, 2003. -- Part 4: Resource type specification:
https://ituk2019.page.link/ey3j
[6] C. Y. Baldwin and K. B. Clark, “The Architecture
of Participation: Does Code Architecture Mitigate [19] ISO/IEC 30118-2:2018 - Information technology --
Free Riding in the Open Source Development Open Connectivity Foundation (OCF) Specification
Model?,” Manage. Sci., vol. 52, no. 7, pp. 1116– -- Part 2: Security specification:
1127, 2006. https://ituk2019.page.link/B8Ro

[7] C. Melian and M. Mähring, “Lost and Gained in [20] RFC 3339 - Date and Time on the Internet:
Translation: Adoption of Open Source Software Timestamps:
Development at Hewlett-Packard,” in International https://ituk2019.page.link/uUB8
Federation for Information Processing 2008, pp.
93–104, 2008. [21] OpenAPI Specification:
https://ituk2019.page.link/2m6g
[8] M. Henley and R. Kemp, “Open Source Software:
An introduction,” Comput. law Secur. Rep., vol. 24, [22] Swagger:
pp. 77–85, 2008. https://ituk2019.page.link/8h2g

[9] J. Lerner, P. A. Pathak, and J. Tirole, “The [23] Blood pressure definition in OpenAPI (GitHub):
Dynamics of Open-Source Contributors,” Am. https://ituk2019.page.link/g8n6
Econ. Rev., vol. 96, no. 2, pp. 114–118, 2006.
[24] Blood pressure definition in OpenAPI (oneIoTa):
[10] S. A. Wright and D. Druta, “Open source and https://ituk2019.page.link/DLNP
standards: The role of open source in the dialogue
between research and standardization,” in 2014 [25] Official repository of IoTivity:
IEEE Globecom Workshops (GC Wkshps), pp. 650– https://ituk2019.page.link/3cXL
655. 2014.
[26] Reference implementation of blood pressure
[11] Proceedings of WTSA-16: monitor:
https://ituk2019.page.link/nM9x https://ituk2019.page.link/tega

[12] Ø. Hauge, C. Ayala, and R. Conradi, “Adoption of [27] IoTivity C SDK:


open source software in software-intensive https://ituk2019.page.link/wHgA
organizations - A systematic literature review,” Inf.
Softw. Technol., vol. 52, no. 7491, pp. 1133–1154, [28] IoTivity C++ SDK:
2010. https://ituk2019.page.link/pWaL

[13] Open Connectivity Foundation (OCF): [29] Information of the OCF device specification in
https://ituk2019.page.link/sReo machine readable format:
https://ituk2019.page.link/cx9A
[14] OCF official announcement of ratification of
International Standards: [30] OCF - The OCF Healthcare Project: Improving
https://ituk2019.page.link/4xSE health outcomes through IoT data:
https://ituk2019.page.link/9i2F
[15] IoTivity:
https://ituk2019.page.link/KPM8 [31] ISO/IEC 30118-3:2018 - Information technology --
Open Connectivity Foundation (OCF) Specification
[16] RFC 7228 - Terminology for Constrained-Node -- Part 3: Bridging specification:
Networks: https://ituk2019.page.link/U3E6
https://ituk2019.page.link/EBMe
[32] HL7 FHIR:
[17] ISO/IEC 30118-1:2018 - Information technology -- https://ituk2019.page.link/1nmD
Open Connectivity Foundation (OCF) Specification
-- Part 1: Core specification: [33] HAPI FHIR:
https://ituk2019.page.link/oySD https://ituk2019.page.link/bjy4

– 56 –
ICT for Health: Networks, standards and innovation

[34] ISO/IEC JTC 1 - Information technology: [35] ITU-T Templates:


https://ituk2019.page.link/NW44 https://ituk2019.page.link/xcWS

– 57 –
EMPIRICAL STUDY OF MEDICAL IOT FOR PATIENTS WITH
INTRACTABLE DISEASES AT HOME

Kentaro Yoshikawa1,2; Masaomi Takizawa3; Akinori Nakamura1 and Masahiro Kuroda4

1
Shinshu University School of Medicine, Japan
2
Nagano Prefectural Kiso Hospital, Japan
3
Central Corridor Communications 21, Japan4Goleta Networks Co. Ltd
yoshikaw@shinshu-u.ac.jp; takizawa@ccc21.co.jp; anakamu@shinshu-u.ac.jp; marshkamakura@yc5.so-net.ne.jp

ABSTRACT assistance [1], even though there are still legal issues
associated with remote patient care. In cases of monitoring
Telemedicine for chronic disease management is extending those patients remotely, critical events are false positive
to the home through the use of medical devices and ICT alarms and floods of similar alarms generated by highly-
technologies. Patients with intractable diseases, such as controlled medical devices. These events cause alarm fatigue
amyotrophic lateral sclerosis (ALS) and lethal not only in professional caregivers but also in families. There
neurodegenerative diseases, have been returning to their have been trials reducing the number of these events in
homes rather than remaining hospitalized. Reliable alarms hospitals intensive care units (ICUs), but the need for home
for condition changes of patients and burden reduction of care means that we also need to deal with intractable-disease
their families are taking root as foundations of telemedicine patients at home. There are investigations and discussions on
for patients with intractable diseases. This paper discusses alarms at ICU in hospitals [2-3]. Along with the trend to
reliable alarm delivery and expected medical IoT features extend the use of highly-controlled medical devices, such as
for those patients. A patient’s family has difficulty in setting an artificial ventilator, to the patient’s home, we need to
optimal parameters of life-support medical devices following tackle technical issues on alarms and also the management
patient condition changes. Also, caregivers and patients’ of the devices.
families expect reliable alarms and false alarm reduction
from tele-alarm systems used at home. We need to provide Medical devices have been developed for hospital use and
both anxiety relief for patients’ families and patient safety by have proprietary functions to output alarm sounds and to
reliably monitoring the patients. We designed and provide nurse calls via a wired interface [4]. When these
implemented an alarm delivery system for patients with devices are used at home, users need to carefully integrate
intractable diseases, and here we propose a prototype false- and operate them in their home network. A user needs to
alarm reduction mechanism for highly-controlled medical know the detailed meanings of functions in sophisticated
device systems including an artificial ventilator. We devices provided by manufacturers and to understand the
investigated alarms of a patient for one year, cooperating meaning of the data. In hospitals, medical doctors and
with the patient’s family. We need both hardware standard engineering staff take care of these issues, whereas at home
interfaces and consistent alarm functions between artificial it is difficult for them to be taken care of by the patient’s
ventilators. We conclude with our further work for patients family. There are two ways to develop standard interfaces
with different types of intractable diseases and for and procedures reducing the burden that artificial ventilators
standardization of medical IoT networks integrating false- impose upon medical doctors, visiting nurses and patient
alarm reduction systems. families. One is to integrate any artificial ventilator
following a standard operating interface and the other is to
Keywords – Artificial ventilator, crying wolf, false alarm, provide consistent alarm functions between ventilators.
intractable disease, medical IoT, telemedicine
In this paper, we first introduce a tele-alarm system and
1. INTRODUCTION explain real alarm-related issues. We explain issues that must
be dealt with when managing a highly controlled medical
The number of patients with intractable diseases is device, such as an artificial ventilator, at home. We then
increasing worldwide. The increasing number of ventilator- describe and discuss an approach to integrate various
dependent patients is exceeding the capabilities of hospitals ventilators manufactured by different companies expecting
and health organizations, shifting the burden of chronic care standard operating interfaces. We propose a software
to patients’ families. The need to reduce the burden on framework to integrate with a home IoT network and
caregivers and to increase safety has accelerated the describe our implementation of an alarm delivery system for
development of remote monitoring for home ventilator patients with intractable diseases and of a prototype false-

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 59 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

alarm reduction system having an interface to connect Most artificial ventilators have a nurse-call switch which is
various highly-controlled medical devices including an implemented as a means to inform caregivers of an urgent
artificial ventilator. When consistent alarm functions are situation caused by delayed notice of an alarm sound. Most
defined, they can be designed in various false-alarm ventilators are equipped with an emergency call connector,
reduction systems. We investigated alarms of a patient for and each model is connected to a gateway server by a
one year in cooperation with the patient’s family and connector.
discussed false alarm reductions that are required especially
for home use. We raise issues and conclude with our further There are two types of connecters to plug in a gateway, one
work for patients with different types of intractable diseases using a cable with 3 core wires for detection of cable
and for standardization of alarms and their treatment in disconnection and the other using 2 core wires. The left
medical IoT networks integrating false-alarm reduction figure and photo in Figure 2 show the normally closed (NC)
systems. type connection of an HT70Plus ventilator using a 3-core
wire cable, whereas the right figure and photos show the
2. BACKGROUND AND RELATED WORKS normally open (NO) type connection of a Vivo50 ventilator
using a 2-core wire cable. Each ventilator uses either type of
2.1 Tele-alarm experimental system connections.

The use of life supporting devices, such as an artificial


ventilator, at home is increasing rapidly. Accompanying this
use, emergency situations, such as accidents, are often
reported. It is required to equip networked alarms along with
the device uses at home. Artificial ventilators are used in
medical facilities under the management of caregivers, but
even there, it is better to have network functions to deal with
emergency situations. It is also important to have patient data
monitored by multiple caregivers who can respond quickly
to a change of a patient’s condition.

We have implemented a tele-alarm system in Figure 1 with


a patient care team consisting of medical doctors, nurses,
medical engineering staff, and so on to quickly respond to
alarms. Figure 2 - Alarm transmission via nurse-call connector

The NC method is safer than the NO method because the NC


can detect a hardware failure, such as a cable disconnect. The
NC method is preferable for a connection between a
ventilator and a gateway that transfers alarm data to an
outside network. The need for such a connection is evident,
but the interface to raise an alarm is not standardized yet.

Figure 1 - Tele-alarm system

The system supports multiple patients at home and multiple


caregivers and reduces the load of each caregiver, but we
found differences in the meanings of alarms among artificial
ventilators, and some devices do not have the interface
needed to deliver alarms remotely.

2.2 Proprietary alarm delivery function

Along with the number of uses, severe sequelae or death Figure 3 - Experimental scheme of vital signs and
cases are increasing because medical staff do not always alarm delivery
notice alarm events immediately.

– 60 –
ICT for Health: Networks, standards and innovation

It is important to determine the emergency condition of a


patient from the alarm category and vital signs data at the
same time when an alarm is raised. We used five off-the-
shelf artificial ventilators. The experimental transmission of
vital signs data and alarms is shown in Figure 3. We have
implemented the delivery of physiological data and alarm
signals by the following three methods depending on
available interfaces. The first type uses a USB or UART
interface to send data and alarm signals to a gateway (HT-
70plus manufactured by COVIDIEN Co., Ltd.-USA, Vivo
50 manufactured by BREAS Co., Ltd, Sweden). The second
Figure 5 - Medical IoT model and roles
type has only a nurse call. We converted the nurse call signal
to an alarm signal at a gateway and transmitted it to the
Internet (Monnal T50 manufactured by the IMI, France and In future medical IoT system, once consistent alarm
Trilogy 100 manufactured by Philips, Netherlands). The functions are standardized between medical devices used for
third type uses a LAN port to integrate physiological data the same purposes, information and instructions may go
and alarm signals and to send to a server. At the same time, directly to a medical device associated with the patient
the notification message is delivered to caregivers according through a caregiver such as a medical doctor and the patient
to the alarm level [5] (Figure 4). family member shown in Figure 5 [6]. The caregiver
analyzes data and information and sends instructions for the
device to the patient family member.

3. RELIABLE ALARM DELIVERY AND


OPTIMAL OPERATION

Reliability and efficiency are important for intractable-


disease patients in the hospital and at home. Alarms are used
to indicate when physiologic parameters monitored in
critically ill patients are abnormal. In typical cases, multiple
Figure 4 - Ventilators (left) and experimental ventilator
alarms are raised but are not specific to patient treatments.
using LAN (right) in test They have a negative impact on the quality of patient care.
Caregivers of patients need minimal and specific alarms
In addition to the connection interface, we acknowledged relevant to their patients’ conditions.
differences in the alarm-call signal tone, the alarm action
procedure, the alarm signal duration and flexibility in the
There are discussions on advantages of IoT devices in
alarm signal setting between them. These differences prevent
medical use. A medical IoT application can change the
home use. We need to standardize the device hardware operating conditions of an artificial ventilator according to
interface to provide safer alarming and the software interface the instruction of a medical doctor referencing data received
to translate alarm events into common meanings between
from various medical devices. At home, a family member is
medical devices used for the same medical purposes.
close to his or her patient and can provide quick actions
anywhere in the house when a home network is provided.
2.3 Medical IoT system at home The family member may be in another room in the house and
an alarm is transferred from network connecting medical
A Medical IoT system for a patient with intractable diseases devices to a home device in another home IoT network.
at home is expected to provide easy-to-use interfaces to the
caregivers. In the system, a highly-controlled medical device 3.1 System configuration
sends not only vital data but also information which is used
to set optimal parameters of the device depending on
An alarm delivery system consists of two components. LAN-
condition changes of the patient. The parameter changes
enabled components are made up of highly-controlled
should be done by a medical doctor, but at home it may be
medical devices, such as a pulse oximeter and artificial
difficult to work on them in a timely manner. ventilator, and a gateway in which an alarm platform
manages data and alarms including nurse call signals. The
alarm platform collects sensor data, alarm data and
emergency alerts, and it transfers this information to a smart
alarm IoT platform in a cloud. Alarms are transferred to the
home network IoT platform in the cloud and delivered to the
home network located in the same house that the LAN-
enabled system is in. Each medical device generates an alarm
event when conditions change, and those events come to the
gateway. The alarm and related information are analyzed and

– 61 –
2019 ITU Kaleidoscope Academic Conference

the results are delivered to a person close to the patient or to frequent, as shown in Table 1. The alarm is mainly caused
a remote person in the home IoT platform. by an intentional and temporal removal of the respiration
circuit by a caregiver for suction of sputum or change of the
patient’s body position. An accidental removal may also be
a possible reason. The second most frequent alarm is
peak_press_hi (peak air way pressure is higher than the
setting). This alarm is mainly caused by obstruction of the
air way by sputum or secretion. These alarms are clinically
important to prevent artificial ventilator associated accidents.

Table 1 - Frequency and duration of alarms

Figure 6 - Alarm delivery system configuration

3.2 Alarm analysis

We have implemented an alarm delivery system integrating


an artificial ventilator and pulse oximeter with cooperation
of the family of a pediatric patient with intractable disease 3.3 False alarm reduction
under the study approval at the ethics committee in Kiso
Hospital, Nagano, Japan. The patient was attached to an We found differences in alarm-related functions between
artificial ventilator and pulse oximeter at night. In order to artificial ventilators provided by different manufacturers. To
reduce false alarms, we collected and analyzed alarm data manage medical devices appropriately, we need to
from medical devices for one year from 1 June 2018 to 31 understand alarms of each device behavior, as there looks
May 2019. like there are no standard specifications to handle from
clinical viewpoints [7-8].
The total number of measured days was 327 days in the case
of the artificial ventilator and 269 days for the pulse oximeter. Our alarm delivery system analyzes alarm information, such
The existence of unmeasured days are caused by the patient’s as alarm signals and vital signs data, and provides the
social hospitalization to make caregivers rest and the information and data to the most appropriate caregivers. The
disconnection of cables between medical devices and the escalation service depending on the type of alarms and their
gateway. time duration may be needed to provide better and the most
suitable treatment for a patient.
For each alarm code, we summed up the number of times for
occurrence, frequency in a day and average duration. The The system deals with the following situations: An alarm
alarms on the pulse oximeter accounted for 90% of motion, condition happens, but it lasts a very short time, less than 2
and the frequency exceeded 1200 times per day as shown in seconds. The system should be smart enough not to raise a
Table 1. The alarm means the patient’s body movement and false alarm. The system also takes care of alarm timing. For
clinical emergency is low. We understood that the motion example, when an alarm condition lasts for a short time, the
should be reduced to prevent alarm fatigue of caregivers. system may not raise an alarm immediately; instead it raises
an alarm when the condition lasts beyond a threshold number
Five alarms (pulse_search, sensor_off, loss_of_pulse, of seconds.
loss_of_pulse_with_motion, no_sensor) associate with a
connection between sensors and a patient, and clinical We propose a prototype false-alarm reduction method using
emergency of these alarms are also low in short time. The the duration of pulse oximeter and artificial ventilator alarm
frequency of these alarms is 9.8% in the pulse oximeter. conditions. Alarm priority is determined by the alarm
Three alarms (spo2_lo, pulse_rate_lo, pulse_rate_high) duration, and there are different threshold durations for
associate with vital signs of a patient, and clinical emergency different kinds of alarm. If the alarm duration exceeds an
of these alarms are high. The frequency of these alarms is escalated threshold, the alarm managing state is escalated
0.6% in the pulse oximeter. from alarm-priority Low (L) to alarm-priority Middle (M) or
from M to alarm-priority High (H). The alarm priority and
In ventilator alarms, peak_press_insp_lo (peak air way escalation method are referred to IEC 60601-1-8 [9].
pressure on inspiration is lower than the setting) is the most

– 62 –
ICT for Health: Networks, standards and innovation

Figure 7 shows the relationship between three alarm Table 3 - Expected alarm reduction effect
priorities and the medical treatments. When an escalation
occurs, alarm priority changes from a lower level to a higher
level, as specified in Table 2.

4. CONCLUSION AND FUTURE WORKS


Figure 7 - Decision of alarm priority and medical treatment
assuming alarm-priority “Middle” We designed and implemented an alarm delivery system for
patients with intractable diseases that can be integrated with
Table 2 - Alarm priority and time duration for notification home networks used for medical IoT networks. We proposed
a prototype false-alarm reduction mechanism for highly-
controlled medical device systems including an artificial
ventilator. We investigated alarms for one year in
cooperation with a patient’s family. We focused on alarm
duration of alarm codes and decided initial and escalated
alarm priorities with trigger duration to notify caregivers
from a clinical viewpoint. We are currently working on the
next step of alarm optimization in systems having various
highly-controlled medical devices and on operational
optimization taking advantage of medical IoT network
features.
The motion alarm is removed 100%, because it appears very After that we need to tackle standardization of alarms and the
frequently with very low clinical emergency. When other treatments that are suitable for home use. The alarms are
alarms continue over the third quartile (75%) of duration of raised depending on medical devices manufactured by
the alarm code on Table 1, the system notifies caregivers as different companies. To use them at home, we need to
an initial alarm priority. The alarm time, then, lasts over two establish medical treatments following standard meanings
times that of the duration; alarm priority is escalated to upper for the same category of medical devices. There are
alarm priority. Alarms associated with the connection standards, such as IEEE 11073-10404[10] which is device
between sensors and a patient (pulse_search, sensor_off, specialization of a pulse oximeter on IEEE 11073-20601[11].
loss_of_pulse, loss_of_pulse_with_motion, no_sensor) start But it defines low-level specifications to connect to networks
from low emergency. Alarms associated with the and is not aimed at alarm management. There is still no
physiological status of a patient (spo2_lo, pulse_rate_lo, device specialization of artificial ventilators on IEEE 11073-
pulse_rate_high) start from middle priority. Three alarms 20601. IHE (Integrating the Healthcare Enterprise) PCD
(peak_press_insp_lo, peak_press_hi, insp_time_over_2) (patient care device) ACM (alarm communication model)
associated with patient respiration in the artificial ventilator profile based on HL7 [12] is directed for mainly hospital use,
start from middle priority. Other alarms in the artificial and seems to lack perspective of false alarm reduction. IEC
ventilator were omitted, because they are inner status 80001-2-5 [13] is application guidance of risk management
information of the artificial ventilator and the clinical on distributed alarm systems for IT-networks incorporating
meanings of the events are unclear from a clinical viewpoint. medical devices.
They are also of very short duration and low frequency. The
false alarm reduction rate of this method is estimated to be
We expect standards in both hardware interfaces and
95.5%, as shown in Table 3.
consistent alarm meanings used for patients with artificial
ventilators and their caregivers at homes to reduce false
In the current environment, all highly managed medical alarms and prevent missing alarms.
devices raise alarms when unusual conditions are detected,
even if the conditions are due to regular suction use. Lots of
alarms are raised and it may be difficult to find real alarms
among them. Caregivers, therefore, sometimes disable alarm
functions.

– 63 –
2019 ITU Kaleidoscope Academic Conference

5. ACKNOWLEDGMENTS [7] Muñoz-Bonet JI, López-Prats JL, Flor-Macián EM,


Cantavella T, Bonet L, Domínguez A, and Brines J,
This work was funded by the "Development of a smart-alarm "Usefulness of telemedicine for home ventilator-
system for improving the safety of ventilator-equipped child dependent children.", Journal of Telemedicine and
patients at home" R&D project of the fiscal year 2017/2020 Telecare 0(0) 1-9, 2018.
in the Strategic Information and Communications R&D
Promotion Programme (SCOPE) #172104101, Ministry of [8] Muñoz-Bonet JI, López-Prats JL, Flor-Macián EM,
Internal Affairs and Communications, Japan. Cantavella T, Bonet L, Domínguez A, and Brines J,
"Medical complications in a telemedicine home care
REFERENCES programme for paediatric ventilated patients.",
Journal of Telemedicine and Telecare 0(0) 1-12,
[1] Nicolino Ambrosino, Michele Vitacca et al.,”Tele- 2019.
monitoring of ventilator-dependent patients: a
European Respiratory Society Statement”, European [9] https://www.iso.org/standard/41986.html .
Respiratory Journal 2016 48: 648-663.
[10] https://www.iso.org/standard/54572.html .
[2] Ryota Inokuchi, Hajime Sato et al., “The proportion
of clinically relevant alarms decreases as patient [11] https://standards.ieee.org/content/ieee-
clinical severity decreases in intensive care units: a standards/en/standard/11073-20601-2019.html .
pilot study”, BMJ Open, 3(9), [e003354], bmjopen-
2013-003354, 2013. [12] http://www.hl7.org/ .

[3] Xiwei Xu, Liming Zhu et al., “Crying Wolf and [13] https://www.iso.org/standard/63718.html .
Meaning It: Reducing False Alarms in Monitoring of
Sporadic Operations through POD-Monitor”, DOI:
10.1109/COUFLESS.2015.18, 2015.

[4] Clinical Alarm Management Compendium, AAMI


Foundation, Nov. 2015.

[5] Kentaro Yoshikawa, Masaomi Takizawa and


Akinori Nakamura, “Alarm transmission system of
artificial respirator currently used”, JJTTA pp98-
101, 2016 (In Japanese).

[6] Masahiro Kuroda and Michiko Fukahori,


“Affordable M2M enabled e-health using standard
ban technology”, IEEE Healthcare Innovation
Conference 2014, pp276-279, 2014.

– 64 –
SESSION 4

DIGITAL HEALTH STRATEGIES

S4.1 Invited paper - Towards international standards for the evaluation of artificial intelligence
for health
S4.2 Redesigning a basic laboratory information system for the global south
S4.3 #RingingTheAlarm: Chronic "Pilotitis" stunts digital health in Nepal
S4.4 Designing national health stack for public health: Role of ICT-based knowledge
management system
TOWARDS INTERNATIONAL STANDARDS FOR THE EVALUATION OF
ARTIFICIAL INTELLIGENCE FOR HEALTH

Markus A. Wenzel1, Thomas Wiegand1,2

1
Fraunhofer Heinrich Hertz Institute, Berlin, Germany
2
Technische Universität Berlin, Berlin, Germany

ABSTRACT and journal branches to digital health with a focus on ML and


AI [cf. 5, 6, 7], and the English National Health Service has
Healthcare can benefit considerably from advanced created several guiding documents on AI in healthcare [8, 9,
information processing technologies, in particular from 10].
machine learning (ML) and artificial intelligence (AI).
However, the health domain only hesitantly adopts these The capacity of ML and AI for applications in healthcare is
powerful but complex innovations so far, because any founded upon the increasing availability of digital health
technical fault can affect people’s health, privacy, and data, which can be used to train and to apply advanced
consequently their entire lives. In this paper, we substantiate models, on increasingly powerful computing infrastructure,
that international standards are required for thoroughly potentially accessible from around the globe via the Internet.
validating AI solutions for health, by benchmarking their Available data include, e.g. radiology or microscope images,
performance. These standards might ultimately create well- free text, sensor time series, lab measurements, and other
founded trust in those AI solutions that have provided information stored in electronic health records. These data
conclusive evidence to be accurate, effective and reliable. enable ML and AI algorithms to learn to perform a wide
We give reasons that standardized benchmarking of AI range of recognition, early-detection, classification,
solutions for health is a necessary complement of established prediction, image-segmentation and image-reconstruction
assessment procedures. In particular, we demonstrate that it tasks that only humans had been able to perform previously
is beneficial to tackle this topic on a global scale and and that can now be automated very fast and at large scale
summarize the achievements of the first year of the with computers.
ITU/WHO focus group on “AI for Health” that has tasked
itself to work towards creating these evaluation standards. Medical image analysis is a large field of application for ML
methods [11, 12, 13]. For instance, ML models can recognize
Keywords – Artificial intelligence, benchmarking, lung nodules from radiology images [14], detect malaria
evidence, ITU-T, machine learning, medicine, from microscope images of blood samples [15], or classify
standards, validation, World Health Organization skin cancer based on dermoscopy images [16]. The models
can process electronic health records in order to categorize
1. HEALTH AI patients, make clinical decisions, predict patient trajectories
[17] or forecast the outcome [18], e.g. in the intensive care
Advanced information technologies from machine learning unit [19, 20]. From the electrocardiogram, algorithms can
(ML) and artificial intelligence (AI) have been attracting detect myocardial infarction and heart arrhythmia [21, 22].
much interest in the health domain lately. The recent global In addition, AI methods not rooted in ML can contribute to
strategy on digital health of the World Health Organization healthcare: Knowledge-based expert systems can ask
(WHO) mentions AI as technology that has “the potential to systematic questions about symptoms and advise on how to
enhance health significantly” [1]. Regulatory bodies, in proceed, e.g. recommend visiting a hospital immediately
particular the U. S. Food and Drug Administration, are [23]. Access via the Internet is a considerable driver for
beginning to permit AI-based medical devices [2, 3], and health AI technology because it makes novel types of health
start the discussion on the regulation of continuously delivery possible, as well as innovative business models, in
learning ML/AI-based medical software [4]. Renowned particular via mobile applications that can give expert advice
medical and scientific journals are dedicating special issues to virtually everyone, everywhere, e.g. based on text input,
camera or even cellphone-based, deep-learning-enhanced
microscopy [24].

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 67 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

In contrast to the growing interest and impressive exchanged liaison statements, in view of common use cases
advancements, the healthcare sector has only hesitantly addressed.
adopted these powerful innovations in practice so far,
because any technical fault can affect people’s health, The Institute of Electrical and Electronics Engineers (IEEE)
privacy, and lives [25]. Providing conclusive evidence about has established an “Artificial Intelligence Medical Device
the performance, reliability and limits of the ML/AI models Working Group” that has started working on two projects for
is required for harnessing the benefits of trustworthy new IEEE standards in 2018. “P2802” is a “Standard for the
solutions, while avoiding the risks of inadequate Performance and Safety Evaluation of Artificial Intelligence
implementations. Due to the high complexity of the ML/AI Based Medical Device: Terminology” and “P2801” is about
models and the addressed health tasks, it is not trivial to the “Recommended Practice for the Quality Management of
demonstrate conclusively whether a particular Datasets for Medical Artificial Intelligence” [30].
implementation solves a task adequately and reliably under
realistic conditions. For safe usage, it is of paramount The U. S. Consumer Technology Association (CTA) started
importance that future international standards can give clear a working group on “Artificial Intelligence in Health Care
recommendations about how to validate the models. These (R13 WG1)” in April 2019, with the participation of AT&T,
standards are expected to promote interoperability and Google, IBM, Philips, Samsung, and other companies [32].
dismantle trade barriers too. Moreover, the development of This initiative has “launched a new standards effort
these standards is in line with the Sustainable Development addressing The Use of Artificial Intelligence in Health Care:
Goals (SDG) of the United Nations (UN), in particular with Trustworthiness”. Moreover, CTA has released a “White
“SDG 3: Ensure healthy lives and promote wellbeing for all Paper on Use Cases in Artificial Intelligence” in December
at all ages” [26]. 2018, which includes use cases in healthcare [33].

2. INTERNATIONAL STANDARDIZATION The U. S. National Institute of Standards and Technology


ACTIVITIES RELATED TO AI (NIST) was directed by the President in February 2019 with
Executive Order 13859 to “issue a plan for Federal
Several standardization bodies have begun addressing the engagement in the development of technical standards and
subject area of AI over the past two years. The International related tools in support of reliable, robust, and trustworthy
Telecommunication Union (ITU) and the WHO are two systems that use AI technologies” [34]. NIST submitted the
specialized agencies of the UN authorized for creating global plan in August 2019 and recommends to “commit to deeper,
standards. ITU establishes standards (“Recommendations”) consistent, long-term engagement in AI standards
for information and communication technologies, which development activities (…) to speed the pace of reliable,
include ML and AI. WHO considers the “development of robust, and trustworthy AI technology development”. The
global guidelines ensuring the appropriate use of evidence” plan advises to “promote focused research to advance (…)
as a “core function” [27], e.g. “recommendations on the understanding of how aspects of trustworthiness can be
diagnosis and treatment of malaria” [28]. Standards setting practically incorporated within standards and standards-
organizations are aware that the multidisciplinary field of related tools”. In particular, the plan recommends to “spur
health AI requires cooperation. Therefore, ITU and WHO benchmarking efforts to assess the reliability, robustness,
have joined forces and have created a focus group on “AI for and trustworthiness of AI systems” and to “ensure that these
Health” in July 2018 [29]. The group has begun working benchmarks are widely available, result in best practices, and
towards establishing a rigorous evaluation process for AI improve AI evaluations and methods for verification and
solutions for health that a global community of experts–from validation” [35, 36].
health, ML, AI, regulation, ethics, industry and academia
supports, which comprises an important first step towards In China, “a joint effort by more than 30 academic and
international standards for AI in health. A dedicated section industry organizations overseen by the Chinese Electronics
below presents this joint global standardization activity in Standards Institute” published an “Artificial Intelligence
more detail. The authors are members of the focus group. Standardization White Paper” in January 2018 [37, 38].
“Clinical medical imaging diagnosis” is mentioned as one of
The International Organization for Standardization (ISO) ten “real-world AI commercial application cases” according
subcommittee ISO/IEC JTC 1/SC 42 “Artificial intelligence” to a review available in English [39].
[31] has been developing a framework for AI systems using
ML (ISO/IEC WD 23053), addressing AI concepts and The European Committee for Standardization (CEN) and the
terminology (ISO/IEC WD 22989) and AI risk management European Committee for Electrotechnical Standardization
(ISO/IEC AWI 23894). Furthermore, ISO is working on (CENELEC) “launched a new Focus Group on Artificial
robustness (ISO/IEC NP TR 24029-1), trustworthiness Intelligence” in April 2019 [40] as a “starting point to
(ISO/IEC PDTR 24028), bias (ISO/IEC NP TR 24027) and support the identification of specific European
use cases (ISO/IEC NP TR 24030) in AI. While these Standardization needs”. Additionally, the EU High-Level
documents address AI in more general terms, the use cases Expert Group on AI published “Ethics Guidelines for
include healthcare applications too. Again, standard setting Trustworthy Artificial Intelligence” in April 2019 with
organizations are beginning to cooperate: ISO/IEC JTC 1/SC “technical robustness and safety” as one of seven key
42 “AI” and the ITU/WHO focus group have recently requirements for trustworthy AI [41]. In Germany, the

– 68 –
ICT for Health: Networks, standards and innovation

Deutsches Institut für Normung (DIN) began drafting an “AI Typically, AI serves as a multivariable prediction model that
roadmap” in May 2019 “to create a framework for action for maps multidimensional input variables to one or
standardization” [42]. DIN has also founded an multidimensional output variables, e.g. pictures to disease
interdisciplinary AI Working Committee [43] and is working classification codes. Accordingly, the TRIPOD statement for
on two DIN SPECs related to AI [44, 45]. the “transparent reporting of a multivariable prediction
model for individual prognosis or diagnosis” can serve as a
Large companies lead the field in the area of AI and have landmark for AI methods too. These guidelines have been
started joint activities on safe AI, which potentially can published by the EQUATOR Network, an organization
establish de-facto standards fast. The “Partnership on aiming to enhance the quality and transparency of health
Artificial Intelligence to Benefit People and Society” is led research [49, 50, 51]. Cf. [52] for a discussion about how the
by representatives from large technology firms and several TRIPOD statement relates to AI.
other member organizations, also from academia and civil
society. The first goal of this initiative is “to develop and ML/AI models are implemented as pieces of software and
share best-practice methods and approaches in the research, hence belong to digital technologies in almost all cases (in
development, testing, and fielding of AI technologies”. This principle, they can be analogue hardware, too [53]). The
includes addressing “the trustworthiness, reliability, International Medical Device Regulators Forum has outlined
containment, safety, and robustness of the technology”. They principles for the clinical evaluation of software as a medical
are particularly interested in “safety-critical application areas” device in a draft from 2017 [54]. Three main topics structure
and mention healthcare as an example [46]. this clinical evaluation process: (a) Assuring that there is a
“valid clinical association” between the software output and
The “OpenAI” research center, which is well known in the the “targeted clinical condition”. (b) Correct processing of
ML/AI research community and backed by large investors, the “input data to generate accurate, reliable, and precise
has recently published a policy paper on “the role of output data”. (c) Achieving the “intended purpose in your
cooperation in responsible AI development”, “across target population in the context of clinical care” using the
organizational and national borders”, discussing “joint software output data. The English National Institute for
research into the formal verification of AI systems’ Health and Care Excellence (NICE) has published an
capabilities and other aspects of AI safety”. In particular, “evidence standards framework for digital health
they mention “various applied ‘AI for good’ projects whose technologies” in March 2019 [55]. This document
results might have wide ranging and largely positive “describes standards for the evidence (…) of effectiveness
applications (e.g. in domains like [...] health); coordinating relevant to the intended use(s) of the technology”. Moreover,
on the use of particular benchmarks; joint creation and the document states that the framework is applicable to
sharing of datasets that aid in safety research”. Moreover, digital health technologies “that incorporate artificial
they raise the question of the role of “standardization bodies intelligence using fixed algorithms”, excluding adaptive AI
in resolving collective action problems between companies”, algorithms.
in particular internationally [47]. OpenAI claims, “AI
companies can work to develop industry norms and 4. ML/AI PERFORMANCE EVALUATION
standards that ensure systems are developed and released
only if they are safe, and can agree to invest resources in The ML/AI models are expected to return meaningful results
safety during development and meet appropriate standards that are accurate, plausible and reliable, when processing
prior to release”. They “anticipate that identifying similar completely novel data points that the model has never seen
mechanisms to improve cooperation on AI safety between before, during the actual usage in the “real world”. Out-of-
states and with other non-industry actors will be of sample tests make it possible to assess this capability to some
increasing importance in the years to come” [48]. degree, if the tests are conducted appropriately. These tests
can be largely conducted in silico, at least as a first step,
3. VALIDATING DIGITAL HEALTH without posing the potential hazards of clinical trials, by
TECHNOLOGIES confronting the model with previously recorded test samples,
and by comparing the model output with the “ground truth”
Previous work can provide orientation for future for the respective task. This characteristic allows conducting
international standards for the validation of novel ML/AI- systematic tests at large scale (e.g. using databases with
based health technologies. Physicians, regulators, scientists thousands of MRT images), replicable and fast (e.g. in the
and engineers have long-ranging experience in dealing with case of software updates, or adaptive algorithms).
complex safety-critical health interventions and technologies
that require careful validation checks prior to usage. These The machine learning community evaluates the performance
technologies include, for instance, clinical interventions, of ML/AI models usually as follows: First, the model is
surgical procedures, pharmaceutics, medical devices and tested out-of-sample, but in-house, by splitting the available
software. Randomized controlled clinical trials, peer-review data in a training and a test set, often in a cross-validation
of scientific literature and standard tests in accredited testing scheme. The trained model computes labels or other output
laboratories are examples of well-established methods for variables from the input data of the test set, which are
assessing these interventions, substances or devices. statistically compared with the “true” labels or annotations
(the comparison is summarized in a score). Then, method

– 69 –
2019 ITU Kaleidoscope Academic Conference

and in-house test results are reported in a scientific paper that ML/AI evaluation are still missing. Standardization bodies
is reviewed by peers for publication in a journal or have merely started to address health ML/AI technologies (cf.
conference proceeding. Occasional open-source releases of section 2). Principles for prediction models, software and
the software code can allow the reviewers and other peers to digital health technologies can provide some overall
reproduce the results, in principle. Yet, the model orientation (section 3), but can only serve as a starting point,
performance is evaluated in-house only in many cases, e.g. and need to be transferred to the characteristics of the novel
because the code/model is not published or because of legal technologies. State-of-the-art procedures for ML/AI
or other barriers to share the test data. Therefore, it remains performance evaluation are a sound foundation, but the
unclear if the evaluation was conducted properly, if common limits discussed in section 4 need to be addressed.
pitfalls were avoided [cf. 56] such as leakage between test
and training data, or if the test data set was (un)intentionally The mission of the ITU/WHO focus group on “AI for Health”
curated, which can all result in overestimating the model is to undertake crucial steps towards evaluation standards
performance and in spurious results. Performance reports of that are applicable on a global scale, an approach that offers
different models can often not be compared, because of substantial potential for synergies. A large number of
individual data preprocessing and filtering. This problem is national regulatory institutions, public health institutes,
even more severe for commercial AI developers that physicians, patients, developers, health insurances, licensees,
typically refrain from publishing details of their methods or hospitals and other decision-makers around the globe can
the code [57]. profit from a common, standardized benchmarking
framework for health ML/AI. Standards live on being
For a range of tasks, human experts are required to label or sustained by a broad community. Therefore, the focus group
annotate the test data. In fact, experts can disagree, which is creating an ecosystem of diverse stakeholders from
leads to questions related to the so called “ground truth” or industry, academia, regulation, and policy with a common,
“gold standard”. How many experts of which level of substantial interest in health ML/AI benchmarking. ITU and
expertise [57] need to be asked? Crucially, in-house test data WHO officials monitor and document the overall process.
are often very similar to the training data, e.g. when Since its foundation in July 2018, the focus group has been
originating from the same measurement device, due to organizing a series of free workshops with subsequent multi-
practical reasons (cost, time, access and legal hurdles). day meetings in Europe, North America, Asia, Africa and
Therefore, the capacity of the AI to generalize to potentially India (and South America in January 2020) every two or
different, previously unseen data is often unclear, e.g. to data three months for engaging the regional communities.
from other laboratories, hospitals, regions or countries [cf. Participation in the focus group is encouraged by attending
58]. the events on site or via the Internet remotely. In addition,
further virtual collaboration allows for carrying forward
Researchers from the medical and machine learning work in between meetings. These online participation
communities are aware of these open questions and problems. possibilities and the generous support from a charitable
The medical journal “The Lancet - Digital Health” sets a foundation, with travel grants for priority regions, foster the
good example and requires “independent validation for all global participation, considering time and resource
AI studies that screen, treat, or diagnose disease” [59]. constraints.
Machine learning scientists urge towards reproducibility and
replicability by organizing challenges (also known as The structure of FG-AI4H is shown below, Figure 1. Two
competitions), where an independent, neutral arbiter types of sub-groups are generating the main deliverables:
evaluates the AI on a separate test data set [e.g. 60]. These working groups (WGs) and topic groups (TGs).
challenges are conducted at scientific conferences (e.g.
NeurIPS, MICCAI, CVPR, SPIE, etc.) and on Internet
platforms (e.g. Kaggle, AIcrowd, EvalAI, DREAM
Challenges, Grand Challenge etc.). Challenge design is not
trivial and research shows that many design decisions can
have a large impact on the benchmarking outcome [61].
Aspects beyond mere performance have not been addressed
sufficiently so far, including the benchmarking of robustness
[62], and of uncertainty [63], which is important for the
practical application in healthcare. Moreover, further in-
depth discussions with domain experts, e.g. physicians, are
required, in order to find out if the used evaluation metrics
are actually relevant with meaningful (clinical) endpoints
Figure 1 – Structure of FG-AI4H
[64].
WGs consider matters such as data and AI solution handling,
5. ITU/WHO FOCUS GROUP ON AI FOR HEALTH
assessment methods, health requirements, operations, and
regulatory considerations. Many of these matters are cross-
While there is considerable experience and previous work to
cutting subjects that affect a specific aspect of an AI for
build upon, generally accepted, impartial standards for health

– 70 –
ICT for Health: Networks, standards and innovation

health application. The deliverables of the WGs are planned topics and the specific problems involved with a number of
to be a number of documents that cover topics including: AI for health tasks and data modalities. At present, the topic
• AI ethical considerations, groups address AI-based cardiovascular disease risk
• AI legal consideration, prediction, dermatology, histopathology, outbreak detection,
• AI software life-cycle, ophthalmology, radiotherapy, symptom assessment,
• reference data annotation specification, tuberculosis prognostics/diagnostics and several further
• training and test data specification, domains. In each topic group, different stakeholders,
• AI training process specification, including competing companies, with a common interest in
the topic are working together. “Calls for topic group
• AI test process specification,
participation” are published on the website
• AI test metric specification, and
(https://www.itu.int/go/fgai4h), introduce the respective
• AI post-market adaptation and surveillance
topic group and invite participation. The creation of many
specification.
other topic groups in response to the open “call for proposals:
use cases, benchmarking, and data” is expected. Selection
An overview of the technical output of the WGs is given in criteria include the prospect for a widespread and, ideally,
Figure 2. global impact, a clear concept described in sufficient detail,
and preliminary evidence for feasibility.

Every topic group defines its scope, the specific ML/AI tasks
and the evaluation procedures with corresponding test data
and metrics in a topic description document in full detail.
Statistical metrics for assessing the model performance are,
e.g. precision, specificity, F1 score and area under curve, but
can be multiple or combined metrics too [61]. In particular,
it should be assured that the (e.g. clinical) endpoints are
Figure 2 − Overview of the technical output of the WGs meaningful in practice. Further criteria should be considered,
e.g. robustness to noise and to other variations in the input
The WG data and AI solution assessment methods reviews data [62], or to manipulations [65]. Humans prefer
the topic description documents (see below), in collaboration transparent decision-making: Can the model adequately
with independent experts with substantial records of quantify the uncertainty [63] and plausibly explain the
accomplishment in the respective health topic, with decision [66, 67]? These criteria beyond mere performance
proficient knowledge in ML/AI, and with transversal should also be considered.
competences from areas such as ethics and statistics. During
a repeated review cycle, the working group and the experts The topic description document must capture a range of
check that the topic description documents are accurate, aspects related to the test data, because they determine
complete, sound, understandable and objective, and give largely if the evaluation procedure is appropriate and
according feedback for improvement to the respective topic meaningful. The procedure can return conclusive results if,
group and the entire focus group. The WG is in charge of and only if, the test data are realistic, i.e. close to the actual
providing a number of technical deliverables, given above. application, of representative coverage, and of traceable
provenance from different sources. Data acquisition must be
The working group data and AI solution handling takes transparently documented in full detail [cf. 68], including
charge for a range of tasks related to conducting the tests, annotation guidelines, for reproducibility, replicability, and
which requires bringing the test data and the to-be-tested AI scalability. All ethical and legal questions related to the
solutions together. Relevant aspects include, e.g. transfer acquisition, storage and processing of health data must be
agreements, secure data and solution transfer, data checks, taken into careful consideration. Bias must be controlled and
IT infrastructure, access rights, traceability, IT security, test documented clearly. The document shall specify quality and
implementation and report generation. quantity criteria for the test data, including corresponding
references. The annotation needs to be conducted by experts
The working group for regulatory considerations is involved with a defined level of expertise, with potentially several
in the entire process, with representatives of FDA (USA), independent annotations per sample (if applicable).
CMDE/ NMPA (China), CDSCO (India), EMA (Europe) Technical matters, e.g. data formats [cf. 69, 70] and data
and BfArM (Germany) so far. In close collaboration with the management [71], need to be specified. A reference model
WHO, the working group facilitates subsequent steps (e.g. can potentially be defined (e.g. “average human performance
AI testing process specification, clinical evaluation, for this task”, “best in class”). Limiting factors for data
certification etc.) towards deployment of the health AI availability should be referred to, such as finances or time.
solution in practice. The plan detailed in the topic description document must be
implemented in practice. The test data must be provided or
The topic groups, TGs, take charge of specific health acquired, and measures for quality assurance taken. The
domains with corresponding ML/AI tasks. They are evaluation routine must be implemented, and the code
providing the connection of the WGs with actual health published together with at least a few example data with

– 71 –
2019 ITU Kaleidoscope Academic Conference

references (e.g. annotated images) to enable the developers [29] and a white paper on the website, where also the full
carrying out a trial run of their code. documentation of all previous meetings is published.

For a clean and fair evaluation, a trusted third party should 6. OUTLOOK
receive the trained model, as independent arbiter, and
conduct the tests on data that have never been published In summary, the ITU/WHO focus group on “AI for Health”
before. This cautious procedure prevents unfair conduct, e.g. has taken the first exploratory steps towards international
tuning the model for optimal performance on this particular health ML/AI evaluation standards. For the future, we expect
test set (“overfitting”), without actually being able to that a wide spectrum of health ML/AI topics will be
generalize well to real-world data, which can be expected in addressed and that insights from the evaluation will be
practice. Therefore, widely available, public data sets cannot brought back to research and development. The evaluation
be used for the evaluation and the entire test data set must procedure will be continuously refined in a repeated cycle,
remain secret, i.e. neither labeled nor unlabeled test data considering further quality criteria beyond mere
should be made available. The model performance should be performance, and including high quality test data with
evaluated in a closed computing environment without increasing geographic coverage. For the years to come, we
Internet access. Otherwise, test data could be leaked, against also anticipate further deepening of cooperation on ML/AI
the rules, and the model be tweaked on the test data. Besides, between standard setting organizations. While the
leaderboard probing and other potential pitfalls known from standardization activities on ML/AI differ in their thematic
ML challenges must be kept in mind [72, 73]. The trusted scope and particular objective (see section 2), they can profit
third party is responsible to protect both test data and ML/AI from collaboration, because different application areas of
model. The test data have to remain secret for subsequent ML/AI often share problems and data modalities. For
meaningful testing and the AI models may contain business- instance, assuring robust automatic image interpretation can
relevant trade secrets of the developer. be relevant for a range of safety-critical application domains,
and is not limited to healthcare. At the same time, a generic
In this spirit, focus group members have conducted a first approach is often not possible, because the cross-sectional
proof-of-concept benchmark for digital pathology, where an ML/AI technologies require cooperation with the respective
ML/AI model can provide diagnostic support by quantifying domain experts. A good example for this multidisciplinary
tumor infiltrating lymphocytes in breast cancer, from whole cooperation is the joint focus group of ITU and WHO, which
slide histopathology images, which is relevant for prognosis brings together expertise from information technology and
and therapy selection [cf. 74, 75]. The topic group had health standardization bodies. In particular, this initiative
defined the evaluation task and procedure, and had acquired shows that global collaboration can leverage synergy effects,
and annotated test data. The developer had trained a model since many relevant issues are common across the world.
on own training data to predict the annotations that a
pathologist would give from the images. A focus group REFERENCES
member as arbiter provided the computing infrastructure
according to specifications of the developer (here a desktop [1] World Health Organization (2019) Global Strategy
computer with a certain graphics processing unit, operating on Digital Health 2020-2024. Retrieved from
system, package manager, and ML framework installed) and https://www.who.int/DHStrategy
granted the developer access via the Internet to install the
prediction routine. Few annotated example data enabled the [2] U.S. Food and Drug Administration (2018). FDA
developer to test the prediction routine. After disconnecting News Release. Retrieved from
the computer from the Internet, the arbiter uploaded https://www.fda.gov/news-events/press-
undisclosed test data, directly received from the topic group, announcements/fda-permits-marketing-artificial-
on the machine, and executed the prediction routine, which intelligence-based-device-detect-certain-diabetes-
processed the data and predicted the annotations. Finally, related-eye
scores (true positive rate and true negative rate) were
computed by comparison with the reference annotations, and [3] Mesko, B. (2019). FDA Approvals For Smart
reported back to the topic group and the developer. Naturally, Algorithms In Medicine In One Giant Infographic.
this manual procedure can be automatized and scaled, e.g. The Medical Futurist. Retrieved from
with one of the ML challenge frameworks mentioned in https://medicalfuturist.com/fda-approvals-for-
section 4, potentially installed on a server on ITU or UN algorithms-in-medicine
premises.
[4] U. S. Food and Drug Administration (2019).
Interaction with further health institutions will be Proposed Regulatory Framework for Modifications
strengthened, potentially, e.g., with the International to Artificial Intelligence/Machine Learning
Association of National Public Health Institutes, the (AI/ML)-Based Software as a Medical Device
InterAcademy Partnership and the World Health Summit. (SaMD) - Discussion Paper and Request for
Further information about the scope and general process of Feedback. Retrieved from
the focus group can be found in a commentary in The Lancet https://www.regulations.gov/document?D=FDA-
2019-N-1185-0001

– 72 –
ICT for Health: Networks, standards and innovation

[5] Editorial (2019). Medicine in the digital age. Nature [15] Park, H. S., Rinehart, M. T., Walzer, K. A., Chi, J.
Medicine, 25, 1. https://doi.org/10.1038/s41591-018- T. A., & Wax, A. (2016). Automated detection of P.
0322-1 falciparum using machine learning algorithms with
quantitative phase images of unstained cells. PloS
[6] Editorial (2019) Machine Learning in Medicine. one, 11(9), e0163045.
Nature Materials 18, 407. https://doi.org/10.1371/journal.pone.0163045
https://doi.org/10.1038/s41563-019-0360-1
[16] Esteva, A., Kuprel, B., Novoa, R. A., Ko, J.,
[7] Editorial (2019). A digital (r)evolution: introducing Swetter, S. M., Blau, H. M., & Thrun, S. (2017).
The Lancet Digital Health. The Lancet Digital Dermatologist-level classification of skin cancer
Health, 1(1). https://doi.org/10.1016/S2589- with deep neural networks. Nature, 542(7639), 115.
7500(19)30010-X https://doi.org/10.1038/nature21056

[8] Trendall, S. (2019). NHSX to create policy guide for [17] Ching, T., Himmelstein, D. S., Beaulieu-Jones, B.
use of AI in healthcare. Public Technology. K., Kalinin, A. A., Do, B. T., Way, G. P., ... & Xie,
Retrieved from W. (2018). Opportunities and obstacles for deep
https://www.publictechnology.net/articles/news/nhs learning in biology and medicine. Journal of The
x-create-policy-guide-use-ai-healthcare Royal Society Interface, 15(141), 20170387.
https://doi.org/10.1098/rsif.2017.0387
[9] Dunbar, K. (2019). New guidance for AI in
screening. Public Health England Screening Blog. [18] Norgeot, B., Glicksberg, B. S., Trupin, L., Lituiev,
Retrieved from D., Gianfrancesco, M., Oskotsky, B., ... & Butte, A.
https://phescreening.blog.gov.uk/2019/03/14/new- J. (2019). Assessment of a deep learning model
guidance-for-ai-in-screening based on electronic health record data to forecast
clinical outcomes in patients with rheumatoid
[10] UK Department of Health and Social Care (2019). arthritis. JAMA network open, 2(3), e190606-
New code of conduct for artificial intelligence (AI) e190606.
systems used by the NHS. GOV.UK. Retrieved from https://doi.org/10.1001/jamanetworkopen.2019.0606
https://www.gov.uk/government/news/new-code-of-
conduct-for-artificial-intelligence-ai-systems-used- [19] Meiring, C., Dixit, A., Harris, S., MacCallum, N. S.,
by-the-nhs Brealey, D. A., Watkinson, P. J., ... & Singer, M.
(2018). Optimal intensive care outcome prediction
[11] Litjens, G., Kooi, T., Bejnordi, B. E., Setio, A., over time using machine learning. PloS one, 13(11),
Ciompi, F., Ghafoorian, M., ... & Sánchez, C. I. e0206862.
(2017). A survey on deep learning in medical image https://doi.org/10.1371/journal.pone.0206862
analysis. Medical image analysis, 42, 60-88.
https://doi.org/10.1016/j.media.2017.07.005 [20] Nemati, S., Holder, A., Razmi, F., Stanley, M. D.,
Clifford, G. D., & Buchman, T. G. (2018). An
[12] Shen, D., Wu, G., & Suk, H. I. (2017). Deep Interpretable Machine Learning Model for Accurate
learning in medical image analysis. Annual review of Prediction of Sepsis in the ICU. Critical care
biomedical engineering, 19, 221-248. medicine, 46(4), 547-553.
https://doi.org/10.1146/annurev-bioeng-071516- https://dx.doi.org/10.1097/CCM.0000000000002936
044442
[21] Strodthoff, N., & Strodthoff, C. (2019). Detecting
[13] Esteva, A., Robicquet, A., Ramsundar, B., and interpreting myocardial infarction using fully
Kuleshov, V., DePristo, M., Chou, K., Cui, C., convolutional neural networks. Physiological
Corrado, G., Thrun, S. & Dean, J. (2019). A guide to measurement, 40(1). https://doi.org/10.1088/1361-
deep learning in healthcare. Nature medicine, 25(1), 6579/aaf34d
24. https://doi.org/10.1038/s41591-018-0316-z
[22] Hannun, A. Y., Rajpurkar, P., Haghpanahi, M.,
[14] Setio, A. A. A., Traverso, A., De Bel, T., Berens, M. Tison, G. H., Bourn, C., Turakhia, M. P., & Ng, A.
S., van den Bogaard, C., Cerello, P., ... & van der Y. (2019). Cardiologist-level arrhythmia detection
Gugten, R. (2017). Validation, comparison, and and classification in ambulatory electrocardiograms
combination of algorithms for automatic detection of using a deep neural network. Nature medicine,
pulmonary nodules in computed tomography 25(1), 65. https://doi.org/10.1038/s41591-018-0268-
images: the LUNA16 challenge. Medical image 3
analysis, 42, 1-13.
https://doi.org/10.1016/j.media.2017.06.015

– 73 –
2019 ITU Kaleidoscope Academic Conference

[23] Semigran, H. L., Linder, J. A., Gidengil, C., & [34] Trump, D. J. (2019). Executive Order on
Mehrotra, A. (2015). Evaluation of symptom Maintaining American Leadership in Artificial
checkers for self diagnosis and triage: audit study. Intelligence. Retrieved from
BMJ, 351, h3480. https://doi.org/10.1136/bmj.h3480 https://www.whitehouse.gov/presidential-
actions/executive-order-maintaining-american-
[24] Rivenson, Y., Ceylan Koydemir, H., Wang, H., Wei, leadership-artificial-intelligence/
Z., Ren, Z., Günaydın, H., ... & Ozcan, A. (2018).
Deep learning enhanced mobile-phone microscopy. [35] U. S. National Institute of Standards and Technology
Acs Photonics, 5(6), 2354-2364. (2019a). U.S. Leadership in AI: A Plan for Federal
https://doi.org/10.1021/acsphotonics.8b00146 Engagement in Developing Technical Standards and
Related Tools. Prepared in response to Executive
[25] He, J., Baxter, S. L., Xu, J., Xu, J., Zhou, X., & Order 13859.
Zhang, K. (2019). The practical implementation of Retrieved from
artificial intelligence technologies in medicine. https://www.nist.gov/sites/default/files/documents/2
Nature medicine, 25(1), 30. 019/08/10/ai_standards_fedengagement_plan_9aug2
https://doi.org/10.1038/s41591-018-0307-0 019.pdf

[26] United Nations (2015). United Nations Sustainable [36] U. S. National Institute of Standards and Technology
Development Goals. Retrieved from (2019b). Plan Outlines Priorities for Federal Agency
https://www.un.org/sustainabledevelopment/sustaina Engagement in AI Standards Development.
ble-development-goals/ Retrieved from https://www.nist.gov/news-
events/news/2019/08/plan-outlines-priorities-
[27] World Health Organization. WHO guidelines federal-agency-engagement-ai-standards-
approved by the Guidelines Review Committee. development
Retrieved from
https://www.who.int/publications/guidelines/ [37] Ding, J. and Triolo, P. (2018). Translation: Excerpts
from China’s ‘White Paper on Artificial Intelligence
[28] World Health Organization. (2015). Guidelines for Standardization’. New America DigiChina Blog.
the treatment of malaria. World Health Retrieved from
Organization. Retrieved from https://www.newamerica.org/cybersecurity-
https://www.who.int/malaria/publications/atoz/9789 initiative/digichina/blog/translation-excerpts-chinas-
241549127/en/ white-paper-artificial-intelligence-standardization/

[29] Wiegand, T., Krishnamurthy, R., Kuglitsch, M., Lee, [38] China Electronics Standards Institute (2018).
N., Pujari, S., Salathé, M., Wenzel, M. & Xu, S. Artificial Intelligence Standardization White Paper.
(2019). WHO and ITU establish benchmarking Retrieved from
process for artificial intelligence in health. The www.cesi.ac.cn/images/editor/20180118/201801180
Lancet, 394(10192), 9-11. 90346205.pdf
https://doi.org/10.1016/S0140-6736(19)30762-7
[39] Han, M. (2018). China Aims to Get the Jump on AI
[30] IEEE Artificial Intelligence Medical Device Standardization. Synced. Retrieved from
Working Group (EMB/Stds Com/AIMDWG). https://syncedreview.com/2018/01/25/china-aims-to-
Retrieved from https://sagroups.ieee.org/aimdwg/ get-the-jump-on-ai-standardization/

[31] ISO/IEC JTC 1/SC 42 Artificial intelligence. [40] Briard, I. (2019). CEN and CENELEC launched a
Retrieved from new Focus Group on Artificial Intelligence. CEN
https://www.iso.org/committee/6794475.html CENELEC News. Retrieved from
https://www.cencenelec.eu/news/articles/Pages/AR-
[32] Consumer Technology Association (2019). CTA 2019-001.aspx
Brings Together Tech Giants, Trade Associations to
Improve Efficiencies in AI and Health Care. CTA [41] Independent High-Level Expert Group On Artificial
Press Releases. Retrieved from Intelligence Set Up By The European Commission
https://www.cta.tech/News/Press- (2019). Ethics Guidelines For Trustworthy AI.
Releases/2019/April/CTA-Brings-Together-Tech- European Commission Digital Single Market News.
Giants,-Trade-Association.aspx Retrieved from https://ec.europa.eu/digital-single-
market/en/news/ethics-guidelines-trustworthy-ai
[33] Consumer Technology Association (2018). CTA
Releases White Paper on Use Cases in Artificial
Intelligence. CTA Standards News. Retrieved from
https://standards.cta.tech/kwspub/home/

– 74 –
ICT for Health: Networks, standards and innovation

[42] DIN Deutsches Institut für Normung e. V. (2019a). [52] Collins, G. S., & Moons, K. G. (2019). Reporting of
DIN to develop AI standardization roadmap. DIN artificial intelligence prediction models. The Lancet,
Press Releases. Retrieved from 393(10181), 1577-1579.
https://www.din.de/en/din-and-our- https://doi.org/10.1016/S0140-6736(19)30037-6
partners/press/press-releases/din-to-develop-ai-
standardization-roadmap-330542 [53] Khoram, E., Chen, A., Liu, D., Ying, L., Wang, Q.,
Yuan, M., & Yu, Z. (2019). Nanophotonic media for
[43] DIN Deutsches Institut für Normung e. V. (2018). artificial neural inference. Photonics Research, 7(8),
Interdisciplinary DIN Working Committee 823-827. https://doi.org/10.1364/PRJ.7.000823
“Artificial Intelligence”. Retrieved from
https://www.din.de/en/innovation-and- [54] International Medical Device Regulators Forum
research/artificial-intelligence/ai-working-committee (2017). Software as a Medical Device (SaMD):
Clinical Evaluation. Retrieved from
[44] DIN Deutsches Institut für Normung e. V. (2019). http://www.imdrf.org/docs/imdrf/final/technical/imd
DIN SPEC 92001-1:2019-04 Artificial Intelligence - rf-tech-170921-samd-n41-clinical-evaluation_1.pdf
Life Cycle Processes and Quality Requirements -
Part 1: Quality Meta Model. [55] The English National Institute for Health and Care
https://dx.doi.org/10.31030/3050203 Excellence (2019). Evidence Standards Framework
for Digital Health Technologies. Retrieved from
[45] DIN Deutsches Institut für Normung e. V. (2019). https://www.nice.org.uk/Media/Default/About/what-
DIN SPECs on Artificial Intelligence. Retrieved we-do/our-programmes/evidence-standards-
from https://www.din.de/en/innovation-and- framework/digital-evidence-standards-
research/artificial-intelligence/ai-din-spec framework.pdf

[46] Partnership on AI to Benefit People and Society [56] Lemm, S., Blankertz, B., Dickhaus, T., & Müller, K.
(2019). Retrieved from R. (2011). Introduction to machine learning for brain
https://www.partnershiponai.org/ imaging. Neuroimage, 56(2), 387-399.
https://doi.org/10.1016/j.neuroimage.2010.11.004
[47] Askell, A., Brundage, M., & Hadfield, G. (2019).
The Role of Cooperation in Responsible AI [57] Jacobs, C., & van Ginneken, B. (2019). Google’s
Development. arXiv preprint. lung cancer AI: a promising tool that needs further
https://arxiv.org/abs/1907.04534 validation. Nature Reviews Clinical Oncology, 1.
https://doi.org/10.1038/s41571-019-0248-7
[48] Askell, A., Brundage, M., & Clark, J. (2019). Why
Responsible AI Development Needs Cooperation on [58] Couzin-Frankel, J. (2019). Medicine contends with
Safety. OpenAI Blog. Retrieved from how to use artificial intelligence. Science,
https://openai.com/blog/cooperation-on-safety/ 364(6446), 1119-1120.
https://doi.org/10.1126/science.364.6446.1119
[49] Collins, G. S., Reitsma, J. B., Altman, D. G., &
Moons, K. G. (2015). Transparent reporting of a [59] Editorial (July 2019). Walking the tightrope of
multivariable prediction model for individual artificial intelligence guidelines in clinical practice.
prognosis or diagnosis (TRIPOD): the TRIPOD The Lancet Digital Health, 1(3), Pe100.
statement. BMC medicine, 13(1), 1. https://doi.org/10.1016/S2589-7500(19)30063-9
https://doi.org/10.1186/s12916-014-0241-z
[60] Saez-Rodriguez, J., Costello, J. C., Friend, S. H.,
[50] Moons, K. G., Altman, D. G., Reitsma, J. B., Kellen, M. R., Mangravite, L., Meyer, P., ... &
Ioannidis, J. P., Macaskill, P., Steyerberg, E. W., ... Stolovitzky, G. (2016). Crowdsourcing biomedical
& Collins, G. S. (2015). Transparent Reporting of a research: leveraging communities as innovation
multivariable prediction model for Individual engines. Nature Reviews Genetics, 17(8), 470.
Prognosis or Diagnosis (TRIPOD): explanation and https://doi.org/10.1038/nrg.2016.69
elaboration. Annals of internal medicine, 162(1),
W1-W73. https://doi.org/10.7326/M14-0698 [61] Maier-Hein, L., Eisenmann, M., Reinke, A., Onogur,
S., Stankovic, M., Scholz, P., ... & Feldmann, C.
[51] Heus, P., Damen, J. A., Pajouheshnia, R., Scholten, (2018). Why rankings of biomedical image analysis
R. J., Reitsma, J. B., Collins, G. S., ... & Hooft, L. competitions should be interpreted with care. Nature
(2019). Uniformity in measuring adherence to communications, 9(1), 5217.
reporting guidelines: the example of TRIPOD for https://doi.org/10.1038/s41467-018-07619-7
assessing completeness of reporting of prediction
model studies. BMJ open, 9(4), e025611. [62] Michaelis, C., Mitzkus, B., Geirhos, R., Rusak, E.,
https://doi.org/10.1136/bmjopen-2018-025611 Bringmann, O., Ecker, A. S., ... & Brendel, W.

– 75 –
2019 ITU Kaleidoscope Academic Conference

(2019). Benchmarking Robustness in Object [70] Bender, D., & Sartipi, K. (2013). HL7 FHIR: An
Detection: Autonomous Driving when Winter is Agile and RESTful approach to healthcare
Coming. arXiv preprint. information exchange. In Proceedings of the 26th
https://arxiv.org/abs/1907.07484 IEEE international symposium on computer-based
medical systems (pp. 326-331). IEEE.
[63] Filos, A., Farquhar, S., Gomez, A. N., Rudner, T. G. https://doi.org/10.1109/CBMS.2013.6627810
J.. Kenton, Z., Smith, L., Alizadeh, M., de Kroon, A.
& Gal, Y (2019). Benchmarking Bayesian Deep [71] Wilkinson, M. D., Dumontier, M., Aalbersberg, I. J.,
Learning with Diabetic Retinopathy Diagnosis. Appleton, G., Axton, M., Baak, A., ... & Bouwman,
Preprint. Retrieved from J. (2016). The FAIR Guiding Principles for scientific
http://www.cs.ox.ac.uk/people/angelos.filos/publicat data management and stewardship. Scientific data, 3.
ions/diabetic_retinopathy_diagnosis.pdf https://doi.org/10.1038/sdata.2016.18

[64] Parikh, R. B., Obermeyer, Z., & Navathe, A. S. [72] Blum, A., & Hardt, M. (2015). The ladder: A
(2019). Regulation of predictive analytics in reliable leaderboard for machine learning
medicine. Science, 363(6429), 810-812. competitions. arXiv preprint.
https://doi.org/10.1126/science.aaw0029 https://arxiv.org/abs/1502.04585

[65] Finlayson, S. G., Bowers, J. D., Ito, J., Zittrain, J. L., [73] Anderson-Cook, C. M., Myers, K. L., Lu, L.,
Beam, A. L., & Kohane, I. S. (2019). Adversarial Fugate, M. L., Quinlan, K. R., & Pawley, N. (2019).
attacks on medical machine learning. Science, How to Host a Data Competition: Statistical Advice
363(6433), 1287-1289. for Design and Analysis of a Data Competition.
https://doi.org/10.1126/science.aaw4399 arXiv preprint. https://arxiv.org/abs/1901.05356

[66] Lapuschkin, S., Wäldchen, S., Binder, A., [74] Binder, A., Bockmayr, M., Hägele, M., Wienert, S.,
Montavon, G., Samek, W., & Müller, K. R. (2019). Heim, D., Hellweg, K., ... & Treue, D. (2018).
Unmasking Clever Hans predictors and assessing Towards computational fluorescence microscopy:
what machines really learn. Nature communications, Machine learning-based integrated prediction of
10(1), 1096. https://doi.org/10.1038/s41467-019- morphological and molecular tumor profiles. arXiv
08987-4 preprint. https://arxiv.org/abs/1805.11178

[67] Voosen, P. (2017). The AI detectives. Science, [75] Klauschen, F., Müller, K. R., Binder, A., Bockmayr,
357(6346), pp. 22-27. M., Hägele, M., Seegerer, P., ... & Michiels, S.
https://doi.org/10.1126/science.357.6346.22 (2018, October). Scoring of tumor-infiltrating
lymphocytes: From visual estimation to machine
[68] Gebru, T., Morgenstern, J., Vecchione, B., Vaughan, learning. In Seminars in cancer biology (Vol. 52, pp.
J. W., Wallach, H., Daumeé III, H., & Crawford, K. 151-157). Academic Press.
(2018). Datasheets for datasets. arXiv preprint. https://doi.org/10.1016/j.semcancer.2018.07.001
https://arxiv.org/abs/1803.09010

[69] Mildenberger, P., Eichelberg, M., & Martin, E.


(2002). Introduction to the DICOM standard.
European radiology, 12(4), 920-927.
https://doi.org/10.1007/s003300101100

– 76 –
REDESIGNING A BASIC LABORATORY INFORMATION SYSTEM FOR THE GLOBAL
SOUTH

Jung Wook Park1 ; Aditi Shah1 ; Rosa I. Arriaga1 ; Santosh Vempala1


1 Georgia Institute of Technology

ABSTRACT experience and thus foster better decision making eventually


leading to better service to the patients [4].
Laboratory information systems (LIS) optimize information
storage and processing for clinics and hospitals. In the recent Users in the global south aspire to embrace mobile devices in
past, developers of LIS for the global south have worked under clinical settings [5]. Considering that most of the available
the assumption that computing environments will be very open source LIS are web applications, we might assume
limited. However, the computing resources in the area have that they can be easily accessed using any web-browser
been rapidly enriched. This has also changed the expectations across different types of platforms and devices. One might
that users have about the LIS interface and functionality. In consider that since most devices come with a pre-installed
this paper, we provide a case study of C4G BLIS that has been web browser, there should be no additional effort required by
in operation for nearly a decade in seven African countries. the end-user to access a LIS on their preferred device. This,
In two studies that included 51 participants from three African however, is not always the case.
countries, we redesigned the LIS to better suit the changing
technical landscape and user needs and evaluated the new Not having appropriate interfaces that are suited for a given
design. The study procedure, usability metrics and lessons task is not just an inconvenience, but in fact it makes medical
learned from our evaluation provide a model that other professionals less efficient and less productive. Past studies
researchers can use. The findings provide empirical insights have found that varying screen sizes and different interaction
that can benefit designers and developers of LIS in the global mechanisms require substantially different approaches for
south. The results also highlight the need for adding usability accessing information [6, 7]. For example, participants using
specifications for international standard organizations. a small screen (640 x 480) had to put twice the search effort
as compared to those with a large screen (1074 x 768) [6].
Keywords - ICT4D, C4G BLIS, Laboratory Information
System, User Interface, Usability Standard, Global South In this paper, we provide a case study of the redesign of an
open source LIS to meet the emerging demands of the LIS
1. INTRODUCTION communities. C4G BLIS has been operating in seven African
countries for almost a decade [8]. During this time, there have
In the past, computing resources available to hospitals in the been great strides in the growth of technical infrastructures
global south were very limited. As an illustration, the largest of the region it serves. We provide the details of a user
teaching and research hospital, University College Hospital, study comparing task execution times between devices with
in Nigeria managed medical records through a paper-based large and small screen dimensions. Actual users of the latest
system for more than a million patients in 2008 [1]. In recent version of C4G BLIS in three African countries participated
times, however, there has been a proliferation of computing in this user study. The findings helped us identify areas of the
technologies through investments coming from internal as system requiring redesign to improve their usability. We then
well as global sources [2]. The access to information and validate the impact of these redesign attempts and present the
communication technologies has grown up rapidly across results.
hospitals in Africa; mobile phone-based health applications
are becoming available, and country-wide health information 2. BACKGROUND
systems are also becoming digitized [2].
LIS have become a common patients’ data management tool
As computing environments in the hospitals are advancing, in many countries, and there are more than ten open source
medical staff such as doctors, nurses, and lab technicians software programs (e.g., Open-LIMS, Baobab LIMS, Bika
are exploring newer avenues to leverage technology for more LIMS, ERPNext Healthcare, eLabFTW, and GNU LIMS) in
efficient treatment and diagnosis for patients [3]. Health this category in 2019. LIS is specialized to support a variety
care professionals are adopting the use of smartphones or of needs, from DNA/RNA processing information to human
tablets with an aim to transform many tasks of their clinical biobanking and more. It also has a variety of features. Bika
practice [4]. For example, the use of laboratory information LIMS, for example, provides a responsive user interface with
system (LIS) on portable devices like smartphones can make features for reporting, inventory managing, and cataloging
accessing of patient clinical records a significantly smoother [9]. Occhiolino (also known as GNU LIMS) provides an

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 77 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

interface which allows a user to interconnect lab equipment


automatically and features reporting, auditing, and managing
workflows. These systems are constantly needing to adapt
their interface layout and elements to the demands of the
user. For example, GNU LIMS is currently unable to respond
to the users working environment, including accommodating
the changing sizes of the screens [10].

In general, these systems are developed to address the


traceability of samples, tests, and other patient information in
resource-constrained areas. Traditionally, these systems have
been designed to be used on a low-performance computer,
Figure 1 – The registration page of C4G BLIS
a small-size monitor, and old-version software at limited
network speed. However, the infrastructure for information
and communication technology has been rapidly improving
for the last decade. For example, 167 million of 1 billion
people in Africa have access to the Internet, and connectivity
is on the sharp rise [11]. Almost all the open source LIS
programs cannot keep up with the growth of infrastructure
and computing environments in the global south.

The technological changes in the global south are exemplified Figure 2 – One of the issues of the current interface -
in a recent study conducted in Africa. Adedeji et al. surveyed inconsistent layouts of the query builder
206 nurses in Nigeria to investigate current and preferred
documentation methods and tools for the use of electronic customizable workflow - Lab administrators can determine
health records in a hospital [5]. Although 94% of the nurses their preferred workflows with configurable user interfaces.
in the survey managed patient records using paper-based It means that the system does not require additional training
processes, 80% wanted to change to electronic methods. for new users by adopting their work procedures. and 3)
Forty-two% of the nurses surveyed preferred to use mobile Flexible database - This feature allows to add and modify
devices such as iPad, Tablet PC, or Android Phones, while data fields as labs evolve. For example, as the specimen types
desktop computers were the least preferred devices in this and results may vary widely across laboratories and change
survey. This is interesting in light of the fact that more of over time, even within the same lab, the system can handle the
them used computers compared to mobile phones or tablets, diversity and transition smoothly. Despite many advantages
79.6%, 35.4%, and 14%, respectively. of the system, there were also some problems with its user
interface.
3. C4G BLIS
3.2 Problems of the Current Interface
In this section, we present the overview of C4G BLIS and
analyze the problems of the current interface of the system. In this section, we highlight problems within two core
Then, we propose a more advanced interface to resolve the modules of the system - search and registration. Figure
problems. 1 shows the user interface for a registration function. By
selecting one of the search fields (e.g., Patient Name and
3.1 Overview Patient ID) and entering keywords, a user can retrieve
patients’ information. The problem of this page is that the
C4G BLIS is an open-source web-based system to track size of the actionable components is not responsive to its
patients, specimens and laboratory results. It has been working environment. For example, the system cannot adjust
developed and managed by the Georgia Institute of the size of the drop-down list for a small-size smartphone.
Technology, the Centers for Disease Control and Prevention Similarly, the tiny Search button in the current interface will
(CDC) in the United States, and Ministries of Health of also be difficult to touch or press in the same environment.
several countries in Africa since 2011 [12]. Unlike other
laboratory information systems, C4G BLIS was designed to In the Reports page of C4G BLIS, a user can generate various
address the challenges of resource-constrained settings such reports by filtering on specimen type, test type, period, and so
as computing infrastructure, variability in lab practices, and on. As shown in Figure 2, similar search options and buttons
difficulty of record-keeping. The system provides three key are inconsistently located across the sub-pages of Reports.
features: 1) Robustness - To guarantee the stable operation It means that the user needs to remember all the different
under limited access of the Internet, it does not rely on locations of the same or similar components in each page to
online-based libraries for any of its operation. It only requires perform the same task; otherwise, the user should skim over
a simple network router, which can locally interconnect each page for every trial. Consequently, this interface is likely
computers in a hospital. 2) Fully configurable and to result in a high cognitive load or low task performance. We

– 78 –
ICT for Health: Networks, standards and innovation

Tabler dashboard toolkit [13].

4. USABILITY STUDY DESIGN

In this section, we describe the procedures and details of our


user study. Overall, our user study is divided into two parts:
1) The evaluation of the existing user interface and 2) The
newly proposed interface. We focus on two core functions of
the system - search and registration in this study.

4.1 Participants
Figure 3 – The issue of the interface - no distinction between
regular and critical operations For the first part of the user study, we recruited 30
participants from Ghana, Cameroon, and Nigeria through
system administrators of C4G BLIS in each country. For
the second part, we recruited 21 participants from the three
countries through the same method. To be eligible to
participate in both parts of the study, participants were
required to have a prior experience of using C4G BLIS.
Personal information such as age, education, and gender were
not collected in accordance with the research guidelines of
the Institutional Review Board of Georgia Tech. The system
administrators and participants were not compensated for
their participation. Part 1 took 17 weeks to complete and
Part 2 took 7 weeks.
Figure 4 – The proposed interface of the Results.
4.2 Data Collection Tool
can resolve this issue by placing the same components in the
same positions across all the pages. Another problem with For both parts of the user study, we used the same data
the current interface is that there are no visual clues to inform collection tool, HotJar, which is an advanced logging and
the users of critical task execution (see Figure 3). The users analysis system that reveals the online behavior of users
should be cautious while performing important tasks such as [14]. Particularly, the visitor recording feature allows us
deleting a user or a test result. For such an issue, modern to eliminate guesswork by recording of users’ actions while
user interfaces tend to highlight the buttons related to crucial using C4G BLIS. By observing the participants’ clicks, taps,
tasks with noticeable colors or shapes. and mouse movements, we could identify usability issues and
compute the execution time of given tasks. Figure 6 presents
3.3 Design Proposals a captured image of the HotJar system interface.

In order to resolve the interface problems noted in the previous 4.3 System Setup
section, we redesigned the user interface with the focus
on visibility, efficiency, consistency, and adaptability of the To protect personally identifiable information of real patients
system. Figure 4 shows the consistent style and location in the participating labs, we decided not to run the evaluation
of the search options and button in different pages of the on the systems in use; instead we set up the latest version of
new user interface. The size of actionable components C4G BLIS in a Google Cloud server with dummy data set
is also increased. The left side of Figure 5 presents the and dummy login credentials. Since the access of the Internet
Registration page of the new user interface. There is a clear and the supply of electric power are sometimes unreliable,
visual distinction among all the different function blocks: regional administrators were asked to check whether they
Search, Tips, and Results. In the Search block, we kept could access the system before participating in the study.
the same style and layout of search options and button like
other pages. In the Result block, we distinguished the data 4.4 User Study Procedure
and buttons by providing a visual clue, a rounded rectangle,
and highlighted critical actions (e.g., Delete) with a red color. Since the research team is based in the US, and the target
Most importantly, the proposed interface is responsive, which users are based in Africa, we were not able to visit the
means it can adjust its layout and elements to the user’s laboratories where the user studies were conducted. Thus,
screen setting. The right side of Figure 5 shows the same we trained the system administrators in the target countries
registration page accessed from a smartphone. The three through conference calls and documents shared over e-mails.
blocks are vertically re-arranged, and the components of each Later, the instructed administrators conducted the user study
block are also re-configured (i.e., their size and position are on-site. The training process for the administrators took
different). We implemented the proposed interface using about one hour per person. As shown in Table 1, our user

– 79 –
2019 ITU Kaleidoscope Academic Conference

Figure 5 – The proposed interface of the registration page: The user interface on a desktop (Left) and a smartphone (Right).

patient’s information, 2) Find a patient with a given dummy


ID number and view the patient’s information, and 3) Register
a new patient with a given dummy name and other details like
gender, age, date of birth, and date of registration. For the
second part of the user study, to evaluate the usability of the
proposed interface, we followed the same structure used in
the first part.

4.5 Data Collection

Figure 6 – The interface of HotJar, the data collection tool For the desktop environment, we were able to collect 20 and
used in our user study. (Left) The red-line indicates the 11 datapoints in Study 1 and 2, respectively. For a smartphone
moving trajectory of the mouse cursor. The color dots on the setting, we gathered five and four datapoints in Study 1 and
bottom side illustrate events such as clicking, typing, and so 2, respectively. For both studies in Cameroon, participants
on. (Right) The list shows the actions performed sequentially. used a two-in-one computer, which is both a laptop and a
tablet combined in one lightweight, portable device. After
finishing the user studies in a laptop setting, they flipped its
screen, switched to the tablet mode, and conducted another
study contains two interfaces, two devices, and three jobs. part of the study.
In this study, laptop and desktop were not distinguished and
considered as “Desktop”. First, we attempted to examine
the usability of the current interface of C4G BLIS. Among We excluded some datapoints for a number of reasons. First,
many factors (e.g., learnability, efficiency, memorability, and the datapoints from the tablet setting were removed because
errors) used to test the usability, we chose the efficiency; the we did not provide precise guidelines for that environment.
time a user takes to complete a task (The rationale for this We also excluded the log data for people that did not follow
being the fact that the primary objective of the system is to directions. For example, we asked a participant to find a
manage patient data as quickly as possible [15]). patient on the registration page. However, he or she moved
to the search page and found the patient. In this case, the
two menus were different for the two pages. In Nigeria,
In the training sessions with the regional administrators, participants were not allowed to access patient data on the
we ensured that they randomize the order of desktop and smartphone. Thus, they decided not to participate in the
smartphone studies for each participant. After a regional study with the smartphone setting. Due to the tablet issue in
administrator explained the goal and details of the user study Cameroon and the security policy issue in Nigeria, we were
to a participant, he/she was asked to perform three tasks - able to capture fewer datapoints on smartphones compared to
1) Find a patient with a given dummy name and view the desktops.

– 80 –
ICT for Health: Networks, standards and innovation

Table 1 – The structure of the user study

User Study
Study 1 - Current Interface Study 2 - Proposed Interface
Device Desktop Smartphone Desktop Smartphone
Task 1 Finding an existing patient using a given name
Task 2 Finding an existing patient using a given patient ID number
Task 3 Registering a new patient using a given name and additional information (e.g., name, age)

5. DATA ANALYSES AND RESULTS how much the proposed interface has improved, we adopt
one of the the usability metrics proposed by Jakob Nielsen
5.1 Data Analysis [16]. Since adding up the task times may be misleading if the
given tasks are unevenly performed, Nielsen recommended
The three tasks presented in Table 1 contain the same or
to compute the scores of improvement for each of the
similar actions such as clicking the search button and moving
tasks and take the geometric mean of these scores later.
the cursor to the view button in the result block. For the sake
For example, the relative score of the proposed interface
of data analysis, we categorized the tasks into seven actions
for Action 1 in the desktop setting can be computed as
as follows:
((2.5 − 1.7)/1.7 ∗ 100) + 100 = 147% (improvement of
• Action 1: Open the Registration page and select the text 47%). The percentages of improvement of each action are
input box in the search bar. presented in Table 2. The geometric means of the desktop and
smartphone environments are 132% and 134%, respectively.
• Action 2: Open the Registration page and select the In other words, it indicates that the proposed interface
Patient ID in the option of the search field. was perceived as having 32% and 34% higher usability in
the desktop and smartphone settings, respectively than the
• Action 3: Enter the given patient name and click the current one. Nielsen suggested to utilize a user satisfaction
search button score to formulate an overall conclusion if the target website
• Action 4: Enter the given patient identification number is about entertainment or rarely used. However, we did
and click the search button not normalize the usability results with users’ subjective
satisfaction as C4G BLIS is informative and frequently used
• Action 5: After checking the search result, click the in hospitals.
profile view button
6. DISCUSSION
• Action 6: After checking the search result, click the new
patient button 6.1 Design
• Action 7: Fill out the patient information and submit the
In this study, we compared the usability of desktop versus
form.
smartphone interfaces for C4G BLIS. This study was carried
As a quantitative metric for each action, we measured its out at three different sites with actual users. We were able
execution time, the difference between the start and end time, to recruit local system administrators to carry out the user
and excluded the loading time such as the delay from clicking studies. We then collected the log data for three tasks that
the search button to retrieving the inquiry data. were based on dummy data sets. We found improvements
of up to 32% usability for desktop and up to 34% for
5.2 Results smartphone settings for all three tasks. Although our results
are promising, we found some areas where we could improve.
Participants in our study used various devices and software
as follows: Devices (Desktop, Laptop, 2-in-1 Laptop,
Smartphone), Operating Systems (Windows, MacOS, First, the system should allow end-users to customize more
Android, iOS), and Browsers (Firefox, Chrome, Edge, configurations. For instance, we can consider the location of
Safari). Their screen resolution ranged from 320x432 to the tips block (See Figure 5). Since the system is designed for
1600x786. medical professionals, the usage tips might not be useful after
several sessions of using the system. Thus, we need to provide
Table 2 describes the average execution time of each action, an option to let the user hide the tips block. This preference
and the whisker plots in Figure 7 presents the minimum, can be stored in the cache so that we can keep it hidden. By
first quartile, median, third quartile, and maximum values doing so, the user can view more search results on the same
of task execution time in seconds. In order to determine screen without scrolling. Secondly, we can streamline other

– 81 –
2019 ITU Kaleidoscope Academic Conference

Table 2 – The average execution time for each action in seconds and the percentage of improvement

Action A1 A2 A3 A4 A5 A6 A7 Avg. Improvement


Current 2.5 5.0 14.9 6.0 5.7 3.4 55.8
Desktop Proposed 1.7 3.4 14.5 4.3 3.6 3.3 40.2 32%
Improvement 47% 47% 3% 40% 58% 3% 39%
Current 3.0 5.5 12.9 7.0 13.1 11 69.8
Smartphone
Proposed 3.3 5.0 13.7 6.5 7.0 3.3 58 34%
Improvement -9% 10% -6% 8% 87% 233% 20%

Figure 7 – Comparison of Task Execution Time. C: Current Interface, P: Proposed Interface

tasks. The actionable items in the rows of the result table need 6.3 Needs in the Near Future
to be effectively reorganized. As shown in the bottom-right
of Figure 5, the user has to swipe right to access the view, A system administrator in Cameroon reported that 75% of
update, and delete buttons in the result table, which are the the participants preferred working with tablets if the screen
essential functions of the page. Overall, we recommend that was large enough, and 25% of them were approved the use
designers and developers of LIS should carefully consider of smartphones to access the laboratory data. We also found
their specific target users, goals, and workflows. One way to similar needs in Section 2; 42% of nurses in Nigeria preferred
do so is to consult with end-users and system administrators to use mobile devices such as iPad, Tablet PC, or Android
before designing the user interface. Phones. Future studies should collect qualitative data to
see where these preferences are coming from – aspirational
desires (i.e., preference for a modern device) or needs (better
6.2 Computing Environments portability throughout the clinic).

As of May 2019, the most widely used browser in Africa 6.4 Interface Standard and Usability
is Chrome for Android (35.09% in the market share), and
the latest Chrome (Version 74.0) is also broadly adopted Medical data exchange standards have been considered as
(17.65%) [17]. In sharp contrast, there was one dominant a central issue of hospital information systems, thus many
operating condition when C4G BLIS was designed in 2011 - researchers and organizations have attempted to develop
Windows (81%), About 1024x768 screen resolution (51%), efficient, inter-operable standards and protocols such as
and Internet Explorer (15%) or Opera (11%) browsers. This Health Level Seven (HL7), Clinical Document Architecture
fact suggests that the user interfaces designed for the global (CDA) and Continuity of Care Document (CCD), and
south should be revisited so that they are stable, adaptive, and Systematized Nomenclature of Medicine (SNOMED).
responsive to their heterogeneous operating environments. Several studies found that adopting such a standard could

– 82 –
ICT for Health: Networks, standards and innovation

simplify communication interfaces and improve the quality the coordinators kept their eyes on the participants during
of patient care [18, 19]. Another critical issue of the clinical the entire user study. In this study, we only focused on the
information systems is the difficulty of use, which is one of the task execution time, but future studies should evaluate task
dissatisfaction factors expressed by healthcare professionals success rate, error rate, and user satisfaction since these are
[20]. Specifically, the complex interfaces and the lack of also important usability measures.
intuitiveness causes usability problems. However, this issue
has not been treated as necessary as the data exchange
standards [21]. 8. CONCLUSION

In the evaluation report of Electrical Medical Record (EMR), In this paper, we have examined the usability issues of an
Belden et al. said that “Usability is one of the major factors – existing LIS and proposed a new, responsive user interface
possibly the most important factor – hindering widespread to resolve them. We were interested in the extent to
adoption of EMRs. Usability has a strong, often direct which the proposed interface could improve usability in
relationship with clinical productivity, error rate, user fatigue heterogeneous environments. Results indicated an average
and user satisfaction ... [22].” Although there have been improvement of about 30% across various metrics. Based on
some efforts to resolve the usability issues such as the Health the results, we highlighted the current status of computing
Information Technology for Economic and Clinical Health environments and user needs in the near future. Additionally,
(HITECH) Act in 2009 and an incentive program by the U.S. we discussed several factors which can improve the quality
Centers for Medicare & Medicaid Services, the improvement of laboratory information systems and recommend adding
of the usability has still been slow [21]. As shown in usability specifications to international standards.
our study, we were able to improve the usability by up to
34% by applying a responsive, simple, open-source website REFERENCES
framework to the existing LIS. It should not be a challenging
[1] I. E. Asangansi, O. O. Adejoro, O. Farriab, and
task in terms of cost and development effort. We highly
O. Makinde, “Computer use among doctors in
encourage that international standards organizations dealing
africa:survey of trainees in a nigerian teaching hospital,”
with health informatics should pay attention to the usability
Journal of Health Informatics in Developing Countries,
standards for laboratory information systems as they include
vol. 2, no. 1, pp. 10–13, 2008.
diverse devices, platforms, and browsers, as important as they
did for medical record interoperability. [2] M. Shekar and K. Otto, “Information and
communication technologies for health in africa,”
Since the International Organization for Standardization The World Bank Group, Tech. Rep., 01 2014. [Online].
(ISO) proposed the definition of usability (ISO 9241-11) Available: http://documents.worldbank.org/curated/en/
and its metrics (ISO/IEC 9126-4), a few usability models 553151468009030957/ICTs-for-health-in-Africa
and evaluation techniques have been studied in the hospital
information system domain [23, 24]. Among them, [3] C. L. Ventola, “Mobile devices and apps for health
a prime example would be the empirical guideline for care professionals: uses and benefits,” P T, vol. 39,
safety-related usability of EHR (NISTIR 7804-1) proposed no. 5, pp. 356–364, May 2014, 24883008[pmid].
by the National Institute of Standards and Technology (NIST) [Online]. Available: https://www.ncbi.nlm.nih.gov/
[25]. The guidelines described three critical implications – pubmed/24883008
1) Consistently present patient identification in a reserved
[4] S. Wallace, M. Clark, and J. White, “‘it’s on my
area to prevent wrong-patient errors, 2) Provide visual cues
iphone’: attitudes to the use of mobile computing
to minimize the risk of entering information and writing
devices in medical education, a mixed-methods study,”
orders in the wrong patient’s chart, and 3) Support efficient
BMJ Open, vol. 2, no. 4, 2012. [Online]. Available:
and easy identification of incorrect items in lists of grouped
https://bmjopen.bmj.com/content/2/4/e001099
information by presenting clear, well-organized evidence.
Similar to the standardization efforts in NIST, more practical [5] P. Adedeji, O. Irinoye, R. Ikono, and A. Komolafe,
and applicable standards are needed for safer and effective “Factors influencing the use of electronic health records
hospital information systems. among nurses in a teaching hospital in nigeria,”
Journal of Health Informatics in Developing Countries,
vol. 12, no. 2, pp. 1–20, 2018. [Online]. Available:
7. LIMITATIONS http://www.jhidc.org/index.php/jhidc/article/view/174
We were in the US, and our target users were in Africa. [6] M. Jones, G. Marsden, N. Mohd-Nasir, K. Boone, and
We opted to use log data for the analyses, which meant that G. Buchanan, “Improving web interaction on small
we were not able to observe participants’ behavior in person displays,” in Proceedings of the Eighth International
while they completed the tasks. Thus, it was challenging Conference on World Wide Web, ser. WWW ’99.
to understand unexpected behaviors such as inactive mouse New York, NY, USA: Elsevier North-Holland,
cursors and random delays in typing. While we did our Inc., 1999, pp. 1129–1137. [Online]. Available:
best to train the administrators, we cannot guarantee that all http://dl.acm.org/citation.cfm?id=313234.313014

– 83 –
2019 ITU Kaleidoscope Academic Conference

[7] V. Roto and A. Oulasvirta, “Need for non-visual to improve communication between healthcare
feedback with long response times in mobile information systems,” in 2011 IEEE 9th International
hci,” in Special Interest Tracks and Posters of Symposium on Intelligent Systems and Informatics, Sep.
the 14th International Conference on World Wide 2011, pp. 453–457.
Web, ser. WWW ’05. New York, NY, USA:
ACM, 2005, pp. 775–781. [Online]. Available: [20] ASC Communications, “Survey: Providers investing
http://doi.acm.org/10.1145/1062745.1062747 heavily in ehrs, but dissatisfied with purchase,” Becker’s
Hospital Review, Jun 2014. [Online]. Available:
[8] Georgia Institute of Technology, “C4G Basic https://www.beckershospitalreview.com/healthcare-
Laboratory Information System.” [Online]. Available: information-technology/survey-providers-investing-
http://blis.cc.gatech.edu/ heavily-in-ehrs-but-dissatisfied-with-purchase.html

[9] BIKA Lab Systems, “Bika lims, open source laboratory [21] P. Sengstack and C. Boicey, Mastering informatics: a
information management system.” [Online]. Available: healthcare handbook for success. Sigma Theta Tau
https://www.bikalims.org International, Honor Society of Nursing, 2015.

[10] GNU Solidario, “Occhiolino, gnu laboratory [22] J. L. Belden, R. Grayson, and J. Barnes, “Defining
information management system.” [Online]. Available: and testing emr usability: Principles and proposed
http://lims.gnu.org methods of emr usability evaluation and rating,”
HIMSS EHR Usability Task Force, pp. 1–38, Jun.
[11] Internet Society, “History of the internet in africa.” 2009. [Online]. Available: https://www.himss.org/file/
[Online]. Available: https://www.internetsociety.org/ 1268216/download?token=L4oSWWi1
internet/history-of-the-internet-in-africa/
[23] “Ergonomics of human-system interaction - Part
[12] S. Vempala, N. Chopra, A. Rajagopal, J. Nkengasong, 11: Usability: Definitions and concepts, ISO
and S. Akuro, “C4g blis: Health care delivery via 9241-11:2018,” International Organization for
iterative collaborative design in resource-constrained Standardization, Geneva, CH, Standard, 2018.
settings,” in Proceedings of the Eighth International
Conference on Information and Communication [24] “Software engineering - Product quality - Part 4:
Technologies and Development. New York, NY, USA: Quality in use metrics, ISO/IEC TR 9126-4:2004,”
Association for Computing Machinery, 2016. [Online]. International Organization for Standardization, Geneva,
Available: https://doi.org/10.1145/2909609.2909657 CH, Standard, 2004.

[13] Codecalm.net, “Tabler ui kit.” [Online]. Available: [25] Svetlana Z. Lowry, Mala Ramaiah, Emily S. Patterson,
https://github.com/tabler/tabler Sandra S. Prettyman, Debora Simmons, David Brick,
Latkany A. Paul, Michael C. Gibbons, Sheryl
[14] Hotjar, “Hotjar: Visitor recording platform.” [Online]. L. Taylor, “(NISTIR 7804-1)Technical Evaluation,
Available: https://www.hotjar.com/ Testing, and Validation of the Usability of Electronic
Health Records: Empirically Based Use Cases for
[15] J. Nielsen, “Usability metrics: Tracking interface Validating Safety-Enhanced Usability and Guidelines
improvements,” IEEE Software, vol. 13, no. 6, for Standardization,” NIST Interagency/Internal Report,
pp. 12–13, Nov. 1996. [Online]. Available: http: pp. 1–44, 2015. [Online]. Available: https:
//dl.acm.org/citation.cfm?id=624616.625647 //doi.org/10.6028/NIST.IR.7804-1
[16] Nielsen Norman Group, “Usability metrics,” Nielsen
Norman Group, Jan. 2001. [Online]. Available:
https://www.nngroup.com/articles/usability-metrics/

[17] StatCounter, “Browser version market share africa,”


StatCounter Global Stats, Jun. 2019. [Online].
Available: http://gs.statcounter.com/browser-version-
market-share/all/africa

[18] C.-H. Lin, I.-C. Lin, J.-S. Roan, and J.-S. Yeh,
“Critical factors influencing hospitals’ adoption of
hl7 version 2 standards: An empirical investigation,”
Journal of Medical Systems, vol. 36, no. 3,
pp. 1183–1192, Jun 2012. [Online]. Available:
https://doi.org/10.1007/s10916-010-9580-2

[19] O. Lupse, M. Vida, L. Stoicu - Tivadar, and


V. Stoicu - Tivadar, “Using hl7 cda and ccd standards

– 84 –
#RINGINGTHEALARM: CHRONIC “PILOTITIS” STUNTS
DIGITAL HEALTH IN NEPAL

Ichhya Pant1; Anubhuti Poudyal2

1
George Washington University School of Public Health
2
George Washington University School of Medicine and Health Sciences

ABSTRACT mortality by 73%, infant mortality by 67%, and maternal


mortality by 76% over the course of a few decades after the
Nepal Health Sector Strategy (NHSS) 2015-2020 aspires to Millennium Development Goals (MDGs) declaration in
leverage digital health to improve health outcomes for 1990 [2]. In parallel, advances in mobile (138.59%) and
Nepalese citizens. At present, there is a paucity in evidence Internet market penetration (67.23%) have facilitated an
on digital health projects that have been implemented in uptake of electronic health (e-health) and mobile health (m-
Nepal. This study aims to map past and extant digital health health) tools and solutions within the health sector [6,7].
projects using Arksey and O’Malley’s scoping design
framework and assess projects using the World Health Globally, there is great enthusiasm for the potential of digital
Organization (WHO) building blocks of a health systems health solutions to radically improve population health
framework. Our findings shed light on the current actors in outcomes especially in low-resource settings [8]. Studies
the digital health space, the spectrum of health services have, however, recognized challenges in integrating m-
offered, along with opportunities and challenges to move health interventions into existing healthcare systems [9,10].
beyond “pilotitis”. In total, 20 digital health solutions were These challenges range from regulatory to technological and
identified through our review that were implemented user-specific [10]. Competing health priorities, under-
between 1993 to 2017. The momentum for digital health developed infrastructure, lack of knowledge among country
projects in Nepal is sporadic but continuous. Overall, digital or regional e-health policy makers concerning the potential
health solutions in Nepal are limited in scope, focus areas, applications of m-health and its recognition as an approach
target audiences and sustainability potential. At the national to health-related issues are some of the key barriers to digital
level, implementation of digital health projects is frayed, health uptake and institutional adoption [11]. However,
issue and organization-centric, and primarily driven by insufficient evidence remains the primary reason for the
donor or non-governmental organizations. Engaging the inability of governments to establish the effectiveness of
private sector, especially telecommunications companies, is digital health efforts in improving access or affordability of
an underutilized strategy to move beyond “pilotitis”. preventative, curative or rehabilitative services [11,12,13]
Existing pioneers in the space must engage in strategic and Nepal is no different. There is a paucity of
collaborative partnerships with the private sector or documentation and evidence related to digital health
incentivize independent commercial health technology solutions implemented in Nepal to date.
ventures.
To bridge this gap in documentation and evidence, this study
Keywords – Digital health, ICTs, Nepal, pilotitis aims to scope digital health solutions implemented in Nepal.

1. INTRODUCTION 2. METHODS

The health system in Nepal is fraught with systemic The study uses a scoping design to obtain information on
challenges due to factors such as the country’s status as an digital health initiatives in Nepal. Research activities were
economically least developed country, inaccessible conducted between June 2017 to September 2018. The
mountainous terrains and sociological and topographical George Washington University Institutional Review Board
diversity. Economic and demographic transitions, migration and Nepal Health Research Council (NHRC) approved this
and unplanned urbanization adversely influence the health of study. Scoping review is a method of synthesizing
the population as well [1,2]. A decade-long civil conflict and knowledge on studies when: it is difficult to employ a narrow
political turmoil has also contributed to worsening mental review question; synthesizing information from studies that
health outcomes, disruption of service delivery in impacted have used a wide variety of data collection and analysis
areas, and a compromised health policy and governance techniques; there is a scarcity of prior synthesis on the topic;
system [3,4,5]. Despite these setbacks and challenges, Nepal or a quality control mechanism of the reviewed sources will
has made significant progress in reducing under-five not be conducted [12,14,15]. This study replicated a scoping

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 85 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

review conducted in Bangladesh utilizing Arksey and 3. RESULTS


O’Malley’s framework to map digital health initiatives due
to scarcity of prior synthesis on the topic [12,14,15]. It is a In total, 20 digital health solutions were identified through
method that is used widely in scoping reviews because it our review that were implemented between 1993 to 2017. In
maintains a rigorous process for transparency, replicability 1993, an integrated health management information system
and reliability of study findings. The study was designed to (HMIS) was introduced in Nepal by the government marking
answer the following research questions: 1) who are the the first e-health effort in the country [18]. A decade later the
subsisting digital health actors in Nepal, and 2) what private sector initiated the first telemedicine system
spectrum of services are being covered through digital health (HealthNet Nepal) which was a collaborative telehealth
initiatives? effort between Om Hospital Research Center and the Apollo
Hospital in India [18,19]. This was followed by a three-city
Our study first identified grey literature on digital health telemedicine program by a social enterprise in 2006 [19,20].
initiatives, then assessed them according to the WHO Health Next, a formal government led telehealth program with a
Systems Framework [16]. Relevant literature was identified budget of approximately Rs. 20 million (NPR) was
using two sets of keywords: one for journal articles and the established offering telehealth services to 25 districts [19,21].
other for grey literature. For journal articles, the keywords Specialized telehealth programs were also established,
were adopted from prior systematic reviews on digital health primarily in the non-governmental sector, to provide
solutions as shown in Table 1 [17]. For additional sources, a healthcare for epilepsy diagnosis, treatment of severe wasp
Google search using specific keywords was conducted. For stings or dermatological consultations [22,23,24]. Beyond
newspaper articles, the NewsBank database was utilized. telehealth programs, collaborative projects between the
The initial search yielded 316 articles on Google scholar, 72 Government of Nepal (GoN) and development partners have
articles on PubMed, and 274 articles via NewsBank. A been established over time [24,25,27,28]. These efforts have
screening tool was developed to ensure selected documents entailed bolstering population-health surveillance efforts
focused on digital health solutions in Nepal and provided with the migration of HMIS to the District Health
details on the organization or project associated with its Information System (DHIS)-2 platform, expansion of HMIS
implementation. After the screening process, a total of 31 e-reporting from facilities, Smart Health Nepal initiative, and
documents dating from 2005 to 2017 were selected for projects exploring the feasibility of mobile data collection
charting. Types of documents selected are journal articles, from frontline workers in remote areas [18].
newspaper articles, websites, presentations slides,
conference briefings, organizational reports and blog posts. Table 2 – Digital health solutions in Nepal (1993-2016)
Selected documents were systematically charted by three
research assistants followed by ongoing quality assurance Status Name Launch
audits by the lead authors to ensure uniformity and rigor in Year
the charting process. The charting was done under the I/NGOs (11, 55%)
following themes addressing the WHO health system * Nepal Wireless Telemedicine Program 2006
building blocks, organizational profile, program overview,
√ Dhulikhel Hospital Telemedicine Program 2011
financial profile, human resource, services, monitoring and
* USAID Health for Life 2013
evaluation framework, sustainability plan, and future
direction. Once the charting process was completed, the * Nick Simon Institute Celemedicine 2013
research team analyzed the charted information looking for Program
common traits and themes under each charting category [16]. √ Golden Community eHealth Nepal 2015
Program
Table 1 – Digital health solutions search keywords √ Possible Health CHW Mobile Reporting 2015
Trial
Database/Search Keywords
√ Medicine Du Monde Telecom Sans 2015
engine
Frontiere Surveillance Project
PubMed mHealth, mobile phone, phone, √ Maiti Nepal mHealth Capacity Building 2015
SMS, text message, mobile Projects
device, telemedicine, cell √ Dhulikhel Hospital Epilepsy Diagnosis 2016
phone, mobile health, mobile Application
applications, cell phones
√ One Heart Worldwide Maternal Health 2016
Google mobile health, mHealth, mHealth Project
electronic health, eHealth,
(?) CHEST Project by CHEST Nepal 2017
mobile phones and health,
Nepal, technology Public (6, 30%)
Google scholar mHealth, mobile phone, SMS, * HMIS 1993
text messages, mobile devices, * Hello Health, Rural Telemedicine 2010
telemedicine, cell phone, Program
mobile health, cell phones, √ RCM-MP 2015
mobile applications
* m4ASRH 2015
* DHIS-2 2016

– 86 –
ICT for Health: Networks, standards and innovation

(?) Smart Health Nepal 2017 convenience by being able to analyze and visualize data,
Private (3, 15%) monitor data collection and management in real time, and
˟ HealthNet Nepal Telemedicine Program 2004 more importantly improve data quality, have been well
received by impacted teams and stakeholders. The ability to
* Health at Home Nepal 2007
make informed decisions will soon be available at multiple
√ Safe SIM 2015
levels of the health system in Nepal due to these efforts.
*Ongoing √ Completed ˟ Discontinued (?) Unknown Ultimately, these efforts, if sustained, will strengthen health
sector governance and improve the availability and quality
Table 2 identifies the 20 projects, affiliated organizations, of health service delivery [32]. However, doing so will
implementation launch year and their current require forethought and development of data strategies with
implementation status. More projects had been completed feedback loops into implementation strategic plans. Our
(45%) compared to ongoing (40%) ones based on our review. review did not find any mention of either of these activities
At least one identified program, the earliest telemedicine happening in Nepal to date.
program offered in Nepal (HealthNet Nepal) has been
discontinued citing financial viability as their primary barrier 3.3 Health workforce
[26]. To understand these initiatives in greater depth, we
have categorized them per WHO health system building Frontline workers were the target audience for over half of
blocks [16]. the identified projects (55%) especially female community
health volunteers (FCHVs) [24,28,33-37]. Mid-level
3.1 Health service delivery medical personnel and health staff at remote locations were
also other beneficiaries of digital health initiatives in Nepal
Telehealth programs are the most prevalent form of service [19,23,29,38,39,42]. Scarcity of a readily available
delivery format for digital health solutions implemented in workforce trained and skilled in digital health
Nepal. Focus areas for digital health solutions ranged from implementation result in projects relying on internal training
health surveillance, adolescent, sexual, and reproductive to sensitize project staff in the use of technological solutions
health, detection of disease outbreaks, maternal and child [18,28]. Our review did not find existing academic digital
health, and mental health issues [25,26,35,36]. Services health programs in Nepal. Significant issues at the workforce
provided by digital health solutions focused on bolstering level cited by the initiatives reviewed in our study were poor
health information systems, increasing access and utilization coordination between ground level and higher-level staff and
of health services, increasing access to health information, educational, digital and data illiteracy within the workforce.
providing health education and generating health awareness, Readiness to utilize developed solutions was assessed
developing referral mechanisms, providing specialized infrequently.
healthcare via telemedicine, and improving technical
capacity among health professionals and frontline workers 3.4 Technology
[27,28,29,30].
Telecommunication-based digital health solutions were most
3.2 Health information prevalent. These solutions ranged from smart-phone
applications for patient monitoring, care or diagnosis, data
Health information systems developed for population health collection via a simple SMS-based reporting, telemedicine
surveillance, data collection and management, and patient [21] or population-health surveillance via health information
monitoring and support are the major focus areas for digital systems [38]. Challenges that hindered technological
health solutions implemented in Nepal. According to a implementation were weak mobile networks [40], slow
country profile on HMIS capacity developed by Measure Internet service [27], unreliable power [27,40], technical
Evaluation, the existence of a national health information difficulties such as unanticipated system errors and reliance
system (HIS) policy is unknown [31]. Currently, there is an on undeveloped ICT infrastructure [28].
HIS strategic plan and a national HIS coordinating body was
established in the past, but their current activities are also 3.5 Leadership and governance
unknown [31]. In 2016, the Nepalese MoH transitioned from
HMIS to DHIS-2. The DHIS-2 serves as a subnational level There are a few notable policy and strategic frameworks in
electronic system for aggregating routine facility or Nepal that speak towards the utility and uptake of digital
community service data. Its roll-out is in an early phase, health solutions. In 2014, the Nepal Health Sector Strategy
starting at the national level followed by the district level (NHSS) 2015-2020 was published by the Government of
then extending to health posts and primary care facilities in Nepal [41]. It functions as Nepal’s guide to graduate from
a few districts. Remote locations, underdeveloped “Least Developed Country” to “Middle Income Developing
information communication technology (ICT) infrastructure, Country” by 2022. Additionally, it articulates the nation’s
difficult terrain, digital data and technological literacy, and a commitment towards achieving universal health coverage
lack of data standards and interoperability have challenged (UHC) by placing health at the center of the overall
the implementation of health information systems [32,38]. socioeconomic development efforts. Per the NHSS, the GoN
However, substantial time savings in data collection and in collaboration with its development partners, aspires to
entry have helped mitigate these challenges. The increase in leverage novel technologies to address health challenges in

– 87 –
2019 ITU Kaleidoscope Academic Conference

the country. Recognizing that health is a critical indicator of alignment with the results of a global e-health survey
economic advancement, NHSS stipulates ICT such as digital conducted by the WHO which note that financial
health tools as essential in improving access and quality of management in e-health and m-health is largely fulfilled by
health services delivery [43]. Nepal's eHealth Strategy was donors [50]. Among the identified projects, 85% were
published in 2017 which documents the vision of using e- conducted in multi-sectoral collaborative partnership
health to facilitate the delivery of accountable, equitable and between donors, non-governmental organizations, or the
high-quality health service delivery [18,37]. GoN. Some of these actors collaborated directly with the
GoN at the national level. Other collaborations were with the
Evidence supports the notion that investments made to regional or local governing bodies. Direct financial
bolster ICT infrastructure result in tangible improvements in assistance from the government was not apparent in our
economic growth and achievement of human development review aside from the allocated funding for the Hello Health
milestones especially for developing countries [39,44]. telemedicine program. Financial stability was an important
However, mirroring the economic divide between developed, indicator of the sustainability of identified projects. Irregular
developing and least developed nations is the digital divide funding has been noted as a significant hindrance to the
defined as the difference between the uptake and utilization effective implementation of projects [27]. Assessing
of ICT in the daily lives of citizens [45]. Reflecting this economic feasibility was also a rarity among identified
digital divide, Nepal ranks 165th in the e-government initiatives despite most projects indicating monitoring and
development index [38,46]. The ICT policy environment in evaluation frameworks at the project level. One identified
Nepal does not meet modern demands mired by endemic project ended their feasibility trial without plans for scaling
corruption, political instability and civil conflict [6,47]. A up despite improvement in project indicators after
detailed strategic framework has been put forward to performing an economic evaluation which determined the
improve access to quality healthcare using ICT and modern program was not worth the financial and human costs
technologies in the latest update to the national ICT policy. incurred by their organization [28].
This will be achieved through an increased investment in
ICT-based healthcare systems with a special emphasis on Very few projects discussed the potential of sustainability.
telemedicine programs. These systems and networks will be Identified projects were primarily feasibility trials in early-
developed and implemented through a collaborative phases (85%) conducted in rural areas (65%). Since most of
approach involving public, private and civil society actors. these projects were short-term, the results ended with no
Regulatory frameworks will be developed to guide and plans to continue the initiative after the end of the funding
govern health information and ensure security measures period. The GoN was identified as the appropriate lead actor
curtail any privacy and ethical concerns [48,49]. So far, three in taking ownership of the space and assessing the
policies have been established that address digital health effectiveness of digital health solutions in Nepal then
efforts in Nepal: Nepal E-governance Interoperability working towards scaling them up through integration and
Framework, Electronic Transaction Act and institutionalization with national-level systems [27].
Telecommunication Policy [18]. The Nepalese Ministry of Leadership turnover, especially when multiple partners were
Health (MoH) has identified the formulation and involved, was identified as a contributing factor for the
institutionalization of a national e-health steering committee failure of digital health solutions [23,28,40].
and task force to govern strategic planning,
institutionalization of an e-health unit at the MoH, 4. DISCUSSION
procurement of resources and technical assistance,
development of prioritized e-health plans. This is reflected in Due to a recent constitutional mandate, Nepal is currently in
annual work plans and budgets, development of legal the process of transitioning to a federal state. Local
provisions such as a Health Information Act to address data municipal governing bodies will soon fully assume the
use, privacy and confidentiality issues, and development of responsibility of health-sector planning, budgeting and
monitoring and evaluation frameworks embedded into oversight of health service delivery. In parallel, the country’s
NHSS as prerequisites to achieving the goals set forth in the commitment to UHC and its quest to develop high-quality
national eHealth strategy of 2017. health systems to meet Sustainable Health Development
Goals (SDGs) by 2025 place Nepal at an opportune juncture
3.6 Financing and sustainability to map out its strategic course of action within the health
sector. This is an apt time to assess where digital health
More than half of the 20 initiatives were implemented by solutions fit within the current health system and how they
international or national-level non-profit organizations can be leveraged in impactful ways. The implementation
(I/NGOs) such as RTI International, USAID, GIZ, Possible timeline and trajectory represented by our review indicate
Health, Nick Simon’s Institute, and One Heart Worldwide that the momentum for digital health solutions has been
(Table 2). This contrasts the findings of Ahmed et al. [12] in sporadic but continuous in Nepal. Its evolution is still in
Bangladesh where the private sector leads the development nascent stages thus presenting opportunities to influence it
and implementation of digital health solutions. In Nepal, the with evidence-based and data-driven strategies. In the past
private sector is the least prolific in this space (15%). Digital 25 years, there has been an absence of diversity in the
health solutions in Nepal appear to be mainly donor (55%) application, utilization and uptake of digital health solutions
and government driven (30%). Our findings, however, are in in Nepal demonstrated by the limited scope, focus areas,

– 88 –
ICT for Health: Networks, standards and innovation

target audiences, sustainability potential and proliferation in workforce capacity and enriching academic programs to
certain sectors only. meet increasing demands for digital health expertise is
another area that requires investment and sustained
Much like the overall course of the health system evolution commitment by stakeholders. Engaging the private sector,
in Nepal [51], digital health solutions are frayed, issue and especially telecommunication companies, is an underutilized
organization-centric, and primarily driven by donor or non- strategy to address current barriers related to implementation,
governmental organizations. Most solutions have focused on technical, financial and sustainability challenges [12].
telemedicine to enhance gaps in healthcare access in rural Existing pioneers in this space (GoN and I/NGOs) must
areas with frontline workers heavily burdened with multiple engage in strategic planning on how to increase collaborative
e-health or m-health tools and solutions for different partnerships with the private sector or incentivize
programs or organizations. There are missed opportunities to independent commercial ventures [55].
increase service delivery beyond providing basic or
specialized healthcare in rural areas and addressing health 5. STRENGTHS AND LIMITATIONS
challenges related to maternal and child health or sexual and
reproductive health. The rise of non-communicable diseases, Our scoping study was successful in retrieving information
unplanned urbanization and demographic transition to a regarding 20 digital health solutions implemented via formal
higher number of elderly populations juxtaposed with a channels in Nepal to date. To the best of our knowledge, this
continuing flow of migrant youth working abroad warrant is the first paper to capture national level digital health efforts
the exploration of digital health solutions beyond its current implemented in Nepal and analyze the space utilizing two
limited scope and application [1,2,27,52,53,54]. Informal rigorous evidence-based frameworks [15,16]. Informal
consultations with key informants have shed light on the fact consultations with experts suggest the potential of additional
that digital health solutions are being implemented in Nepal digital health solutions implemented via both formal and
in these areas through informal channels on an as-needed informal channels that were not captured in our study since
basis and are yet to be documented or formalized due to they are not publicly accessible via the Internet or published
regulatory, financial/compensation or resource gaps. Our in academic journals. There is currently an effort on our part
team is currently analyzing findings of key informant to analyze findings from key informant interviews to bridge
interviews with stakeholders on the ground to share our this documentation gap. Evaluating the effectiveness of
review findings, attain insights regarding facilitators and identified solutions was not feasible with the limited
barriers, and explore the utilization and potential of digital resources available to achieve the scope of this study. This
health solutions in Nepal beyond what has been found line of investigation is a fruitful avenue for future studies to
through this review. explore and research.

From a leadership and governance perspective, progress has 6. CONCLUSION


been made to set the stage for digital health solutions to be
implemented in Nepal by establishing a few strategic Due to its current sociopolitical and ICT climate, Nepal is
frameworks and policies in place. However, integration and well-positioned to take a holistic multilevel systems
institutionalization of digital health solutions are still not at perspective accounting for the WHO building blocks in
the forefront of these policy agendas. While a national health charting the course of digital health solutions in Nepal. In
ID, data standardization, and interoperability frameworks are doing so, we echo the recommendation of Ahmed et al. [12]
critical key ingredients in this space [38], so too is gathering to adopt the guidelines and toolkits established by the
knowledge and evidence on the implementation and Rockefeller Foundation, WHO, and International
effectiveness of digital health solutions at a national level. It Telecommunication Union (ITU) in addition to conducting a
is also important to understand and tailor digital health national-level assessment exploring the application of digital
solutions and frameworks according to the needs of the target health solutions along with an evaluation of all solutions
audience so that the output is user-centric [6,59]. developed to date [12,56,57,58]. Additionally, we
Furthermore, there is a critical need to address technical, recommend the adoption of the Principles of Digital
cultural and knowledge barriers among stakeholders such as Development developed in consultation with multiple
lack of data and digital literacy, fear of technology, and a development and health organizations and foundations [59],
shared understanding of the definition and application of the recently released guidelines for digital interventions for
digital health solutions respectively among stakeholders, health systems strengthening by the World Health
decision-makers, and policy makers. Equally critical is the organization [60], while taking a whole-of-government
need for the GoN to mitigate the vast digital divide in Nepal investment approach [61].
[38]. A national-level monitoring and evaluation of
innovative digital health solutions is needed to identify cost- Taking a regional and global perspective on our findings,
effective solutions that can be scaled up and integrated to the China, India and Uganda serve as exemplary cases. With the
overall health system framework. Assuring sustainability of proliferation of the digital era, digital health interventions
effective solutions will require thought leadership, strategic have been prolific in middle and low-income countries.
oversight, resource allocation, transparency by the GoN, and However, they remain stuck in “pilotitis” without the ability
a baseline level of understanding of the potential of digital to scale [62]. Frustrated by this phenomenon, the
health solutions among stakeholders. Developing local government of Uganda issued a moratorium on digital health

– 89 –
2019 ITU Kaleidoscope Academic Conference

interventions in 2012 [63]. In contrast, the adoption of digital [10] L. Wallist. “Integrating mHealth at point of care in
health solutions sparked into existence in China when low- and middle-income settings: the system
combating SARS in late 2002. In both countries, however, perspective.” Global Health Action. 10(3).
there has been substantial challenges related to buy-in from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC564
stakeholders to adopt digital innovations. The reasons cited 5717/
mirror our findings. In the same vein, the Indian MoH
published a National Digital Health blueprint for public [11] WHO Department of Health Statistics and
comment and review in 2019 to address this endemic issue Information of the Innovation, Information,
of fragmentation and “pilotitis” within the digital health Evidence, and Research Cluster in collaboration
space [64]. To counter the documented stunting of digital with WHO technical programmes and regional
health interventions nationally, regionally and globally, we offices: World Health Statistics 2011. France: World
wholeheartedly agree with Huang and colleagues that the Health Organization, 2011.
key to moving beyond digital health “pilotitis” is in
considering the governmental, social, political and historical [12] T. Ahmed., H. Lucas, A.S. Khan, R. Islan, A.
contexts so that the attitudes, perceptions and needs of Bhuiya, M. Iqbal. “eHealth and mHealth initiatives
stakeholders are accounted for just as much as the design and in Bangladesh: A scoping study”. BMC Health
development of digital health solutions [61,62]. Services Research, vol 14, pp 260, 2014.

REFERENCES [13] A. Chib, M.H. Velthoven, C. Joseph. “mHealth


Adoption in Low-Resource Environments: A
[1] Y. Subedi, P. Simkhada, E.R.V. Teijlingen. “Where Review of the Use of Mobile Healthcare in
is Nepal in the Demographic Transition in the Wider Developing Countries”. Journal of Health
Context of the Nutrition Transition?”, Open Journal Communication, vol 20(1), pp 4-34, 2015.
of Social Sciences, vol 04(05), pp 155-166, 2016.
[14] J. O’Flaherty, C. Phillips. “The use of flipped
[2] WHO Nepal. Health System in Nepal: Challenges classrooms in higher education: A scoping review.”
and Strategic Options, 2007. The Internet and Higher Education, vol 25, pp 85-
95.
[3] N.P. Luitel, M.J.D. Jordans, A. Adhikari, A., N.
Upadhaya, C. Hanlon, C. Lund, and I.H. Komproe. [15] H. Arksey, L. O’Malley. “Scoping studies: towards a
“Mental health care in Nepal: current situation and methodological framework”. International Journal of
challenges for development of a district mental Social Research Methodology: Theory & Practice.
health care plan”. Conflict Health; vol 9, pp 3, 2015. 2005, vol 8(1), pp 19-32, 2005.

[4] Nepal Ministry of Health and Population. National [16] WHO Department of Health Statistics and
Mental Health Policy. Kathmandu: Ministry of Information of the Innovation, Information,
Health and Population; 1997. Evidence, and Research Cluster. Monitoring the
Building Blocks of Health Systems: A Handbook of
[5] S. Singh. “Impact of long-term political conflict on Indicators and their Measurement Strategies,
population health in Nepal”. Can Med Assoc J, Geneva, Switzerland, 2010:
171(12), pp 1499–502. doi: 10.1503/cmaj.1040777, http://www.who.int/healthinfo/systems/WHO_MBH
2004. SS_2010_full_web.pdf

[6] A. Sharma, Y.S. Kim. “Information Communication [17] D. Colaci, S. Chaudhri, A. Vasan. “mHealth
Technology Development in Nepal”. JRSD, pp 101- interventions in low-income countries to address
141, 2018. maternal health: A systematic review”. Ann Glob
Health, vol 82(5), pp 922-935, 2016.
[7] Nepal Telecommunications Authority. MIS Report,
vol 177(129), 2019: https://nta.gov.np/wp- [18] Nepal Ministry of Health. “eHealth initiatives in
content/uploads/MIS-2076-Shrawan.pdf Nepal”, 2017: http://nhsp.org.np/wp-
content/uploads/2017/08/eHealth-Initiatives.pdf
[8] J.G. Kahn, J.S. Yang, & J.S. “Mobile” health needs
and opportunities in developing countries. Health [19] P.R. Lama. “Scope and challenges of Telemedicine
Affairs, vol 29, pp 252 – 258, 2010. in Nepal: A look towards future. A case study at Om
Hospital and research Centre Kathmandu, Nepal.”,
[9] V. P. Gurupur, Wan T.H. “Challenges in 2010:
implementing mHealth interventions: a technical http://nrl.northumbria.ac.uk/11374/1/lama.tshering_
perspective”. mHealth, 3, 32. phd.pdf
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC558
3043/

– 90 –
ICT for Health: Networks, standards and innovation

[20] M. Pun, R. Shields, Paudel R., P. Mucci. Nepal [31] Measure Evaluation. Nepal: HIS Indicators, 2018:
Wireless Networking Project: Case Study and https://www.measureevaluation.org/his-
Evaluation Report, 2006. strengthening-resource-center/country-profiles/nepal

[21] B. Bhandari, B. “Telemedicine: Healthcare in Times [32] K. Birdsall. “Bringing the power of digital data to
of High Technology”. My Republica, 2010: rural Nepal. Healthy Developments”. Federal
http://archives.myrepublica.com/portal/index.php?ac Ministry of Economic Cooperation and
tion=news_details&news_id=1636 Development (BMZ), 2018:
https://health.bmz.de/events/In_focus/bringing_pow
[22] V. Patterson, M. Singh, H. Rajbhandari, S. er_digital_data_rural_nepal/index.html.
Vishnubhatla. “Validation of a phone app for
epilepsy diagnosis in India and Nepal”. Elsevier, [33] Ekantipur. “Ministry of health pilots mHealth,
30:46-49, 2015. eHealth services”. Kathmandu Post, 2017:
http://kathmandupost.ekantipur.com/news/2017-07-
[23] J. Morrison, N.R. Shrestha, B. Hayes, & M. 04/ministry-of-health-pilots-mhealth-ehealth-
Zimmerman. “Mobile phone support for rural health services.html.
workers in Nepal through ‘celemedicine’”. Journal
of Nepal Medical Association, vol 52(191), 2013. [34] Johns Hopkins. “mHealth internships build lasting
partnerships to help prevent human trafficking in
[24] United Nations Population Fund Nepal. Harnessing Nepal”, n.d.:
Mobile Technology to Improve ASRH Knowledge https://www.jhsph.edu/departments/international-
in Nepal, 2014: health/news/student-internships-nepal.html
https://nepal.unfpa.org/en/news/harnessing-mobile-
technology-improve-asrh-knowledge-nepal [35] One Heart World-Wide. “Maternal health in Nepal”,
2016:
[25] USAID. Reaching Pregnant Women in Marginalized https://give.onedayswages.org/campaign/maternal-
Communities to Increase Utilization of Maternal, health-in-nepal-or-one-heart-worldwide/c104911
New Born, and Family Planning Services. Health for
Life: Technical Brief, RTI International, [36] One Heart World-Wide. One heart world-wide –
Kathmandu, Nepal, 2016: quarterly report, 2016:
https://www.rti.org/sites/default/files/mobile_trackin https://static1.squarespace.com/static/5700f29260b5
g_technical_brief_final.pdf e92eb865e179/t/591b31b329687f883309ae10/14949
54456275/OHW+2016+Annual+Report.pdf
[26] A. Dhakal, A. “Telemedicine and Consultation in
Nepal (Unpublished bachelor’s thesis)”. Turku [37] S.M. Van Buren. “Evaluating the viability of a
University of Applied Sciences, Turku, Finland, mobile-device-based intervention to improve
2017. maternal health in Achham, Nepal”, 2013:
https://bir.brandeis.edu/bitstream/handle/10192/2503
[27] R. Bhatta. “Telemedicine and eHealth in Nepal.” 1/VanBurenThesis2013.pdf?sequence=3&isAllowed
Journal of Nepal Public Health Association, vol =y
6(1), pp 41-46.
[38] P. Rana. Two exciting new government open data
[28] D.J. Meyers, M. Filkins, A.H. Bangura, R. Sharma, initiatives presented at Kathmandu Open Data Day
A. Baruwal, S. Pande & D. Maru. “Management 2017: http://archive.opennepal.net/blog/two-
challenges in mHealth: failures of a mobile exciting-new-government-open-data-initiatives-
community health worker surveillance programme presented-kathmandu-open-data-day-2017.
in rural Nepal”. BMJ Innovations, 2017.Nepal”,
2015: http://ictpost.com/telemental-health-support- [39] S. Thapa. “Empowering Health Workers in Nepal
eclinics-in-nepal/ with mHealth”, 2016:
https://www.linkedin.com/pulse/empowering-health-
[29] A.K. Jha & S. Karki. “Reaching the Unreached: workers-nepal-mhealth-samita-thapa
Integrated Approach at Grass Root Population by
Tele-Health”. C.H.E.S.T. Nepal, 2017: [40] A. Harsha, D.S. Maru, E. Okada, P. Acharya, R.
http://smgebooks.com/telemedicine/chapters/TELM Sharma, S. Bhatta, S. Dahal, T. Yangdol. “Pilot and
ED-17-06.pdf evaluation of the feasibility of SafeSIM-a mobile
technology platform for maternal health care
[30] Inmarsat. “Inmarsat enables emergency mHealth in coordination in Nepal”, 2015:
Nepal”, 2015: http://medicmobile.org/assets/downloads/Safe-SIM-
https://www.inmarsat.com/news/inmarsat-enables- preliminary-evaluation_findings-07.2015.pdf.
emergency-mhealth-in-nepal/

– 91 –
2019 ITU Kaleidoscope Academic Conference

[41] Nepal Ministry of Health and Population. “National [52] M.J. Allsop. “The State of mHealth development
Health Sector Strategy 2015-2020.”, 2015: and use by palliative care services in sub-Saharan
http://www.nationalplanningcycles.org/sites/default/ Africa: a systematic review of the literature”. BMJ
files/planning_cycle_repository/nepal/nhss-english- Supportive and Palliative Care, vol 8(2), pp 155-
book-final-4-21-2016.pdf 153, 2015.

[42] ICT Post. “Telemental health support eClinics in [53] M. Staeheli, R.H. Aseltine, E. Schilling, D.
Nepal”, 2015: http://ictpost.com/telemental-health- Anderson & B. Gould. “Using mHealth technologies
support-eclinics-in-nepal/. to improve the identification of behavioral health in
urban primary care settings”. SAGE Open Med,
[43] S. Lange & S. Vollmer. “The effect of economic 5:2050312117712656, 2017.
development on population health: a review of the
empirical evidence”. British Medical Bulletin, vol [54] L.T.H. Vu, N.T.K. Nguyen, H.T.D. Tran, N.
121(1), pp 47-60, 2017. Muhajarine. “mHealth information for migrants: an
eHealth intervention for internal migrants in
[44] M. Kuppusanmy. & S. Santhapparay. “Investment in Vietnam”. Reproductive Health, 13:55, 2016.
Information and Communication Technologies
(ICT) and its Payoff in Malaysia”. Perspectives on [55] K4Health. “The mHealth Planning Guide: Key
Global Development and Technology, vol 4(2), pp Considerations for Integrating Mobile Technology
147-16, 2005. into Health Programs”. K4Health, 2014:
https://www.k4health.org/toolkits/mhealth-planning-
[45] International Telecommunications Union. ICT facts guide
and figures, 2015: https://www.itu.int/en/ITU-
D/Statistics/Documents/facts/ICTFactsFigures2015. [56] Al-Shorbaji, N. “The World Health Assembly
pdf Resolutions on eHealth: eHealth in Support of
Universal Health Coverage”. Methods Inf Med, vol
[46] United Nations. United National E-Government 52, pp 463-466, 2013.
Survey 2014. New York: United Nations:
https://publicadministration.un.org/egovkb/en- [57] The Rockefeller Foundation. “From Silos to
us/Reports/UN-E-Government-Survey-2014 Systems: An Overview of eHealth’s Transformative
Power”. In Rockefeller Foundation Report. Making
[47] R. Shields. “Information access and communications the eHealth Connection: Global Partnerships, Local
policy in Nepal”. Telecommunications policy, vol Solutions, Bellagio Conference Series. New York,
33 (3-4), pp 207-214, 2009. 2010.

[48] S. Sigdel. (2017). “eHealth in Nepal, Policies and [58] World Health Organization & International
Strategies: a quick overview”, 2017: Telecommunications Union. National eHealth
https://medium.com/hisn-health-informatics-society- strategy Toolkit, 2012. Geneva.
of-nepal/e-health-in-nepal-policies-and-strategies-a-
quick-overview-by-mr-giriraj-subedi-5874d2e22d19 [59] USAID & DIAL. “Principles for Digital
Development”, 2017:
[49] K. Regmi. “Mainstreaming mHealth in Nepal: https://digitalprinciples.org/principles/
Highlights of a One-Day Workshop”, 2016:
https://webcache.googleusercontent.com/search?q=c [60] World Health Organization. “Recommendation on
ache:CPUZ-PE- digital interventions for health system
MPMJ:https://www.herd.org.np/blogs/118+&cd=3& strengthening”. Geneva: World Health Organization;
hl=en&ct=clnk&gl=us 2019. Licence: CC BY-NC-SA 3.0 IGO, 2019.

[50] M. Kay, J. Santos, M. Takane. “WHO Global [61] ITU & DIAL. “SDG Digital Investment Framework:
Observatory for eHealth: mHealth new horizons for A whole-of-government approach to investing in
health through mobile technologies”, vol 3, 2011. digital technologies to achieve the SDGs”, 2019.

[51] J. Sharma, A. Aryal, G.K. Thapa. “Envisioning a [62] F. Huang, S. Blaschke, & H. Lucas. Beyond
high-quality health system in Nepal: if not now, pilotitis: taking digital health interventions to the
when?” The Lancet Global Health, vol 6(11), pp national level in China and Uganda. Globalization
1146-1148, 2018. and Health, vol 13, pp 49, 2017.

– 92 –
ICT for Health: Networks, standards and innovation

[63] D. McCann. “A Ugandan mHealth moratorium is a [64] Ministry of Health & Family Welfare Government
good thing”, 2012: of India. “National Digital Health Blueprint”, 2019.
https://ictworks.org/2012/02/22/ugandan-mhealth-
moratorium-good-thing/

– 93 –
DESIGNING NATIONAL HEALTH STACK FOR PUBLIC HEALTH:
ROLE OF ICT-BASED KNOWLEDGE MANAGEMENT SYSTEM

Dr. Charru Malhotra1; Vinod Kotwal2; Aniket Basu3

1
Indian Institute of Public Administration, New Delhi
2
Department of Telecommunication, Government of India
3
Indian Institute of Public Administration, New Delhi

ABSTRACT The Alma Ata declaration of the World Health Conference


(1978) reflects the ideals of social justice and equality taking
Public health (PH), as a domain, requires astute at its point of departure that health is a fundamental human
amalgamation of the workings of different disciplines, right. The declaration can be accepted as a major milestone
because its eventual aim is to ‘prevent’ and not just ‘cure’ in delineation of public health wherein it had unequivocally
the health concerns of the entire community/population underpinned adoption of a multidisciplinary approach to
under consideration. Public health goals can be achieved achieve the milestone of ‘Health for All’.
more meaningfully by the application of information
communication technology (ICT) that helps in overcoming The United Nations (UN) Sustainable Development Goals
the bottlenecks of brick-and-mortar healthcare models. (SDGs) are meant to be achieved by the year 2030. Out of
Online consultations, cloud-based health management the 17 SDGs, SDG 1 (No poverty), SDG 2 (Zero hunger),
solutions, smart service-supported diagnoses are some such SDG 3 (Good health & well-being), SDG 6 (Clean water &
examples. The present study attempts to explore the design sanitation) and SDG 10 (Reduced inequalities) are closely
and implementation of ICT-based holistic knowledge linked to human health. However, of particular relevance is
management systems (KMS) to address public health SDG 3 that aims to ensure healthy lives and promote
concerns at the national level. At any point in time, different wellbeing for all at all ages. Amongst other goals, SDG 3
management information systems (MIS) are being used by focuses on reduction in maternal mortality rate (MMR),
various public authorities that directly or indirectly impact reduction of non-communicable diseases through prevention
PH. However, the data being generated by these MIS is and treatment, achieve universal health coverage, including
“stove piped” into standalone, heterogeneous databases. financial risk protection, access to quality essential
Non-standardized data formats, incompatible IT systems, an healthcare services and access to safe, effective, quality and
aggravated sense of ownership by the agency that collects affordable essential medicines and vaccines for all, etc [1].
the data are some of the factors that further worsen the Also, understanding the linkages of health with other factors,
problem. To overcome these issues, based on the study of SDG 3 aims to substantially reduce the number of deaths and
best practices and literature review, the review paper illnesses from hazardous chemicals, air, water and soil
proposes a conceptual model, referred to as national health pollution and contamination by the year 2030. There is
stack (NHS). NHS is a multilayered KMS designed to support emphasis on research and development (R&D), capacity
evidence-based decisions of public health and would pave building for early warning, risk reduction and management
the way towards “Good Health and well being” (UN SDG 3) of national and global health risks.
for All.
Public health (PH) by definition is "the science and art of
Keywords – Application program interface (API), digital preventing disease, prolonging life and promoting
service standard, emerging technologies (AI, IoT, ML, human health through organized efforts and informed
blockchain, wearable/immersive technologies), knowledge choices of society, organizations, public and private,
management systems (KMS), national health stack (NHS), communities and individuals" [2]. It is therefore understood
public health (PH), quality of life (QoL) to be the science of protecting the safety and improving the
health of communities including mental health through
1. INTRODUCTION prevention and treatment of diseases with the aim of
improving the quality of life (QoL). PH is an
“Attainment of the highest possible level of health is a most interdisciplinary field that takes inputs from epidemiologists,
important world-wide social goal whose realization requires microbiologists, food technologists, veterinarians,
the action of many other social and economic sectors in environmental and occupational health experts, community
addition to the health sector...” health experts, behavioral health specialists, health
economists, biostatisticians, public policy experts, etc. [3].
Declaration of Alma Ata, 1978

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 95 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

Stack can be understood as a set of APIs and systems that countries for shaping its healthcare services to be more
allow various stakeholders including governments, inclusive [5].
businesses, developers, etc. to utilize this digital
infrastructure towards achievement of common goals. At present, emerging technologies such as Internet of things
Creation of a stack on any vertical at a national level would (IoT), artificial intelligence (AI) and others are being
enable paperless, cashless and presence-less secure access to employed to design disruptive health innovations so that
the system. Such a holistic approach fosters innovation in quality healthcare may be accessible to a larger population.
service delivery. Literature is replete with application of wireless technology
almost two decades ago in the area of telemedicine in select
In the present scenario, the data that is needed to build “One countries of Europe including Athens (Greece), Cyprus, Italy
Public Healthcare System” is available in standalone systems, and Sweden [6] and the use of artificial intelligence and
only some of which are connected. The most notable artificial neural networks (ANNs) for maintaining and
attribute of PH is that it aims to widen the health system goals analyzing electronic health records (EHRs) by University of
from the one that is narrowly focused on curing diseases in California and University of Chicago for a period ranging
hospitals by health professionals, to a system that is focused from the year 2009 till 2016 [7]. Even in developing
on keeping populations/communities healthy by providing countries, drones are assisting in providing medicines and
advance information to stakeholders. Therefore, for medical aid in difficult and inaccessible areas of India [8].
improving the PH scenario in a developing country like India, The wearable devices are being popularly used to provide
an integrated knowledge management system (KMS) that remote and continuous monitoring of each heartbeat,
could interconnect the standalone, existing healthcare moment-to-moment blood pressure, oxygen concentration in
applications/other related applications into a holistic blood, body temperature, level of glucose, human activities
integrated national health stack (stack is a data structure used and emotions [9]. IoT-based solutions have the potential to
to store a collection of objects) by employing information reduce the required time for remote health provision and
communication technologies (ICTs) will go a long way in increase the quality of care by reducing costs with enriched
achieving PH goals. user experience. Similarly, robotics process automation
(RPA)-based bots can ‘advise’ primary care patients;
The aim of the present study is to propose a conceptual machine learning (ML)-based systems can help to identify
design and an actionable implementation strategy for diseases early that indeed constitutes an important step
building a KMS, referred to as a national health stack (NHS). towards preventive healthcare [10]. The National Health
Introduction of the paper establishes the ‘multidisciplinary’ Service (NHS), UK is planning to extensively harness the
and ‘preventive’ nature of PH. This is followed by a ‘Review potential of AI to make 30 million outpatient visits
of Literature’,section 2, on core subject areas viz. ICT and unnecessary so that the resources saved can be used for
KMS implementation in the health domain of various frontline care [11].
countries, with special reference to emerging technologies,
PH and best practices related to the subject under However, apart from these various ways in which the
consideration. Section 3 examines the national health advances in communication technology, computing, storage,
scenario of India with special reference to its policies on analytics etc. are helping in achieving the health goals, ICT
information systems pertaining to ICT implementation in can also play a more fundamental role. ICT can be used to
health, the current status and future vision. Once both the link the different sources of data, collate the information
theoretical propositions as well as the ground reality of the available, provide tools for analysis and make it available to
Indian health ecosystem have been elucidated, the paper the stakeholders for predictive analysis. Knowledge
moves on to state the goal, objectives and design of the management (KM) of this data pertaining to different aspects
proposed conceptual model,section 4: Proposed Conceptual of healthcare would help to provide deeper insights into the
Model of NHS. The implementation strategy is described in various aspects of organizational learning and community
the subsequent section, section 5: Implementation of the wellbeing, as indicated subsequently.
Proposed Model), followed by ‘Issues and Opportunities’ in
section 6, and‘Conclusion’ insection 7. 2.2 Applying principles of knowledge management
(KM) in public health
2. REVIEW OF LITERATURE
Knowledge management (KM) refers to a multidisciplinary
2.1 Application of ICT in health sector process of creating, sharing, using and managing the
information from different systems for achieving
Rapid proliferation of ICTs has catalyzed its application in organizational objectives. ICT can provide knowledge
the health domain since the 1990s by implementation of discovery through integrated data mining of health data that
mobile collaboration technologies, hospital management is provided by heterogeneous sources. With special reference
systems, online patient information systems, and so on to developing countries, Blayaet al., (2010) assert health
[4].Several related challenges including, but not limited to, solutions that emanate from well-designed ICT-based KMS
infrastructure concerns that are more often sighted in in resource-poor environments have a tangible impact on the
developing countries like India, did not deter researchers quality of health care [12].
from examining the merits of employing ICTs in these

– 96 –
ICT for Health: Networks, standards and innovation

However, the experience validates that the data that is needed Disease Control Programme (NVBDCP) &National
in the first place for the knowledge management system to Tuberculosis Control Programme (https://nikshay.in/)
work is either not available or recorded and stored in c. Electronic Medical Records (EMRs) including
isolation. Addressing the various issues in the public health the Mother Child Tracking System and Reproductive Child
sector, amongst other factors, include the need for more Health Register
collaborative inter-sectoral engagement, ‘buy-in’ from the d. Clinical decision support system (CDSS):radio-
political authorities and decision makers etc. To resolve diagnostics and laboratories
these concerns, Thailand, in the 1990s, had adopted a e. Computerized physician order entry:secondary
paradigm called "Triangle that Moves the Mountain" [13]. and tertiary care private institutions
‘The Mountain’ means a big and complicated problem, f. Online registry system for patients’
usually unmovable. ‘The Triangle’ consists of: creation of appointments:e-hospitals (ehospital.gov.in)
relevant knowledge through research, social movement or g. Applications based on electronic health records:
social learning, and political involvement. The three PM JAY, national health insurance
components of the triangle have to work together in tandem (https://www.pmjay.gov.in/)
to achieve the goals of resolving the health issues. This has
resulted in the near elimination of the uninsured with its The most popular of these initiatives is the HMIS, which is
universal health coverage, elevated almost a million Thai an online portal that provides information on the human
citizens from poverty while strengthening the capacity of health indicators in the country. It is a tool that provides a
knowledge generation and management [14]. This approach framework for gathering the raw data from primary care
can form a remarkable basis for evolving a structure and health institutions upwards at state level from primary health
systematic approach for building a KM system for any centers (PHCs) onwards. This data is then compiled at block
vertical including health. Some instances of best application level, district level and finally at the state HQ level before
of knowledge management using ICT in public health with feeding into the national level database. Data aggregation
varying degrees of implementation have been observed in a units are at block and district level. The flow of data is
number of countries, notably Canada, Germany, New upwards as well as downwards. HMIS also compiles data
Zealand, South Korea and the U.S.A [14]. from the National Family Health Survey (NFHS), the
District Level Household Survey (DLHS), and the Office of
3. A CASE STUDY FROM INDIA: HMIS AND the Registrar General and Census Commissioner, among
OTHER SYSTEMS HAVING LINKAGES WITH other sources [17]. The information generated from this
PUBLIC HEALTH analysis is then used for taking actions that help in improving
health outcomes. The Online Registry System (ORS) for
India is a country with a vast requirement for a stable public patients is a framework that links various hospitals across the
healthcare system due to its complex health needs of over a country for the Aadhaar-based (biometric digital identity)
billion people with diverse social, economic, geographical online registration and appointment system, where the
and cultural context. Despite its rapid economic growth, it counter-based outpatient department (OPD) registration and
has been ranked 143rdin a list of 188 countries in the ‘Health appointment system through HMIS has been digitized. At the
Related SDG’ index that aims to assess each country’s end of June 2019, 230 hospitals across the country are using
performance across 33 indicators in a global burden of ORS [18].
disease (GBD) study [15]. Also, according to another GBD
study published in the medical journal The Lancet, India has The Integrated Disease Surveillance Programme (IDSP) was
finished 154th among 195 countries on the healthcare index, launched in 2004 by the National Centre for Disease Control
which is based on death rates for 32 diseases that can be (NCDC), India. The program continues under National
avoided or effectively treated with proper medical care [16]. Health Mission with the objective to strengthen/maintain the
These rankings are a cue enough for revamping existing decentralized laboratory-based information technology (IT)-
approaches towards public healthcare systems. Before the enabled disease surveillance system for epidemic-prone
study moves ahead to propose a KMS conceptual model to diseases to monitor disease trends and to detect and respond
address these public health concerns, it might be more to outbreaks in early rising phase through trained rapid
prudent to first enumerate strides that the country has made response teams (RRTs). Under the program, surveillance
in this direction. units have been established in all districts of the country and
it collects data on disease outbreaks for the country as a
At present, a number of health management systems (HMS) whole, excluding non-communicable diseases.
by the public sector are operational in the country that can be
categorized as follows. Similarly, there are other systems being maintained by
different government institutions that are collecting data,
a. Performance reporting portal including the which have implications on PH but are not connected to the
Health Management Information System (HMIS), National HMIS. A case in point is the All India Network Project on
Health Portal (https://www.nhp.gov.in/) andState Health Pesticide Residues (AINPPR). The laboratories under the
Programportals network collect the samples from the nearby Agriculture
b. Disease surveillance portal including Integrated Produce Marketing Corporation (APMC) markets and
Disease Surveillance Programme, National Vector Borne analyze for the possible residues of the pesticide and since

– 97 –
2019 ITU Kaleidoscope Academic Conference

2007-08 and till about 2016 about more than 1 lakh samples research laboratories working in the area of
of various food commodities have been analyzed [19]. Food- pesticides/contaminants/toxicology/pollution, nutrition and
borne diseases (FBDs) not only directly impact human health total diet studies/surveys, etc.). It is therefore of paramount
but also impede socioeconomic development by straining importance that countries like India implement an integrated
healthcare systems and harming national economies, tourism national health stack (NHS) built on the principles of
and trade [20]. Thus, information on pesticide residues in knowledge management systems (KMS) connecting all the
food, as well as food-borne diseases, should be integrated relevant sources. The proposed conceptual model (Figure 1)
with the HMIS. Similarly, information on air pollution, henceforth referred to as the national health stack (NHS) is a
waterpollution, soil pollution etc. being collected by various multilayered and multi-stakeholder model. The main
government authorities (pollution control boards) that has objectives of NHS (Figure1) would be to:
direct or indirect impact on human health should also be
available to PH authorities. However, data being collected by 1. facilitate inter-sectoral involvement and collaboration
these various authorities is “stove piped” into standalone of various stakeholders including government
databases that are not accessible within and across authorities and citizens (Figure 1: referred to as ‘Block1
government agencies. Non-standardized data collection, Data Providers’);
varied data formats, incompatible data IT systems, a sense of 2. develop an integrated KM platform using appropriate
ownership by the group that collects the data are the factors technologies (Figure 1, referred to as ‘Block2 KM
that further worsen the problem [21]. Platform’);
3. evolve policies, regulations and health standards, based
To surmount these issues, India has also renewed its focus on the (public) health predictions made by the related
on the implementation of the proposed ‘National Digital decision making/decision support bodies of the country
Health Blueprint’, the precursor of which can be traced back (Figure 1, referred to as ‘Block3 Decision makers and
to NITI Aayog’s vision document in 2018 laying out the R&D’);
strategy and approach for a national health stack [22]. In 4. spread social learning; NHS to also serve as a tool for
“India’s Trillion-Dollar Digital Opportunity” (pp 122), a spreading awareness on the creation and usage of this
report by the Ministry of Electronics and Information unified approach (Figure 1, Block3).
Technology, Government of India (GoI) [23], there are
examples of actions that are required for improving PH. The The aforementioned four layers (S. No. 1-4) form the basic
need to build an integrated health information platform to design structure of the proposed NHS. However, depending
create and provide access to electronic health records (EHR) on the implementation context of the respective countries,
for every Indian has been highlighted, which would be using more layers can be added to the NHS. Irrespective of the
open APIs. Emphasizing the need of public private number of layers or building blocks in each of these layers,
partnerships (PPP) in the health domain, suggests the the underlying system design principle weaving all of them
development of the PPP model for setting up digital remains the same. This principle is that all data/ information
infrastructure and training for health workers in primary flows emanating to/from each of these blocks/layers of NHS
health centers and other medical care facilities. The report have strong bidirectional feedback loops (Figure 1). Only
also highlights the need of finalization and implementation then the proposed NHS would be able to serve as a common
of the ‘Digital Information Security in Healthcare’ Act repository of data for multiple
(DISHA Act) to provide a framework for the sharing of agencies/authorities/stakeholders. The multisectoral data
health information digitally. The need to frame policy to would be collated, analyzed using advanced ICT techniques
mandate EHR adoption was also highlighted. To catalyze and presented as a ‘visualization layer’, pictorial, user-
implementation of these health aspirations of the nation, the friendly information presented to the decision makers for
Satyanarayana Committee (2018-19), setup by Government strategic planning. Collecting data from different authorities
of India, has been recently tasked with the purpose of will require inter-sectoral cooperation, interoperability and
suggesting a National Digital Health Blueprint so that adequate digital standards and ‘openness’ (to share). Such a
continuum of care could be provided to the citizens. national level KMS will essentially consist of the technology
layer viz.hardware (servers for storage of data, routers for
Thus, it is the right time to design and implement an communication, etc.), software (database for storage of
integrated, comprehensive and effective ICT-based system information, interfaces, etc.), Connectivity (telecom/data
with real-time linkages not only between various public connectivity and related protocols for connecting the various
health authorities but also other authorities that impact public databases and exchange of information) and the application
health. This can be achieved by adopting a holistic layer that would adequately employ a decision support
knowledge management system, as proposed below. system to run data analytics, open APIs etc. (Figure 1,
Block2). The output of these analyses will then be shared
4. PROPOSED CONCEPTUAL MODEL OF NHS: with the related stakeholders (Figure 1, Block3) such as
ICT-BASED KMS FOR PUBLIC HEALTH government, regulatory bodies, at various levels for policy
making, setting standards, regulation making, prospective
As already stated in section 1, PH is a multidisciplinary field planning and building synergies with government plans in an
that requires data/information from multiple sources integrated manner. This synergy can be assured only when
(disease surveillance, health systems, food testing as well as adequate adherence is done to international health standards

– 98 –
ICT for Health: Networks, standards and innovation

such as health level seven (HL7) clinical document adhering to KPIs across identified dimensions and Figure 1,
architecture (CDA), and Integrating the Healthcare Block1).
Enterprise (IHE), Cross-enterprise Document Sharing-b
(XDS.b) profile to build a nationwide secure NHS. The In order to create a robust operational execution strategy for
strategic information emanating from Block3 information communication between Block1 and Block2 (Figure 1), the
can also be shared for research purposes with research journey of the patient from even before the time their
institutions, academics etc. for providing solutions to various exposure might happen to contract a particular disease (the
problems, as well as for supporting social learning activities stage at which prevention is possible) till the time they have
including spreading awareness and conduct of sensitization been completely healed, including diagnosis, treatment,
drives. recovery and follow-up, needs to be thoroughly studied and
mapped with touchpoints of data collection about their health.
5. IMPLEMENTATION OF THE PROPOSED
MODEL

The implementation of the proposed ICT-based KMS for


creating a national health stack (NHS) will follow a
structured, multi-stakeholder, multi-collaborative approach
(Figure 1). Some of the suggested steps for creating its
various components could be delineated as below:

STEP 1: Identifying the goal and objectives to be


achieved by national public health policy and various
KPIs across identified dimensions

The first and foremost step for designing an NHS is to


identify the goals, objectives, mission and vision related to
the public health strategies of a country, which are articulated
in the national health policy (NHP). Taking a cue from NHP,
the designers of NHS could strive to:

• Identify and define various building blocks of the


national health ecosystem including varied health/other
information systems, datasets, system constraints,
stakeholders, etc.
• Define ICT benchmarks in terms of key performance
indicators (KPIs) across dimensions that impact PH and
may include ‘health management’, ‘food-safety’,
‘water and sanitation’, ‘nutrition’, ‘pollution control’
and ‘disaster management’. This would help in
assessing the ground situation and then explore digital
standards to be adopted to make the building blocks
interoperable and ‘open’.
• Provide an institutional, regulatory, policy framework
required to implement these building blocks. Figure 1 - Proposed conceptual framework of national
health stack (NHS) - An ICT-enabled knowledge
This helps in envisioning the “AS-IS” to a “TO-BE” scenario. management system (KMS)
After this step, the process of data collection and data
aggregation would commence, using the proposed blueprint. For example, at the diagnosis and treatment stage, the data is
entered by the patient into the public health record (PHR)
STEP 2: Mapping of various stakeholders, data sources and by the hospitals into the electronic medical record (EMR)
related to public health and linking them in the national health portal. This data from the health
records (PHR and EHR/EMR) is an important source of
The next step focuses on data collection, mapping of various information from the health management dimension and
stakeholders who can potentially provide information shall feed into the national health stack (NHS) in real time.
pertaining to the health of citizens, identifying channels Similarly, data pertaining to all the treatment received and
through which this data can be shared/transferred to the NHS, diagnostics made from any hospital or clinic in the country
making an operational strategy for the data sharing through would constitute an important source for the NHS. This
these channels (amount of data to be shared, frequency of would require public-private partnerships to ensure seamless
sharing, format and conversion to the necessary format if flow and sharing among the consented parties while taking
required, etc.) and then ensuring this sharing happens while into account patient data sharing and privacy laws. On the

– 99 –
2019 ITU Kaleidoscope Academic Conference

prevention and research side, the stack would also receive Through data collection from a variety of sources, the
data from R&D repositories on health and nutrition of India knowledge management platform will be a treasure trove of
like the Indian Council of Medical Research (ICMR); big data. With the help of artificial intelligence tools, big data
national research institutions like the National Institute of analytics as well as information systems like GIS, this data
Nutrition (NIN); National Centre for Disease Control can be analyzed to extract important insights needed for
(NCDC) implementing the disease surveillance programs of answering relevant questions like reasons for a disease
the government; radio and diagnostic systems, laboratories; outbreak, areas involved, etc. as well as mapping and
and various government departments that have linkages with predicting outbreaks, triggering response mechanisms and
human health including academia. To enable forecasting for taking preventive action. However, there may be a need to
prevention of diseases, effective linkages established democratize this data in a way so as to make it available for
between food control agencies and the public health systems use of machine learning (ML) and AI.
including epidemiologists and microbiologists can provide
information on food-borne diseases, which may be linked to Decision support algorithms employing quantitative data
food monitoring data and lead to appropriate risk-based superimposed on qualitative understanding of local contexts
policies. This information includes annual incidence trends, would help to undertake risk assessments of public health
identification of susceptible population groups, domains. Predictive modeling would help to improve
identification of hazards, identification and tracking of estimates and thereby allow quantification of health risks and
causes of diseases and the development of early warning also find applications for assessing prevention strategies in
systems for disease outbreaks. Therefore, IDSP, HMIS, risk management. The processed data from the stack can be
AINPPR and similar other data emerging from various made available to various stakeholders through open
sources will have to be collected and analyzed centrally by application programming interfaces (APIs).
the knowledge management system (KMS). Once this data
mapping and feeding mechanism is strategized, implemented STEP 4: Use of NHS information for evidence-based
and executed over an extended period of time, the NHS shall decision making, forecasting, planning and research by
act as a centralized health record repository for all citizens. different stakeholders

Once the sources of data are identified by mapping the The insights generated based on the analysis of data can
patient journey, the next step would be to focus on the data provide not only straightforward information that is useful to
formats/databases, and then connecting them. The need for the health functionaries directly but also enable cross-
uniform standards to make multiple EMR systems functional collaboration between various stakeholders
compatible and the information interoperable is paramount (Figure 1, Block 3).
as it will tie up isolated pools of data. A consortium can be
setup consisting of representatives from various consenting For example, information on the immunization status in a
data-sharing stakeholders to identify and list the various particular area can help the health officer to plan resource
current formats being used, come up with short-term allocation of both staff and material for those areas that are
interoperability solutions and envisage long-term data lagging in immunization coverage. On the other hand, cases
sharing standards on common agreed formats. Effective of nicotine toxicity in tobacco harvesters or cases of silicosis
change management would play a pivotal role in aiding the from mining may require collaboration with research
stakeholders to adopt the new agreed formats to process and institutions that can provide technological solutions like
share the data being collected at their end. The costs involved suitable nylon gloves for tobacco farmers or well-designed
in the change can be managed in a way that is offset by the masks for the miners.
overall commercial gains incurred due to the implementation
of the NHS. In terms of channel usage, high speed STEP 5: Social learning: awareness, sensitization and
communication technology is proposed to facilitate data training
collection, analysis and reduce reaction time as well as
enable effective sharing. This digitized data will then be The implementation of a project with an all-encompassing
stored in a central place like a cloud. It will be accessed vision would be meaningful only if stakeholders’ capabilities
remotely by all stakeholders. Also, standards of data security are augmented at all levels ranging from the top till the
need to be strengthened with the use of blockchain ‘bottom of the pyramid’. Political leaders and policy makers
technology so as to protect this data from cyber threats. at the highest level must be encouraged to stay aligned to the
successful culmination of the ‘Health for All’ goal.
This is the most critical step towards building the KMS as it Awareness is equally critical amongst patients whose public
strives to bring together “stove piped” data and needs health data and the related socioeconomic indicators are the
substantial investment of resources not only in terms of funds mainstay of the system. In addition, health data may also be
but also manpower. Here, buy-in from the decision-making crowdsourced from citizens, therefore the citizens need to be
authorities is important as it will drive the project. sensitized about the ‘principle of consent’ with regard to
their health data and personal health records (PHR). Equally
STEP 3: Applying data analytics relevant is capacity building drive for every constituent. As
an example, the capabilities of the grass-root level public
health worker, who is expected to input the information at

– 100 –
ICT for Health: Networks, standards and innovation

the PHC level to the highest level of political leaders and related indicators, as well as their targets. It also provides a
policy makers, all need to be trained according to the federated structure of detailing out interrelated services, their
functions they perform. process flows and the process rules governing these services.
Another differential aspect of this model is clear segregation
6. ISSUES AND OPPORTUNITIES OF THE of the service model and ICT layer which defines this health
PROPOSED MODEL stack as technology-agnostic and relevant at all times.
However, the study is still theoretical rumination by the
Though ICT-based national KMS has a disruptive potential authors and needs to be implemented as a proof of concept
to mainstream preventive public health care, there are before being deemed as a visionary concept.
substantial technical, legal and socioeconomic challenges
that remain to be addressed. Some of the most critical issues 7. CONCLUSION
involved are standardization of the collection methodology,
collection of data, its verification and the identification of Establishment of NHS for public healthcare delivery is a
KPIs across various dimensions. In addition, issues like novel approach to tackle healthcare disparity. New models
interoperability between various databases need to be of data-driven interpretation, forecasting and decision
resolved [24]. Adoption of DSS would permit consistent making facilitated by an ICT-driven KMS can go a long way
dataexchange, robust measurement processes and also lead in establishing evidence-based health systems. The most
to the creation of healthy feedback loops [25]. Similarly, notable attribute of such a KMS would be to enable the
enabling infrastructure that includes robust telecom transformation of the health system from one that is narrowly
connectivity, particularly last-mile, in the context of focused on curing diseases in hospitals by health
developing countries is very important. professionals to a more holistic integrated KMS focused on
examining other aspects that impact human health, like food
Data protection, data privacy, confidentiality and data safety, environmental pollution etc. However, optimal
security are other important issues. The security utilization of ICT-based KMS in healthcare delivery systems
ramifications of personal health data misuse are several and requires overcoming barriers at multiple levels including
cannot be ignored; therefore, the regulatory framework of the standardization of KPIs, databases, processes, technology
country must be stringent. In fact, national/international and policy/regulatory levels. This entails that right from the
consortia and global data communities must ensure that there outset of its design phase, a synergetic cooperation must be
are adequate rights/instruments and related institutions to assured amongst all the disciplines related to public health.
redress grievances if citizens’ personal sensitive (health) data Such a synchronized multi- stakeholder and
is misused anywhere, without their consent. Learning from multidisciplinary collaboration shall provide an increased
the German example, the citizens must be empowered to level of citizens’ confidence in public healthcare systems,
decide, to hide or block any entry in the health record. This which in turn can go a long way to improve the quality of life
can be achieved through awareness and sensitization. ITU-T (QoL) and achieve “Good Health and well being” for all.
Focus Group on Artificial Intelligence 4 Health (FGAI4H)
can also work on the identification of KPIs, collection REFERENCES
methodology and regulatory/policy aspects arising from the
[1] UN SDG 3: United Nations Sustainable
generation of health data and its usage.
Development Goals Good Health and Well-being.
(n.d.). Retrieved from http://in.one.un.org/page/
In terms of opportunities in this domain, wearable sensors
sustainable-development-goals/sdg-3-2
and implantable medical devices (to monitor and transmit
health recorded data) will feature prominently in the future [2] Winslow, Charles-Edward, Amory (1920). "The
of wireless telemedicine systems. There are already many Untilled Field of Public Health". Modern
examples of wearable/implantable medical devices (e.g., Medicine. 2: 183–191.
cochlear implants, cardiac defibrillators/pacemakers, insulin
[3] Van Teijlingen, E. R., Regmi, P. R., Adhikary, P.,
pumps). In the future, interfacing these wireless sensing
Aryal, N., &Simkhada, P. (2019). Interdisciplinary
devices with 5G will present unprecedented opportunities of
Research in Public Health: Not quite straightforward.
crowdsourcing EHR directly into NHS by the patient herself.
Health Prospect, 18(1), 4-7.
Further, the tactile Internet, an ultra-responsive and ultra-
reliable network connectivity, that is envisioned to transmit [4] Zain Abbas, Nadeem Mahmood and Aqil S M
touch and actuation in real time, will pave the way for real- Burney. Article: Information and Communication
time interactive systems being used directly by the citizens Technology in Healthcare Management Systems:
who would be able to access the NHS by employing agile Prospects for Developing Countries. International
APIs [26].The health sector is experiencing technological Journal of Computer Applications 4(2):27–32, July
advancements which are enhancing the government’s ability 2010. Foundation of Computer Science.
in providing a quality health care in an affordable and
[5] Jarosławski, S., Saberwal, G., 2014. In eHealth in
accessible manner.
India today, the nature of work, the challenges and
the finances: an interview-based study. BMC Med.
The unique contributions of this KM model include clear
Inform. Decis. Mak. 14, 1.
identification of service portfolios to meet health goals and
https://doi.org/10.1186/1472-6947-14-1

– 101 –
2019 ITU Kaleidoscope Academic Conference

[6] Pavlopoulos, S., Kyriacou, E., Berler, A., [18] (n.d.). Retrieved July 13, 2019, from
Dembeyiotis, S., &Koutsouris, D. (1998). A novel https://ors.gov.in/index.html
emergency telemedicine system based on wireless
[19] D. (n.d.). Monitoring of Pesticide Residues at
communication technology-AMBULANCE. IEEE
National Level. Retrieved from
Transactions on Information Technology in
http://agricoop.nic.in/sites/default/files/MPRNL
Biomedicine, 2(4), 261-267.
Guidelines_0.pdf
[7] Rajkomar, A., Oren, E., Chen, K., Dai, A. M., Hajaj,
[20] Food safety. (2019, June 04). Retrieved from
N., Hardt, M., ... & Sundberg, P. (2018). Scalable
http://www.who.int/mediacentre/factsheets/fs399/en
and accurate deep learning with electronic health
/
records. NPJ Digital Medicine, 1(1), 18.
[21] Taylor, M.R., and M.B. Batz. 2008. Harnessing
[8] Subhan, I., Ghazi, S. S., & Nabi, S. (2019). Use of
knowledge to ensure Food Safety: Opportunities to
drones (unmanned aerial vehicles) for supporting
Improve the Nation’s Food Safety Information
emergency medical services in India. Apollo
Infrastructure. Gainesville, FL: Food Safety
Medicine, 16(1), 61.
Research Consortium
[9] Adhikary, T., Jana, A. D., Chakrabarty, A., & Jana,
[22] NitiAyog, GoI (n.d.). National Health Stack-
S. K. (2019, January). The Internet of Things (IoT)
Strategy and Approach. Retrieved June,
Augmentation in Healthcare: An Application
https://niti.gov.in/writereaddata/files/document_
Analytics. In International Conference on
publication/NHS-Strategy-and-Approach-Document
Intelligent Computing and Communication
- for-consultation.pdf
Technologies (pp. 576-583). Springer, Singapore.
[23] GoI (n.d.). India's Trillion-Dollar Digital
[10] Davenport, T. H., &Ronanki, R. (2018). Artificial
Opportunity. Retrieved from
intelligence for the real world. Harvard business
https://meity.gov.in/writereaddata/files/india_trillion
review, 96(1), 108-116.
-dollar_digital_opportunity.pdf
[11] (n.d.). Retrieved Spring, 2019, from
[24] Mathur, P., Srivastava, S., Lalch, A., ani, Mehta,
https://www.england.nhs.uk/2019/06/nhs-aims-to-
J.L., 2017. Evolving Role of Telemedicine in Health
be-a-world-leader-in-ai-and-machine-learning-
Care Delivery in India. Prim. Healthc. Open Access
within-5-years/
7, 1–6. https://doi.org/10.4172/2167-1079.1000260
[12] Blaya, J.A., Fraser, H.S.F., Holt, B., e2010. E-
[25] J. Satyanaraya& Charru Malhotra. (2018).
Health Technologies Show Promise In Developing
Universalization and Replication:-Towards a
Countries. Health Aff. (Millwood) 29, 244–251.
consistent service experience- The role of a Digital
https://doi.org/10.1377/hlthaff.2009.0894
Service Standard (DSS) in Citizen Centric
[13] Wasi, P (2000). “Triangle that moves the mountain” Governance. In, DARPG and NASSCOM
and Health System Reform Movement in Thailand”. Publication, ‘Technology for Accelerating
Human Resources for Health Development Journal Development’, Government of India: New Delhi.
(HRDJ) Vol. 4 No. 2 May-August 2000 URL:https://community.nasscom.in/docs/DOC-
1696.
[14] Srivastava, S. K. (2016). Adoption of electronic
health records: a roadmap for India. Healthcare [26] Mittal, M. & Charru Malhotra (2017). e-Health
informatics research, 22(4), 261-269. Initiatives in India - An Analysis from the
Technological Problem. Indian Institute of Public
[15] Lim, S. S., Allen, K., Bhutta, Z. A., Dandona, L.,
Administration. Unpublished.
Forouzanfar, M. H., Fullman, N., ... &Kinfu, Y.
(2016). Measuring the health-related Sustainable
Development Goals in 188 countries: a baseline
analysis from the Global Burden of Disease Study
2015. The Lancet, 388(10053), 1813-1850.
[16] Barber, R.M. et al, 2017. Healthcare Access and
Quality Index based on mortality from causes
amenable to personal health care in 195 countries
and territories, 1990–2015: a novel analysis from
the Global Burden of Disease Study 2015. The
Lancet 390, 231–266. https://doi.org/
10.1016/S0140- 6736(17)30818-8
[17] India Health Management Information System
(HMIS). (n.d.). Retrieved from
http://ghdx.healthdata.org/series/india-health-
management-information-system-hmis

– 102 –
SESSION 5

SMART TECHNOLOGIES FOR CAREGIVERS

S5.1 Elderly health monitoring system with fall detection using multi-feature based person
tracking
S5.2 A healthcare cost calculator for older patients over the first year after renal transplantation
S5.3 Automatic plan generating system for geriatric care based on mapping similarity and global
optimization
ELDERLY HEALTH MONITORING SYSTEM WITH FALL DETECTION USING MULTI-
FEATURE BASED PERSON TRACKING

Dhananjay Kumar1, Aswin Kumar Ravikumar1, Vivekanandan Dharmalingam1, Ved P. Kafle2

1
Department of Information Technology, Anna University, MIT Campus, Chennai, India
2
National Institute of Information and Communications Technology, Nukui-Kitamachi, Koganei, Tokyo, Japan

ABSTRACT of both. The sensor-oriented surveillance systems generally


utilize accelerometer and GPS sensors to locate the person
The need for personalized surveillance systems for elderly [3]. Although, these sensors provide highly accurate real-
health care has risen drastically. However, recent methods world coordinates, there exists a possibility of sensors being
involving the usage of wearable devices for activity misplaced, not worn by the user, or worn by the wrong user,
monitoring offer limited solutions. To address this issue, we thus restricting the tracking ability of the system. Although
have proposed a system that incorporates a vision-based other alternative methods employing devices like thermal
deep learning solution for elderly surveillance. This system sensors have been proposed to work, they work only within
primarily consists of a novel multi-feature-based person a short range [4-5]. On the whole, sensor-based tracking
tracker (MFPT), supported by an efficient vision-based techniques heavily rely on the assumption that users
person fall detector (VPFD). The MFPT encompasses a continuously wear the devices. In general, sensor-based fall
combination of appearance and motion similarity in order to identification involves the use of triaxial accelerometer
perform effective target association for object tracking. The sensor [6] which records real-world 3D coordinates. The
similarity computations are carried out through Siamese continuous analysis of coordinate information also poses
convolutional neural networks (CNNs) and long-short term difficulty in differentiating between daily activities such as
memory (LSTM). The VPFD employs histogram-of-oriented- sleeping, sitting and standing, implying the need of more
gradients (HoGs) for feature extraction, followed by the sophisticated and accurate systems based on artificial
LSTM network for fall classification. The cloud-based intelligence techniques such as deep learning. Vision-based
storage and retrieval of objects is employed allowing the two fall detection using optical flow and convolutional neural
models to work in a distributed manner. The proposed networks (CNNs) [7] can be used to extract temporal features
system meets the objectives of ITU Focus Group on AI for needed for improving system performance. However,
Health (FG-AI4H) under the category, “falls among the existing customized techniques such as curvelets [8] do not
elderly”. The system also complies with ITU-T F.743.1 extract deep features for human representation to detect falls.
standard, and it has been evaluated over benchmarked
object tracking and fall detection datasets. The evaluation Visual object tracking can be categorized into two broad
results show that our system achieves the tracking precision categories namely detection-based tracking and detection-
of 94.67% and the accuracy of 98.01% in fall detection, free tracking. The detection-based tracking consists of three
making it practical for health care system use. The HoG main components: moving object detection, object
feature-based LSTM model is a promising item to be classification and localization, and object tracking [9]. The
standardized in ITU for fall detection in elderly healthcare moving object detection component identifies the salient
management under the requirements and service description objects that are present in the current frame using bounding
provided by ITU-T F.743.1. boxes. Object classification is carried out in identifying the
detected objects and segregating into specific classes, while
Keywords – CNN, fall detection, HoG, LSTM, object the tracking is performed for target association in subsequent
tracking frames. On the other hand, detection-free tracking does not
involve recognition of different objects, rather it utilizes
1. INTRODUCTION motion features in order to locate moving objects. Typical
detection-free tracking involves the usage of optical flow,
According to the United Nations (UN) report on ageing background subtraction in order to eliminate static objects in
world population [1], the population of elderly people will each frame. Tracking based on background subtraction in
rise to 2 billion by the year 2050. The guidelines for video usually requires manual intervention to identify scene-
Integrated Care for Older People (ICOPE) [2] released by the specific objects [10]. An optical flow-based tracking
World Health Organization (WHO) clearly indicates that algorithm also requires additional support from appearance
accidental fall is one of the common reasons for the decline modelling in order to produce accurate results. Optical flow
in the health of the elderly. The surveillance system for along with blob analysis yields better traffic surveillance
effectively monitoring the elderly’s health can be achieved systems [11]. However, these algorithms are only capable of
by either a sensor or vision-based system, or a combination

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 105 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

tracking generic objects rather than specific objects, which 2. BACKGROUND


may lead to a reduction in the efficiency of the system.
2.1 HOG Feature Descriptor
Detection-based tracking algorithms first identify the target
object to be tracked and then find the object in each frame of HoG-based feature extraction [17] uses edge orientations for
the video. Unique object identification can be achieved with object detection. It operates on grayscale image and its
the help of salient features the object possesses. Many workflow is as follows: Initially gradient computation is
methods have exploited the object appearance as an carried out for each pixel in the image, by placing a mask on
important feature to represent it in a numerical way. The the image with a pixel as its center and performing element-
appearance features such as histogram of oriented gradients, wise multiplication. The orientations of these gradients are
scale invariant feature transform and local Binary Pattern further found out and a histogram of orientations is created
have significantly improved the overall accuracy of object for each block. This is then subjected to both local and global
detection and tracking. normalization to finally produce the required feature
descriptor.
Some of the difficulties of existing feature extraction
methods have been overcome by CNN in more complex 2.2 CNN Based Feature Extraction
object segmentation-cum-detection processes [12-13].
Further extension of the generalized object detection using CNN [12] utilizes kernels for automatic deep feature
CNN [14] allows specific object tracking to be performed extraction, classification or detection. The CNN model
with high precision. The usage of Long Short-Term Memory commonly consists of two important segments: automatic
(LSTM) helps in inferring deeper features from time-series feature extraction and dimensionality reduction. Feature
data, thus posing it as a potential technique to be coupled extraction is achieved with the help of convolutional layers.
with CNN for multiple object tracking. Siamese CNN helps A convolutional layer consists of different kernels which
in finding similarities in consecutive frames, due to its learn different features, through backpropagation. The
identical sub-network components [15]. stacking of different convolutional layers allows learning of
deeper features. Dimensionality reduction is achieved with
The ITU-T Focus Group on Artificial Intelligence for Health the help of pooling layers and dense layers. A combination
(FG-AI4H) has considered “Falls among the elderly” [16] as of all these layers allows the construction of a CNN model
one of the key areas that needs to be addressed for better that can be utilized to solve different domain problems.
healthcare. Although curvelet coefficient-based fall
detection techniques [7] have translation and scaling 2.3 Long Short-Term Memory Network
invariant properties, detection accuracy suffers in complex
background and moving objects. A machine learning-based A long short-term memory (LSTM) network [18] is a
approach [8] can handle complex scenarios of detection, but recurrent neural network that performs well for time-series
training a CNN-based generic network is not only inefficient, based analysis in extracting temporal features. The LSTM
but also difficult to achieve a higher accuracy of fall network is made of stacks of cells in order to represent the
detection in real-time environments. sequential data better. An LSTM cell consists of an input
gate, an output gate, and a forget gate. The input gate allows
To address the above limitations, we propose a system that new information to enter into the cell, while the forget gate
utilizes machine-learning techniques to improve its helps in remembering only the important information
performance accuracy. The major contribution of this work regarding the input data in achieving higher performance.
is twofold: a person tracker that considers both appearance The LSTM cell incorporates a sigmoid activation function to
and motion features for target association, and a fall detector restrict the information flow within it and tanh function in
that considers the sequence of person orientations. Our order to remember relevant features.
models are designed to leverage deep-learning techniques
while complying with the criteria set by the ITU FG-AI4H. 3. PROPOSED SYSTEM
Both the models have been developed as per
Recommendation ITU-T F.743.1 – “Requirements for The architecture of the proposed system, as shown in Figure
intelligent visual surveillance”. In our system, target 1, consists of three components: client, server and cloud
recognition and association are achieved with the service. The overall workflow in the proposed system is as
combination of CNN and LSTM to uniquely distinguish follows. A client, typically a hospital room or elderly home,
persons from other objects. The core of the system is HoG is configured to stream videos, to the receiver (medical
for feature extraction which is an LSTM based model for fall center/care takers) over HTTP using ITU-T H.264 encoding.
detection, a promising candidate for standardization in ITU. The frame processing and video analysis are carried out on
the server end where both MFPD and VPFD models are
The remainder of the paper is organized as follows. Section executed to track persons and detect occurrences of human
2 provides a background overview and section 3 describes falls. The detected person’s location and image is stored in
the proposed system. The implementation detail for the cloud along with the fall occurrence status. An alert is
performance evaluation and experimental results are generated at the concerned client end, either a hospital or a
presented in section 4, while section 5 concludes the paper.

– 106 –
ICT for Health: Networks, standards and innovation

ANALYTICS SERVER
VPFD
Angle based
HoG LSTM Fall
Person - Fall
CLIENT Feature Detection
association
Elderly Homes Frame Extraction
selection
H.264 Video based on
SSIM MFPT TARGET ASSOCIATION
through IP
network Person Siamese CNN LSTM for
Detection using for image prediction
YOLO Model similarity
Confidence Score

Existing New
Medical Centre Person Update Person Add new
Appearance, Information Person
Fall detected alert Location Storage
generation
CLOUD STORAGE AND RETRIEVAL

Figure 1 – The architecture of the proposed model

family member, to provide location information of the confidence score has been used as a threshold to eliminate
persons who has fallen. false positive detections. The YOLO model trained on the
COCO dataset [20] has the ability to detect many different
3.1 Key Frame Selection object classes. The output of the model is then filtered to
contain bounding box values of class ‘person’ only.
In the server end, key frame selection has been carried out to
improve the overall processing speed of the system without 3.3 Target Association
degrading its performance. This is achieved by comparing
the previous processed frame and incoming frame using the Target association is the process of mapping the existing
structural similarity index (SSIM), which is calculated by objects with newly detected objects from the current frame.
Equation 1. After preprocessing and person detection stages, one of two
possibilities are tested, either any of the previously moving
(2𝜇𝑋 𝜇𝑦 + 𝑐1 )(2𝜎𝑥𝑦 + 𝑐2 ) persons could have moved to the new position or a new
𝑓(𝑥, 𝑦) = (1) person could have started moving. Using this fact, tracking
(𝜇𝑥2 + 𝜇𝑦2 + 𝑐1 )(𝜎𝑥2 + 𝜎𝑦2 + 𝑐2 )
can be carried out for all persons, who enter and exit the
scene in the video. This architecture performs tracking of the
Where 𝜇𝑋 , 𝜎𝑥2 are the mean and variance of pixels detected persons from the CNN using two distinct features,
in image x respectively and 𝜇𝑦 and 𝜎𝑦2 are the namely the visual feature and motion feature. The visual
mean and variance of pixels in image y, feature denotes the image similarity that helps find whether
respectively. the currently found person matches with the appearance of
one of the existing persons. The motion feature denotes the
The SSIM index value is subjected to a custom threshold to possibility of the existing person moving from his/her
process only dissimilar images by the system. Similar images previous location to the location of the currently detected
are simply skipped for faster video processing. object. Visual and motion features are obtained using
Siamese CNN and LSTM respectively. The utilization of
3.2 Person Detection dual features allows the handling of sudden entry and exit of
persons in the given video.
The decoded frames from the preprocessing stage are given
to the object detector to accurately classify and localize 3.4 Image Similarity
different objects present in each frame. This is achieved with
the help of the CNN-based YOLO model [19]. The given Siamese CNN, shown in Figure 2, is a neural network model
frame is fed as input to the YOLO model, which divides it that operates on a pair of images and produces a score
into segments and finds objects in each segment, along with denoting the appearance similarity between the two images.
their bounding box coordinates and confidence score. The Bounding box coordinates obtained in the previous step

– 107 –
2019 ITU Kaleidoscope Academic Conference

have been used to extract the person’s image from the frame. 3.5 Motion Similarity
The previously stored person’s images are then compared
with the extracted image. The feature extraction layers in Motion prediction has been used in the proposed system in
this CNN network are made the same for both images, thus order to associate objects based on their recent movements.
making it vertically symmetrical. The resultant features of This has been implemented using LSTM on the basis of the
both images are merged by finding the element-wise previous 12 center coordinates of stored persons. This vector
squared difference. It is then fed into fully-connected layers is fed as input to the Motion LSTM model which performs
for dimensionality reduction and finally to obtain the temporal processing and predicts the new center for each
similarity score. stored person. This center indicates the next possible position

Algorithm 2: Motion similarity


Symmetrical -------------------------------------
Layers
Input: Pprev – Previously detected person
Convolutional, Max Convolutional, Max Pcurr – Currently detected person
Pooling Layers Pooling Layers
Output: S – motion similarity matrix
Model motion= Trained motion LSTM model
Feature Concatenation M = count (Pcurr)
N = count (Pprev)
Dense Layers S = Null matrix of dimensions M*N
for i = {0,1, …., M-1}
center curr = P curr [i].center
Similarity Score for j = {0, 1, ……, N-1}
center_seq prev = Pprev [j].center [{1, 2…,12}]
center pred = Model motion ()
dist = Euclid_Dist (center curr, center pred)
Figure 2 - Image similarity using Siamese CNN score = 1/dist
if score > threshold:
A custom threshold is employed, where scores greater than S[i][j] = score
a threshold value are considered similar and vice versa end if
(Algorithm 1). end for
end for
Algorithm 1: Image similarity return S
-------------------------------------
Input: Pprev – Previously detected persons of the person. The predicted centers are compared with the
centers of the currently detected persons via Euclidean
Pcurr – Currently detected persons
distance and inverse of this value is considered as the overall
Output: S – appearance similarity matrix motion score (Algorithm 2).
Model app = Trained Siamese CNN model
M = count (Pcurr) 3.6 Object Mapping
N = count (Pprev)
S = Null matrix of dimensions M*N The mapping of previous to current persons is achieved by
for i = {0,1, …., M-1} finding the best candidate for each currently detected person
img curr = P curr [i].img from the appearance and motion similarity matrices. A map
for j = {0, 1, ……, N-1} data structure helps in store the detected persons in each
img prev = Pprev [j].img video frame efficiently. The map stores information in
input = (img curr, img prev) distinct key-value pairs. A unique ID is assigned for every
score = Model app (input) person appearing at any part of the video. Each person
if score > threshold: detected in the frame is stored in the map data structure with
S[i][j] = score an ID as the key and the bounding box coordinates, frame
end if number in which he/she was detected and the previous center
end for list as value. During the retrieval of the person for target
end for association, only the candidates which have a frame number
less than the current frame number are considered, in order
return S
to avoid mismatching. The best candidate for the current
person is selected by choosing the person with the highest
appearance similarity and with a motion similarity greater
than a specific threshold. The best candidate values are
updated to match the current target. If no such match is found
for the target, then the target is newly added into the map

– 108 –
ICT for Health: Networks, standards and innovation

data structure. This data structure is stored in the cloud and


both MFPD and VPFD access the data. This reduces the 𝑂𝐴 . 𝑂𝐵
overall workload and allows multiple computers to run tasks cos 𝛼 = (4)
|𝑂𝐴||𝑂𝐵|
in parallel improving the processing speed. The map data
structure is made persistent in order to last till the end of the The person with an angle greater than the specific threshold
video instead of removing the objects that have temporarily
exited, which helps in handling short-term occlusions. Also,
this persistent data structure allows persons to be tracked Algorithm 3: Fall Detection
through different cameras in the surveillance system. -----------------------------------
Input: curr – current frame index
3.7 Fall Detection seq – sequence of frames
Pcurr – Currently detected persons
The VPFD model constitutes two important phases: feature Output: FP – Fallen person
extraction using HoG and sequence analysis using LSTM. Model fall = Trained HoG-LSTM model
For each frame, the image is converted to grayscale and N = count (Pcurr)
resized to a dimension of 640 x 480 in order to maintain the T = time window
same dimension of the resultant feature vector during the max_angle = 0
training and testing phase. The HoG feature vector is then FP = None
computed from the reshaped image and passed on to the data = empty array
LSTM model. For each frame, the HoG features of the for j = {0,1, ……, T-1}
previous three frames, including the current frame are feature = HoG(seq[i-j])
considered as input to the LSTM model. Temporal sequence data.append(feature)
of feature vectors is taken into account to eliminate false end for
detection, thus improving the capability of differentiating val = Model fall (data)
falls and actions of daily-living. The model output indicates if val > threshold
the occurrence of a fall. In order to map the fall with the for k = {1,2, ……., N}
detected person, angles of previous center coordinates are angle = find_avg_angle (Pcurr[k].center, T)
calculated as shown in Equation 2. The midpoint of the lower if max_angle < angle
boundary line of the image is taken as the reference plane for max_angle = angle
angle computation as shown in Figure 3.
FP = k
end if
end for
end if
Current return FP
Previous center
center
A is determined as the fallen person (Algorithm 3). The
B possibility of multiple persons falling at the same time can
also be taken into consideration in this approach. The
(x2, y2) (x1, y1)
threshold value helps in eliminating false fall detection
instances.
α \

4. IMPLEMENTATION AND RESULTS


(x0, y0) O Reference plane
Figure 3 – Angle between two centers of same person The proposed system has been implemented and tested on
the Intel i5 processor CPU and Nvidia GeForce 940MX GPU
Vector-based notation is utilized to represent both OA and over standard datasets. The MFPT model is trained on the
OB vectors respectively, as given in following equations. Object Tracking Benchmark (OTB - 100) dataset and
Multiple Object Tracking (MOT) dataset. The UR Fall
dataset [21] is utilized to train the VPFD model. The
𝑂𝐴 = (x1 − x0)𝑖 + (𝑦1 − 𝑦0)𝑗 (2)
proposed system has been implemented using the Python
programming language. FFMPEG has been utilized for
𝑂𝐵 = (x2 − x0)𝑖 + (𝑦2 − 𝑦0)𝑗 (3)
video encoding and decoding purposes. The image pre-
processing techniques are executed with the help of OpenCV
The angle between vectors OA and OB can be obtained by library. The Keras library in Python was used to create both
finding the cosine inverse of the dot product of two vectors the CNN and LSTM deep-learning models. The overall
as: performance of the proposed system is shown in Figure 4,
where a red boundary indicates that a person is falling.

– 109 –
2019 ITU Kaleidoscope Academic Conference

actual outputs. The model is then trained with this data


sequence using the parameters shown in Table 3.

The training phase results in Figure 5 show the model


convergence with respect to the input data after 350 epochs.
The slight increase of loss during the 150 th epoch indicates
that the model slightly falls in the local minimum rather than
attaining global minimum. The use of Adam optimizer helps
Figure 4 – System applied on UR Fall dataset to regularize the parameters during this stage and allows to
further decrease the overall loss value of the network.
4.1 Siamese CNN Implementation
Table 3 –Motion LSTM parameters
The Siamese CNN has been trained on a custom dataset
generated from OTB and MOT datasets. This custom dataset S. No. Parameter Value
is created by extracting the images of all the persons present 1 Learning Rate 0.001
in all the videos of the dataset using ground truth information. 2 Optimizer Adam
Similar and non-similar pairs of images are generated from 3 Total epoch 350
the custom dataset by pairing images of the same object and
4 Train split 80%
pairing images of different objects respectively. The training
5 Test split 20%
parameters of this network are shown in Table 1. The
network is trained such that similar pair inputs produce a 6 No. of LSTM units used 25
score closer to 1 and dissimilar pair inputs produce a score 7 Euclidean distance threshold 10
closer to 0. for motion similarity

Table 1 – Siamese CNN parameters 350


S. No. Parameter Value 300
1 Learning Rate 0.001 250
2 Optimizer Adam 200
Loss

3 Total epoch 5 150


4 Train image split 70%
5 Test image split 30% 100
6 No. of convolutional layers 9 50
used 0
7 No. of Pooling layers used 4
0 100 200 300 400
8 No. of Dense layers used 2
9 Threshold for image similarity 0.5 Epoch

The trained model is then subjected to network pruning in


order to increase the processing speed of the model. The Figure 5 – Validation phase of LSTM
overall training and validation phase of the model, shown in
Table 2, indicates the maximum accuracy attained after 5 4.3 MFPT Results
epochs.
The performance of MFPT has been analyzed using the
Table 2 – Validation phase of Siamese CNN following two metrics: precision and multiple object tracking
accuracy (MOTA). Precision is the measure of detecting
Epoch Loss Accuracy (%) objects with appropriate bounding boxes. This is calculated
1 0.3879 82.22 by finding the Manhattan distance between the predicted
2 0.2716 86.39
bounding box center and actual bounding box center. If the
distance is less than the threshold then it indicates correct
3 0.2014 87.82
object detection. The average precision of the tracker for all
4 0.1862 91.78 the person videos in the OTB 100 dataset is shown in Figure
5 0.1713 92.07 6. The percentage of average precision at threshold value of
20 is 94.67%.
4.2 LSTM Implementation

A custom dataset containing the center coordinates of objects


from OTB and MOT datasets has been utilized for the overall
training of the motion-LSTM model. From the dataset,
random sequences of length 12 are extracted as inputs to the
model and centers of each sequence are considered as the

– 110 –
ICT for Health: Networks, standards and innovation

videos. Every frame in the dataset video is resized to 640 x


480 in order to maintain uniformity in feature dimension.
After applying HoG, the training sequences for LSTM are
generated by considering three consecutive frames and their
feature vectors. The output for this sequence is majority
voting of the ground truth values for each frame. These
sequences are passed as training input to the LSTM model
initialized with parameters as shown in Table 5.

The validation phase of the fall detector in Table 6, indicates


that the VPFD model has learnt to differentiate between fall
and non-fall sequences with high accuracy.

The accuracy comparison of various methods in Table 7


Figure 6 – Average precision in OTB 100 data set
show that better feature extraction and effective time series
representation can improve the overall performance of the
MOTA, denotes how well the tracker is able to map the
fall detector.
person to a unique ID from the entrance till the exit of the
object from the video. This metric is calculated with the help
Table 5 – Fall LSTM parameters
of four parameters, namely the number of correct detections,
number of misses, number of wrong detections and number S. No. Parameter Value
of ID switches. The correct detections denote the assignment
of correct IDs to corresponding persons. Misses denote the 1 Learning Rate 0.001
count of persons that the tracker did not detect. Wrong 2 Optimizer Adam
detections signify the action of the tracker to make false 3 Total epoch 6
person detections and the ID switches denote the number of 4 Train split 80%
times the object’s ID has been changed. The overall MOT 5 Test split 20%
accuracy is calculated using Equation 5. 6 No. of LSTM units used 64

𝑀𝑂𝑇𝐴 = 1 – (𝑀 + 𝑊𝐷 + 𝐼𝐷𝑠𝑤𝑖𝑡𝑐ℎ ) / (𝑂𝑏𝑗𝑔𝑡 ) (5)


Table 6 – Validation phase of VPFD
Where M denotes person misses, WD denotes wrong person
detections, ID switch represents ID switches and Obj gt denotes Epoch Loss Accuracy %
total persons in the entire video. 1 0.2937 87.42
2 0.1401 93.45
The accuracy for the MOT dataset along with the four
mentioned parameters is listed in Table 4. This table also 3 0.1051 96.52
shows the performance comparison of three different sub 4 0.0874 97.68
components. The results show that the combination of 5 0.1211 95.20
appearance and motion similarity yields higher accuracy. 6 0.0553 98.01

Table 4 – MOTA results Table 7 – Comparison of methods based on accuracy

Method Correct Miss Wrong ID MOTA S. No. Method Accuracy %


Detects Detects switch
1 Curvelets + HMM [7] 96.88
CNN + 78.23% 12.2% 3.3% 7.5% 76.6% 2 Optical Flow + CNN [8] 95.00
LSTM 3 HoG + LSTM (Proposed) 98.01

CNN 77.1% 15.4% 7.01% 7.5% 70.1% Although fall detection methods based on curvelets and
HMM [7] produce higher accuracy than the optical flow
LSTM 78.96% 14% 8.1% 7.1% 70.8% technique with CNN [8], the proposed technique employing
HoG features in LSTM achieves significantly higher
4.4 VPFD Results accuracy due to an enhanced learning technique.

The UR Fall dataset has been utilized for the training and 5. CONCLUSION
validation phase of the VPFD model. The fall dataset
consists of 30 Fall event videos and 40 normal videos The proposed system is based on the combination of two
containing daily life activities. The ground truth specifies models: MFPT and VPFD to monitor an elderly person’s
whether fall has occurred in each and every frame of the health related activities and report any falls detected through

– 111 –
2019 ITU Kaleidoscope Academic Conference

video surveillance. The system is designed to work within a [8] A. Núñez-Marcos, G. Azkune, and I. Arganda-
confined location such as hospitals, indoor rooms and public Carreras, "Vision-based fall detection with
places. The system has been tested on two different datasets convolutional neural networks", Wireless
of MOT and UR Fall and evaluated the performance of both Communications and Mobile computing, Volume
models. The MFPT model’s precision and accuracy denote 2017, Article ID 9474806, 2017.
the fact that multiple feature-based models help in achieving
higher efficiency. The proposed system achieved 94.67% [9] H. S. Parekh, D. G. Thakore, and U. K. Jaliya, "A
precision in tracking and 98.01% accuracy in elderly fall survey on object detection and tracking methods,
detection. The usage of LSTM model in both the models has " International Journal of Innovative Research in
aided in representing time-series data effectively. The Computer and Communication Engineering vol 2, no.
proposed system for elderly healthcare in homes and 2 pp. 2970-2979, 2014.
hospitals can be standardized in ITU-T Study Group 16,
which is the parent group of Focus Group on Artificial [10] A. Aggarwal, S. Biswas, S. Singh, S. Sural, and A. K.
Intelligence for Health (FG-AI4H). The proposed work can Majumdar, "Object tracking using background
be extended to detect different activities apart from fall subtraction and motion estimation in MPEG videos,"
detection, and recognize and report in the cases of anomalies. Asian Conference on Computer Vision, Springer, pp.
The fall detection module consisting of a HoG feature-based 121-130, 2006.
LSTM training network is the standardization item.
[11] S. Aslani,, and H. M. Nasab, "Optical flow based
REFERENCES moving object detection and tracking for traffic
surveillance," International Journal of Electrical,
[1] World Population Aging Report, United Nations Electronics, Communication, Energy Science and
2017, Engineering” vol. 7, no. 9 pp. 789-793, 2013.
https://www.un.org/en/development/desa/population
/publications/pdf/ageing/WPA2017_Highlights.pdf [12] Y. LeCun, L. Bottou, Y. Bengio, and P. Haffner,
"Gradient-based learning applied to document
[2] WHO Guidelines on Integrated Care for Older recognition," Proceedings of the IEEE, vol. 86, no.
People: 11, pp. 2278-2324, 1998.
https://www.who.int/ageing/publications/guidelines-
icope/en/ [13] R. Girshick, J. Donahue, T. Darrell, and J. Malik,
"Rich feature hierarchies for accurate object detection
[3] S. Van der Spek, J. Van Schaick, P. De Bois, and R. and semantic segmentation," IEEE conference on
De Haan, "Sensing human activity: GPS Computer Vision and Pattern Recognition, pp. 580-
tracking," Sensors vol. 9 no. 4, pp. 3033-3055, 2009. 587, 2014.

[4] S. K. Opoku, "An indoor tracking system based on [14] D. Held, S. Thrun, and S. Savarese, "Learning to track
bluetooth technology," arXiv preprint arXiv at 100 fps with deep regression networks," European
1209.3053, 2012. Conference on Computer Vision, pp. 749-765., 2016.
https://arxiv.org/ftp/arxiv/papers/1209/1209.3053.pd
f [15] X. Liu, Y. Zhou, J. Zhao, R. Yao, B. Liu and Y.
Zheng, "Siamese Convolutional Neural Networks for
[5] M. Shankar, J. B. Burchett, Q. Hao, B. D. Guenther, Remote Sensing Scene Classification," IEEE
and D. J. Brady, "Human-tracking systems using Geoscience and Remote Sensing Letters. vol. 16, no.
pyroelectric infrared detectors," Optical 8, pp. 1200-1204, Aug. 2019.
Engineering, vol 45, no. 10, 2006.
[16] ITU focus group on “Artificial Intelligence for
[6] F. Wu, H. Zhao, Y. Zhao, and H. Zhong, Health” https://www.itu.int/en/ITU-
"Development of a wearable-sensor-based fall T/focusgroups/ai4h/Pages/default.aspx
detection system," International Journal of
Telemedicine and Applications, Vol 2015 Article ID [17] N. Dalal, and B. Triggs, "Histograms of oriented
576364, 2015 gradients for human detection,” IEEE Conference on
Computer Vision & Pattern Recognition (CVPR'05),
[7] N. Zerrouki, and A. Houacine, "Combined curvelets vol. 1, pp. 886-893. IEEE Computer Society, 2005.
and hidden Markov models for human fall
detection", Multimedia Tools and Applications vol [18] S. Hochreiter, and J. Schmidhuber, "Long short-term
77 no. 5 pp. 6405-6424, 2018. memory," Neural Computation vol. 9, no. 8 pp. 1735-
1780, 1997.

– 112 –
ICT for Health: Networks, standards and innovation

[19] J. Redmon, S. Divvala, R. Girshick, and A. Farhadi, [21] B. Kwolek, and M. Kepski, "Human fall detection on
"You only look once: Unified, real-time object embedded platform using depth maps and wireless
detection," Procs. of the IEEE Conferece on accelerometer," Computer Methods and Programs in
Computer Vision and Pattern Recognition, pp. 779- Biomedicine vol. 117, no. 3 pp. 489-501, 2014.
788. 2016.

[20] T. Lin, M. Maire, S. Belongie, J. Hays, P. Perona, D.


Ramanan, P. Dollár, and C. L. Zitnick, "Microsoft
coco: Common objects in context," European
Conference on Computer Vision, pp. 740-755, 2014.

– 113 –
A HEALTHCARE COST CALCULATOR FOR OLDER PATIENTS OVER THE FIRST
YEAR AFTER RENAL TRANSPLANTATION

Rui Fu1; Nicholas Mitsakakis1; Peter C. Coyte1

1
Institute of Health Policy, Management and Evaluation, University of Toronto, Canada

ABSTRACT Multiple clinical decision aids have been developed to help


inform patients, families and the health system about
Forecasting tools that accurately predict post- possible outcomes once patients have received a transplant.
transplantation healthcare use of older end-stage renal Patzer et al. [8] from Atlanta, Georgia, US have developed
disease (ESRD) patients are needed at the time of iChoose Kidney (http://ichoosekidney.emory.edu/), a risk
transplantation in order to ensure smooth care delivery in calculator that provides individualized one and three-year
the post-transplant period. We addressed this need by mortality estimates for dialysis or transplantation. The
developing a machine-learning-based calculator that calculator is based on conventional multivariate logistic
predicts the cost of healthcare for older recipients of a regression models applied to large person-level records
deceased-donor kidney over the first year following extracted from the US Renal Disease System (USRDS) and
transplantation. Regression tree and regularized linear has been validated outside of the US (in Ontario, Canada [9])
regression methods, including ridge regression, lasso with acceptable performance.
regression and elastic net regression were explored on all
cases of deceased-donor renal transplants performed for For patients undergoing transplantation, surprisingly, little
patients aged over 60 in Ontario, Canada between March 31, effort has been made to understand their imminent use of
2002 and April 31, 2013 (N=1328), The optimal model healthcare services after transplantation, especially during
(lasso) identified age, membership of one of 14 regionalized the first post-transplant year, a high-risk period marked by
Local Health Integration Networks, blood type, sensitization, elevated rates of hospitalization and intensive use of care [7].
having diabetes as the primary case of ESRD, total This is an urgent gap in healthcare planning since renal
healthcare costs in the 12-month pre-workup period and the transplant recipients, especially those aged over 60, require
6-month workup period to be inputs to the cost calculator. care planning immediately after surgery to ensure optimal
This cost calculator, in conjunction with clinical outcome outcomes. Hence, predictive tools are required to foresee
information, will aid health system planning and their use of healthcare after transplantation using information
performance to ensure better management of recipients of available at the time of transplant.
scarce kidneys.
Recent years have witnessed exponential growth of machine-
Keywords –healthcare costs, health economics, machine learning applications in healthcare [10]–[13], including
learning, renal transplant studies of organ transplantation [10], [12], [13]. Haddad et al.
[10] used machine-learning methods to predict the total
1. INTRODUCTION hospital cost of liver transplant recipients at one-year after
transplant, and found comorbidities to be the most significant
End-stage renal disease (ESRD) is the terminal stage of drivers of high cost. However, their study is limited by the
chronic kidney disease [1]. At this stage, patients have lost at hospital setting and short observational window (from 2011
least 85% of renal function and require immediate initiation to 2012). Furthermore, their use of the Charlson Comorbidity
of renal replacement therapy, whether by lifelong dialysis or Index and van Walraven Score, both ordinal measures of
renal transplantation, to sustain life [1]. Compared with comorbidities, impeded their ability to unveil potential
dialysis, transplantation is preferred for most patients since associations between the use of healthcare and specific types
it improves health outcomes in the long run at substantially of comorbid conditions. Additionally, the optimal model
lower costs [2], [3]. However, unless patients can identify a estimated in their study (Support Vector Machine with linear
medically compatible living donor at the time of diagnosis, kernel) does not directly identify a set of cost predictors.
they must wait for a kidney from a deceased donor, a scarce
healthcare resource. Average waiting time in the US and In the present study, we used machine-learning methods to
Canada has exceeded five and four years, respectively, in develop a calculator that predicts the healthcare costs of
recent years [4], [5]. Meanwhile, transplantation has deceased-donor renal transplant recipients aged over 60
extremely high upfront costs to the healthcare system, which during the first year after transplant using patient-level
may not pay off until decades after transplantation, characteristics known at the time of transplantation. To the
especially for older recipients [6], [7]. best of our knowledge, this is the first investigation that uses

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 115 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

machine-learning methods to predict patient-level healthcare 2.4.2 Socioeconomic status


costs following renal transplantation.
We included each patient’s membership of one of 14
2. MATERIAL AND VARIABLES regionally based Local Health Integration Networks
(LHINs), which govern and coordinate health and social
2.1 Patient population services in Ontario, Canada [18].

We used all cases of kidney-only transplantation from a 2.4.3 Comorbidities


deceased donor performed in Ontario, Canada between
March 31, 2002 and April 1, 2013. Recipients aged over 60 We considered each patient’s status of the 11 Collapsed
were followed until death or to April 1, 2016 (N=1425). We Aggregated Disease Groups (CADG) as defined in Johns
excluded the small number of patients who died within one Hopkins’ Adjusted Clinical Group (ACG® [19]) case-mix
year after transplant (N=70, 4.9%) in order to have our final system, a well-validated method of categorizing
model generalize to the more homogeneous group of comorbidities [20]. We excluded CADG 12 (pregnancy)
transplant recipients who survived for at least a year. We since no patients in our cohort were pregnant at the time of
further excluded patients with missing data on healthcare use transplantation. CADGs were established using
(N=27, 1.9%), most of whom were transplanted during the administrative records, including diagnostic codes in the
earliest year of our study period, 2002 (N=19 of the 27 format of the International Statistical Classification of
patients with unknown healthcare use). These exclusions Disease and Related Health Problems, 10th version, Canada
resulted in a total of 1328 transplant recipients in the cohort. (ICD-10-CA), from the Discharge Abstract Database (DAD),
a database that includes acute care inpatient hospitalization;
2.2 Data sources physician billing codes from the Ontario Health Insurance
Plan (OHIP); and records from the National Ambulatory
We used a multicenter, population-based dataset derived by Care Reporting System (NACRS). ICD-10-CA codes were
the Institute for Clinical Evaluative Sciences (ICES) in first assigned to one of the 32 Aggregated Diagnosis Groups
Toronto, Ontario, Canada. Person-level records submitted by (ADG) based on five clinical dimensions, including the
all (six) transplantation centers in Ontario to the Canadian duration of the condition, severity, diagnostic certainty,
Organ Replacement Registry (CORR), a national database etiology and involvement of special care. ADGs were then
that tracks end-stage organ failure patients, were linked to collapsed into 12 CADGs based on the likelihood that the
various health service utilization and administrative condition would persist or recur, severity and the type of
databases using a validated unique patient identifier [14]. healthcare services required [19].

2.3 Outcome 2.4.4 Clinical characteristics

We focused on total healthcare costs of transplant recipients We included sensitization indicated by level of peak panel
during the first year after transplantation. In Ontario, Canada, reactive antibodies (PRA) of 0% (not sensitized) or > 0%
renal transplantation is covered for all residents by universal (sensitized), primary cause of ESRD (glomerulonephritis /
public health insurance. Costs were calculated at the patient autoimmune, diabetes, renal vascular, cystic / genetic, or
level across healthcare sectors using a validated, micro- others), and blood type (O, A, B, or AB).
costing, algorithm [15]. We reported costs in Canadian
Dollars (CAD) that were adjusted to 2019 (April) values 2.4.5 Transplant information
using the monthly Consumer Price Index [16], where $1.00
CAD = $0.75 USD [17]. We considered dialysis vintage (pre-emptive transplant or
transplantation without initiating dialysis, or transplant
2.4 Predictors following dialysis duration of <6 months, 6-12 months or >
12 months) and graft number (first graft or re-graft).
We considered a similar set of patient-level predictors as
those examined by Patzer et al. [8] and Tan et al. [9] in their 2.4.6 Pre-transplant healthcare use
respective iChoose Kidney models. Five categories of patient
attributes were collected at transplantation that we have For each patient, we calculated the total healthcare costs for
listed below. during a 6-month workup period before transplant and for
the 12-month period before the start of workup (i.e., pre-
2.4.1 Demographics workup). Costs were measured in 2019 (April) CAD.

We included patient sex (female or male), age (61-70, 71-80, There were missing values found in our dataset for race
or 81+) and race (Caucasian, African American, Asian or (N=98, 7.4%), sensitization (N=237, 17.8%) and primary
Pacific Islanders, or others). cause of ESRD (N=296, 22.3%). In our primary regression
analysis, we imputed Caucasian for those with missing race,
not sensitized (peak PRA = 0%) for those with missing
sensitization, and glomerulonephritis / autoimmune for

– 116 –
ICT for Health: Networks, standards and innovation

patients with missing primary cause of ESRD. We addressed blood type AB and shorter dialysis durations [23]), we
the two variables with significantly missing values (peak applied three regularized linear regression methods.
PRA and primary cause of ESRD) using multiple imputation
methods in sensitivity analysis (see Sensitivity Analysis). 3.1.1 Ridge regression
Reference-based characteristics were male; age 71-80;
Caucasian; from LHIN A; comorbidity-free; not sensitized Ridge regression aims to minimize the sum of the original
(peak PRA = 0%); ESRD caused by glomerulonephritis / loss function 𝑙0 and a regularized term, known as the L2
autoimmune; blood type A; and having received a first graft Norm [24] that we described below. As the parameter 𝜆
pre-emptively. increases, 𝑤𝑗 is shrunk towards 0. Optimal 𝜆 is determined
by ten-fold CV within the training set such that the averaged
3. DATA ANALYSIS test RMSE is minimized.

We first summarized patient characteristics at baseline 𝑝


2
(transplantation). Continuous variables were represented by ‖𝒘‖2 = 𝜆 ∑ (𝑤𝑗 )
𝑗=1
means and standard deviations (SD), as well as by medians
and inter-quantile ranges (IQR). Categorical variables were 3.1.2 Lasso regression
summarized by counts and percentages.
Lasso or least absolute shrinkage and selection operator [25]
Similar to the methods employed by Haddad et al. [10], we searches for estimates of 𝑤𝑗 that minimize the sun of the
included patients transplanted between 2012 and 2014 in the
original loss function 𝑙0 and the L1 Norm that we presented
testing set (N=294, 22.1%) while the remainder were in the
below. Compared with ridge regression, lasso forces the
training set (N=1034, 77.9%), achieving a size ratio (testing:
weights of some predictors to be zero to achieve a sparse
training) of roughly 2:8 [21]. This ratio is reflective of idea
model. Similar with ridge regression, the optimal 𝜆 value is
practice in machine learning whereby earlier data is used to
selected by ten-fold CV such that the averaged test RMSE is
construct models and more recent data (in our case, 2012-
minimized within the training set.
2014) used to validate such models [10]. The optimal model
was selected by ten-fold cross-validation (CV) on the testing 𝑝
set based on the averaged test root mean square error (RMSE) ‖𝒘‖1 = 𝜆 ∑ |𝑤𝑗 |
and R2 value [22]. Since we had both categorical (e.g. age 𝑗=1
groups) and continuous (i.e., pre-transplant healthcare use)
variables as candidate predictors, they were standardized 3.1.3 Elastic net regression
prior to model training and testing. Following Haddad et al.,
we log-transformed healthcare costs incurred during pre- Elastic net regression is a compromise between ridge
workup, workup, and the first post-transplant year in model regression and lasso regression in a sense that it excludes
training and testing. Results were then exponentiated to aid irrelevant predictors but keeps both of the correlated
interpretation [10]. predictors [26]. Mathematically, the regularized term of
elastic net regression, ‖𝒘‖𝑒 , is a linear combination of the
3.1 Regularized linear regression L1 Norm (‖𝒘‖1 of lasso) and the L2 Norm (‖𝒘‖2 of ridge),
where 𝛼 is between 0 and 1. The optimal 𝛼 and 𝜆 are
The goal of our analysis is to estimate a regression equation selected by ten-fold CV.
on the natural log of total healthcare costs over the first post-
transplant year: 1−𝛼
‖𝒘‖𝑒 = ‖𝒘‖1 + 𝛼‖𝒘‖2
2
𝑝
𝐸(𝑦) = 𝑤0 + ∑ (𝑤𝑗 𝑥𝑗 ) 3.2 Regression tree
𝑗=1

where y is the log of one-year heathcare costs, 𝑤0 the The regression tree partitions the feature space recursively to
intercept of the equation (i.e., mean log cost for patients with create a tree-like structure [27]. At each split in the tree a
reference-level characteristics), and 𝑤𝑗 the weight associated node is created to ensure maximum homogeneity of the data
being partitioned to the two regions. To train a full tree, we
with predictor 𝑥𝑗 . Conventional ordinary least square (OLS)
selected features and the corresponding thresholds at each
methods search for estimates of 𝑤𝑗 that minimize a loss node such that the squared loss function is minimized:
function that is equal to the total sum of square errors:

𝑁 𝑝 2 ∑ ̂ 𝑥𝑖 )2 + ∑
(𝑦𝑖 − 𝑦 ̂ 𝑥𝑖 )2
(𝑦𝑖 − 𝑦
𝑥𝑖 ∈𝑅1 𝑥𝑖 ∈𝑅2
𝑙0 = ∑ (𝑦𝑖 − ∑ (𝑤0 + 𝑤𝑗 𝑥𝑖𝑗 ))
𝑖=1 𝑗=1
where R1 and R2 denote the two regions separated by the
To overcome potential model overfitting due to node. To avoid overfitting, tree pruning was performed on
multicollinearity among candidate predictors (e.g. having the full tree for a parsimonious tree (T) such that the
following loss function is minimized:

– 117 –
2019 ITU Kaleidoscope Academic Conference

I 177 (13.3%)
|𝑇|
J 82 (6.2%)
∑ ∑ ̂ 𝑥𝑖 )2 + 𝛼|𝑇|
(𝑦𝑖 − 𝑦
𝑚=1 𝑥𝑖 ∈𝑅𝑚 K 68 (5.1%)
L 86 (6.5%)
The size of the final tree, |𝑇|, is penalized by the complexity M 104 (7.8%)
parameter 𝛼 which is determined using ten-fold CV in the N 134 (10.1%)
training set to minimize the averaged RMSE. Comorbidities
CADG 1: Acute minor 906 (68.2%)
3.3 Sensitivity analysis CADG 2: Acute major 1220 (91.9%)
CADG 3: Likely to recur 809 (60.9%)
We conducted analysis to examine the impact of missing CADG 4: Asthma 75 (5.6%)
values on the primary results. Multiple imputation using
CADG 5: Chronic medical, unstable 1310 (98.6%)
Markov-chain Monte Carlo (MCMC) methods, assuming
CADG 6: Chronic medical, stable 873 (65.7%)
missing at random [28], was conducted to address patients
CADG 7: Chronic specialty, stable 51 (3.8%)
with missing peak PRA (N=237, 17.8%) and primary cause
of ESRD (N=296, 22.3%), respectively. We repeated the CADG 8: Eye/dental 218 (16.4%)
imputation procedure ten times [28] and performed the CADG 9: Chronic specialty, unstable 185 (13.9%)
regression analysis on each of the ten newly imputed dataset. CADG 10: Psychosocial 228 (17.2%)
Analyses were performed using R (version 3.5.1). CADG 11: Preventive / administrative 614 (46.2%)
Sensitized (peak PRA > 0%) 548 (41.3%)
4. RESULTS Primary cause of ESRD
Glomerulonephritis / autoimmune 696 (52.4%)
4.1 Baseline characteristics Diabetes 246 (18.5%)
Renal vascular 158 (11.9%)
There are 1328 older deceased-donor renal transplant Cystic / genetic 136 (10.2%)
recipients who survived for at least a year after transplant Others 92 (6.9%)
(Table 1). The majority of these patients received a transplant
Blood type
when aged 61-70 (N=1081, 81.4%), more than three-quarters
O 539 (40.6%)
(N=999, 75.2%) are Caucasian, and over half are male
(N=894, 67.3%). Distribution of older transplant recipients A 541 (40.7%)
amongst the 14 LHINs is imbalanced. Notably, one LHIN B 167 (12.6%)
(LHIN A) is responsible for performing 14.3% (N=190) of AB 81 (6.1%)
all transplantations while another one (LHIN F) accounts for Graft number (first graft) 1261 (95.0%)
less than one-per cent (N=8, 0.6%). Dialysis vintage
Pre-emptive transplant 10 (0.8%)
Table 1 – Characteristics of older transplant recipients at < 6 months 60 (4.5%)
the time of transplantation (N=1328) 6-12 months 72 (5.4%)
> 12 months 1186 (89.3%)
Characteristics Total (N=1328)
Transplant year
Sex (female) 434 (32.7%) 2002 55 (4.1%)
Age 2003 64 (4.8%)
61-70 1081 (81.4%) 2004 57 (4.3%)
71-80 244 (18.4%) 2005 80 (6.0%)
81+ 3 (0.2%) 2006 96 (7.2%)
Race 2007 116 (8.7%)
Caucasian 999 (75.2%) 2008 124 (9.3%)
Asian or Pacific islander 189 (14.2%) 2009 144 (10.8%)
African American 94 (7.1%) 2010 148 (11.1%)
Others 46 (3.5%) 2011 150 (11.3%)
Membership of LHIN (censored) 2012 145 (10.9%)
A 190 (14.3%) 2013 149 (11.2%)
B 160 (12.5%) Costs during transplant workup (CAD)
C 58 (4.4%) Mean ± SD 45460 ± 31271
D 42 (3.2%) Median (IQR) 48971 (55185)
E 50 (3.8%) Costs during pre-workup year (CAD)
F 8 (0.6%) Mean ± SD 75608 ± 71855
G 106 (8.0%) Median (IQR) 70550 (101154)
H 63 (4.7%)

– 118 –
ICT for Health: Networks, standards and innovation

Older transplant recipients in our cohort had a range of


comorbidities at the time of transplantation. Less than half of
them are sensitized (N=548, 41.3%). The most prevalent
cause of ESRD is glomerulonephritis/ autoimmune (N=696,
52.4%), followed by diabetes (N=246, 18.5%). Most patients
underwent a first-time renal transplantation (N=1261,
95.0%). Over forty-per cent of patients have blood type O
(N=539, 40.6%) and A (N=541, 40.7%), respectively. Most
transplantations were performed in 2011 (N=150, 11.3%).
There are ten (0.8%) pre-emptive transplantations, and the
majority of the remaining patients were transplanted after
maintaining on dialysis for over 12 months (N=1186, 89.3%).
Before receiving a transplant, total healthcare costs averaged
$45460 CAD (SD, $31271) over the six-month workup
period and $75608 CAD (SD, $71855) during the pre-
workup year.

Table 2 summarizes the total healthcare costs over the first


post-transplant year, stratified by age at transplant. Average Figure 1 – Plot showing the shrinkage of coefficients in
costs for all patients are $72723 CAD (SD, $63256) with ridge regression
median costs at $56819 CAD (IQR, $45568). Costs range
greatly across patients from a low of $517 CAD to a high of Figure 2 shows the shrinkage of coefficients in lasso
$720917 CAD at year one post-transplant. regression. The optimal λ value that minimized test RMSE
for lasso regression is 0.0317323. Unlike ridge regression,
Table 2 – Health system costs over the first year after lasso forces the coefficients of some predictors to be zero.
transplantation stratified by age at transplant Three predictors appeared to have the strongest impact,
including the log of workup cost (logwork), the log of pre-
Costs Total 61-70 71-80 81+ workup cost (logpre), and transplanted at ages 81+ (age81+).
Mean ± SD 72723 ± 70623 ± 81942 ± 79659 ±
63256 61736 69162 52161
Median (IQR) 56819 55288 65891 50498
(45568) (45547) (45682) (42134)
Min, Max 517, 517, 5082, 48600,
720917 720917 628354 139879

4.2 Model training

4.2.1 Regularized linear regression

Figure 1 shows the shrinkage of regression coefficients


against the log of λ in ridge regression. The optimal λ value
that minimized test RMSE for ridge regression is
0.07796363.

Figure 2 – Plot showing the shrinkage of coefficients in


lasso regression

The optimal λ value that minimized test RMSE for elastic net
regression is 0.01024383. Summary of regression results of
the three models is presented in Table 3. Predictors that were
deemed non-significant were denoted by “NS”.

– 119 –
2019 ITU Kaleidoscope Academic Conference

Table 3 – Coefficients of predictors estimated by the three unsensitized patients, sensitized patients were expected to
regularized linear regression models (N=1034) incur 5.0% higher costs during the first year after transplant.
Furthermore, for a one-percent cost increase during the six-
Variables Ridge Lasso Elastic net month workup period and the one-year pre-workup period,
Female 0.0420 NS 0.0198 post-transplant costs at year one are expected to increase by
Age 81+ -0.531 -0.299 -0.350
0.38% and 0.09%, respectively. The lasso model also
identified age 61-70, age 81+, membership of LHIN K, and
Age 61-70 -0.129 -0.0574 -1.717
blood type B as predictors of lower costs at year one.
Asian -0.0399 NS -0.0156 Compared with patients who received a transplant at ages 71-
African American 0.0567 NS 0.0259 80, younger recipients aged 61-70 and older recipients
Other races 0.136 NS 0.101 beyond 80 years of age were found to cost 5.7% and nearly
LHIN B 0.00909 NS NS 30% (29.9%) less at year one, respectively. Furthermore,
LHIN C 0.0493 NS NS patients with blood type B were found to incur 1.6% less
LHIN D 0.0993 NS 0.0320 costs compared to type A patients during the first post-
LHIN E 0.0514 NS NS transplant year.
LHIN F -0.183 NS -0.0850
The elastic net regression model concluded a total of 33
LHIN G 0.00247 NS NS
significant predictors of one-year costs, including all of the
LHIN H 0.0607 NS 0.00906 nine predictors identified by the lasso regression.
LHIN I 0.0769 NS 0.0347
LHIN J 0.130 0.00242 0.0833 4.2.2 Regression tree
LHIN K -0.0996 -0.0317 -0.0962
LHIN L 0.0557 NS NS Figure 3 shows the regression tree model trained by patients
LHIN M -0.0393 NS -0.0178 who underwent transplantation between 2002 and 2011. The
LHIN N -0.0233 NS -0.0143 log of pre-workup (logpre) and workup (logwork) costs were
CADG 1 0.0110 NS NS
identified as the only two predictors of the mean log of costs
during the first year after transplantation (logtarget). The
CADG 2 -0.0424 NS -0.0176
regression rules used are as follows: (1) patients who
CADG 3 0.0259 NS 0.0169 incurred at least $10938 during workup (logwork >= 9.3, i.e.,
CADG 4 -0.00101 NS NS having logged workup costs of at least 9.3) were expected to
CADG 5 -0.208 NS -0.146 cost an average of $59874 during the first post-transplant
CADG 6 -0.00439 NS NS year (logtarget = 11); (2) patients who incurred less than
CADG 7 -0.0432 NS 0.0000955 $10938 during workup (logwork < 9.3) but at least $4024
CADG 8 0.0322 NS 0.0151 during pre-workup (logpre >= 8.3, i.e., having logged pre-
CADG 9 0.0344 NS 0.00798 workup costs of at least 8.3) were expected to cost an average
of $22026 over the first post-transplant year (logtarget = 10);
CADG 10 -0.00708 NS NS
(3) patients who incurred less than $10938 during workup
CADG 11 -0.0310 NS -0.0171
(logwork < 9.3) and less than $4024 during pre-workup
Peak PRA > 0% 0.0862 0.0501 0.0870 (logpre < 8.3) were expected to cost an average of $2981
ESRD: Diabetes 0.0833 0.00617 0.0600 over the first year post-transplant (logtarget = 8).
ESRD: Renal vascular 0.0645 NS 0.0367
ESRD: Cystic/genetic -0.0737 NS -0.0485
ESRD: Others 0.0346 NS 0.00333
Blood type B -0.0895 -0.0155 -0.0713
Blood type AB 0.0870 NS 0.0473
Blood type O 0.0122 NS NS
Re-graft 0.0926 NS 0.0610
Dialysis < 6 months 0.0912 NS 0.00205
Dialysis 6-12 months 0.0224 NS NS
Dialysis > 12 months -0.0377 NS -0.00224
Log of workup cost 0.333 0.382 0.393
Log of pre-workup cost 0.139 0.0887 0.0983
Intercept 6.248 6.037 6.010
Figure 3 – Regression tree
The lasso model identified nine predictors of the log of post-
transplant costs at year one. Membership of LHIN J,
sensitized (peak PRA > 0%), having diabetes as the primary
cause of ESRD, higher pre-workup and workup costs were
found to heighten the cost. Notably, compared with

– 120 –
ICT for Health: Networks, standards and innovation

4.3 Model validation calculators for older adults with chronic diseases. A further
implication of this finding points to the importance of
We validated the four models using ten-fold CV on continuously monitoring an individual’s spending on
transplant recipients during the years 2012 and 2013 (N=294, healthcare. In this way, our calculator serves as a simple
22.1%). Results are summarized in Table 4. Ridge regression, prototype for a more advanced algorithm that is capable of
lasso regression, elastic net regression and regression tree continuous cost prediction.
achieved an averaged test RMSE of 0.618, 0.604, 0.610 and
0.630, respectively, while reaching averaged test R2 values There are limitations associated with our study. First, unlike
of 0.255, 0.258, 0.251 and 0.0101. Hence, we concluded Patzer et al. and Haddad et al., we did not consider patient
lasso regression to have the best performance. ethnicity (i.e., Hispanic or non-Hispanic) in our regression
analysis. However, as Tan et al. pointed out, less than 0.5%
Table 4 – Testing results of the four models (N=294) of Canadians identify as Hispanic [9]. Second, we did not
have access to donor-level information, including donor age
Models RMSE R2 and cause of death, as well as facility-level factors, including
Ridge regression 0.618 0.255 hospital bed size and type of admission. This may explain
the relatively low test R2 (0.258) achieved by our model.
Lasso regression 0.604 0.258
Future investigators with a more comprehensive tracking of
Elastic net regression 0.610 0.251
patients may provide additional insights on predictors of
Regression tree 0.630 0.0101 post-transplant costs. Third, accuracy of our primary analysis
is limited by variables with significantly missing values,
4.4 Sensitivity analysis especially peak PRA (N=237, 17.8%) and primary cause of
ESRD (N=296, 22.3%). However, through extensive
We iterated the multiple imputation methods ten times to sensitivity analysis based on multiple imputation methods
impute values for patients with missing peak PRA (N=237, we were able to rule out such potential bias caused by these
17.8%) and primary cause of ESRD (N=296, 22.3%). missing values.
Training and testing procedures were repeated for each
newly imputed dataset. The lasso regression model had the Our study has some key strengths. First, use of a linked
best performance in each iteration, with an averaged test administrative dataset has enabled us to have comprehensive
RMSE of 0.611 (SD, 0.144) and R2 of 0.257 (SD, 0.100) over tracking of older renal transplant recipients from the year
the ten iterations. The same set of eight predictors were before transplant workup to death. Second, we used CADGs
identified, with the weights of having diabetes as the primary to characterize comorbidities at the time of transplantation,
cause of ESRD and sensitized (peak PRA > 0%) being which enabled us to arrive at conclusions that are specific to
enlarged. Specifically, the estimated coefficient of diabetes disease type. Third, we were able to construct person-level
increased from 0.00617 in the original analysis to an healthcare costs across healthcare sectors, which gave us
averaged 0.0125 (SD, 0.0123) over the ten iterations. transplant recipients’ precise use of healthcare, both before
Meanwhile, the estimated coefficient of sensitized also rose and after transplantation. Fourth, through our use of
from 0.0501 to 0.0823 (SD, 0.032). machine-learning techniques, we were able to identify
predictors of post-transplant healthcare use while
5. DISCUSSION overcoming potential overfitting due to multicollinearity, a
common threat to conventional multivariate regression
In the present study, we used machine-learning methods to analysis.
develop a cost calculator for deceased-donor renal transplant
recipients aged above 60 over the first post-transplant year. 6. ACKNOWLEDGEMENT
The final calculator was based on a lasso linear regression
model and required the following inputs to be collected at the This study was supported by the Institute for Clinical
time of transplantation: age, membership of one of 14 Evaluative Sciences (ICES), which is funded by an annual
regionalized LHINs, blood type, sensitization, having grant from the Ontario Ministry of Health and Long-Term
diabetes as the primary cause of ESRD, and healthcare costs Care (MOHLTC). The opinions, results and conclusions
during the six-month transplant workup and during the year reported in this paper are those of the authors and are
before workup. This cost calculator minimized test RMSE at independent from the funding sources. No endorsement by
0.604 while achieving an acceptable test R2 of 0.258. The ICES or the Ontario MOHLTC is intended or should be
results are robust to missing values found in our dataset. inferred.

Our study has demonstrated that basic machine-learning REFERENCES


methods, including regularized linear regression and
regression tree, are promising tools for predicting healthcare [1] National Kidney Foundation, "K/DOQI clinical
costs. It is important to note that in our model we found practice guidelines for chronic kidney disease:
previous healthcare expenditures to be one of the most evaluation, classification, and stratification,"
important drivers of upcoming expenditures. This consistent American Journal of Kidney Diseases, vol. 39, no. 2
pattern of healthcare use needs to be addressed in future cost Suppl 1, pp. 1-266, 2002.

– 121 –
2019 ITU Kaleidoscope Academic Conference

[2] A. Laupacis et al., "A study of the quality of life and [13] K. D. Yoo et al., "A machine learning approach
cost-utility of renal transplant," Kidney using survival statistics to predict graft survival in
International, vol. 50, no. 1, pp. 235–242, 1996. kidney transplant recipients: a multicentre cohort
study," Scientific Reports, vol. 7, no. 1, p. 8904,
[3] R. A. Wolfe et al., "Comparison of mortality in all 2017.
patients on dialysis, patients on dialysis awaiting
transplantation, and recipients of a first cadaveric [14] Canadian Institute for Health Information,
transplant, " New England Journal of Medicine, vol. "Canadian Organ Replacement Register Metadata
341, no. 23, pp. 1725–1730, 1999. (CORR)," [Online]. Available:
https://www.cihi.ca/en/canadian-organ-replacement-
[4] American Kidney Fund, "Waiting for a kidney register-metadata-corr
transplant," [Online]. Available:
http://www.kidneyfund.org/kidney-disease/kidney- [15] W. P. Wodchis, K. Bushmeneva, M. Nikitovic, and
failure/treatment-of-kidney-failure/kidney- I. McKillop, "Guidelines on person-level costing
transplant/transplant-waitlist/ using administrative databases in Ontario," Health
System Performance Research Network Working
[5] Trillium Gift of Life network, "Trillium Gift of Life Paper Series, vol.1, 2013. Available:
Network annual report 2017/18," Available: http://www.hsprn.ca/uploads/files/Guidelines_on_Pe
https://www.giftoflife.on.ca/resources/pdf/TGLN_A rsonLevel_Costing_May_2013.pdf.
nnual_Report_17_18_EN_WA_F.pdf .
[16] Statistics Canada, "Table 18-10-0005-01 Consumer
[6] J. F. Whiting et al., "Economic cost of expanded Price Index, annual average, not seasonally
criteria donors in cadaveric renal transplantation: adjusted,"[Online]. Available:
analysis of Medicare payments," Transplantation, https://www150.statcan.gc.ca/t1/tbl1/en/tv.action?pi
vol. 70, no. 5, pp. 755–760, 2000. d=1810000501.

[7] S. V. Jassal et al., "Kidney transplantation in the [17] Bank of Canada. "Monthly exchange rates,"
elderly: a decision analysis," Journal of the [Online]. Available:
American Society of Nephrology, vol. 14, no. 1, pp. https://www.bankofcanada.ca/rates/exchange/monthl
187–196, 2003. y-exchange-rates/

[8] R. Patzer et al., "iChoose Kidney: a clinical decision [18] Local Health Integration Network. "Local Health
aid for kidney transplantation versus dialysis Integration Network (LHIN)," [Online]. Available:
treatment," Transplantation, vol. 100, no. 3, pp. http://www.lhins.on.ca/
630–639, 2016.
[19] The Johns Hopkins University, "The Johns Hopkins
[9] V. S. Tan et al., "Predicting 3-year survival in ACG® System Excerpt from Version 11.0 Technical
patients receiving maintenance dialysis: an external Reference Guide, " 2015. [Online]. Available:
validation of iChoose Kidney in Ontario, Canada," https://www.healthpartners.com/ucm/groups/public/
Canadian Journal of Kidney Health and Disease, @hp/@public/documents/documents/cntrb_035024.
vol. 5, pp. 1–11, 2018. pdf

[10] L. B. de P. Haddad, L. R. B. C. Mendes, L. Ducatti, [20] P. C. Austin, C. van Walraven, W. P. Wodchis, A.


V. Rocha-Santos, W. Andraus, and L. A. C. Newman, and G. M. Anderson, "Using the Johns
D’Albuquerque, "Machine learning in the prediction Hopkins Aggregated Diagnosis Groups (ADGs) to
of costs for liver transplantation," Quality in predict mortality in a general adult population cohort
Primary Care, vol. 25, no. 5, 2017. in Ontario, Canada," Medical Care, vol. 49, no. 10,
pp. 932–939, 2011.
[11] I. Kononenko, "Machine learning for medical
diagnosis: history, state of the art and perspective," [21] M. Gen and R. Cheng, Genetic Algorithms and
Artificial Intelligence in Medicine, vol. 23, pp. 89– Engineering Optimization. New York: Wiley, 1999.
109, 2001.
[22] C. M. Bishop, Pattern recognition and machine
[12] E. Mark, D. Goldsman, B. Gurbaxani, P. learning. New York: Springer, 2006.
Keskinocak, J. Sokol, "Using machine learning and
an ensemble of methods to predict kidney transplant
survival," PLoS ONE, vol. 14, no. 1, 2019.

– 122 –
ICT for Health: Networks, standards and innovation

[23] R. Fu, S. J. Kim, C. de Oliveria, P. C. Coyte, "An [26] H. Zou and T. Hastie, "Regularization and variable
instrumental variable approach confirms that the selection via the elastic net," Journal of the Royal
duration of pretransplant dialysis has a negative Statistical Society. Series B (Methodological),
impact on the survival of kidney transplant vol.67, no. 2, pp. 301-320, 2005.
recipients and quantifies the risk," Kidney
International, vol. 96, no. 2, pp. 450-459, 2019. [27] L. Breiman, J. Friedman, C. J. Stone, R. A. Olshen,
Classification and Regression Trees, 1st ed.
[24] A.E. Hoerl and R. W. Kennard, "Ridge regression: Chapman and Hall/CRC, 1984.
biased estimation for nonorthogonal problems,"
Technometrics, vol. 12, no. 1, pp. 55-67, 1970. [28] J. Sterne et al., "Multiple imputation for missing
data in epidemiological and clinical research:
[25] R. Tibshirani, "Regression shrinkage and selection potential and pitfalls," BMJ, vol. 338, p. b2393,
via the Lasso," Journal of the Royal Statistical 2009.
Society. Series B (Methodological), vol. 58, no. 1,
pp. 267-288, 1996.

– 123 –
AUTOMATIC PLAN GENERATING SYSTEM FOR GERIATRIC CARE
BASED ON MAPPING SIMILARITY AND GLOBAL OPTIMIZATION

Fei Ma1; Chengliang Wang2; Zhuo Zeng3


1,2,3 Chongqing University, China

ABSTRACT smart home design, especially the difficulty in designing a


sensing devices selection plan (SDSP). Traditionally, in order
The smart home is an effective means of providing geriatric to implement a user-oriented smart home for geriatric care,
care to increase the ability of the elderly to live independently designers firstly collaborate with elderly and geriatric experts
and ensure their health in daily life. However, the smart to extract digital care demands based on natural language
home is not widely used because it is arduous to obtain a care needs. Then, designers choose corresponding services
sensing devices selection plan. In this paper, the accuracy to achieve care demands of the elderly based on their own
of service selection and cost savings assumes enormous comprehension, and select sensing devices to develop a SDSP
importance. Therefore, we propose an automatically plan by manually comparing the performance of sensing devices.
generating system for the elderly based on semantic similarity, Therefore, the traditional method limits the promotion and
intuitionistic fuzzy theory, and global optimization algorithm, use of the smart home in the field of geriatric care, including
aiming at searching for an optimized plan. Experiment results the following shortcomings and obstacles.
indicate that our approach can satisfy care demands and
provide an optimized plan of sensing devices selection. • Informal description: Since geriatric diagnosis and
smart services are deposited in the literature database
Keywords - Care demand, geriatric care, selection plan, without classification and arrangement, it increases the
smart home, smart service burden of designers to extract care demands of geriatric
diseases and select smart services.
1. INTRODUCTION
• Costly and casual design pattern: Due to the difficulty of
Due to low birth rates and low mortality rates and the manually extracting elderly demands, the elderly must
extension of life expectancy, the aging of population has pay expensive labor costs. Besides, it is casual and
been accelerating quickly and severely. An epidemiological arbitrary for designers to select services, since the elderly
study estimates that 11% of the world’s population is over do not understand the principles of smart services.
60 years old, but that figure is expected to rise to 22% by • Non-optimized plan: As it is arduous for designers
2050[1]. Accompanied by the substantial growth in the size to quantify the performance of sensing devices and
of the elderly population during the last several decades, to compare their performance manually, the traditional
the growing prevalence of geriatric diseases associated with SDSP is not optimized, and may result in surplus or
aging increases the burden on the health care systems. More inadequate sensing devices for implementing services.
importantly, geriatric diseases have a powerful negative
impact on perceived mental and physical functioning in In order to promote the use of the smart home in the
geriatric patients. It also increases life-threatening risks of the field of geriatric care, we have designed an Automatic Plan
elderly[2], for example, heart disease and stroke account for Generating System (APGS) that automatically generates the
more than 40% of all deaths among persons aged 65-74 and optimized SDSP. The contributions of this paper are given
almost 60% of those aged 85 years[3]. Therefore, geriatric below.
care plays an important role in maintaining good health and
• UDSD architecture: We proposed a UDSD (user
increasing the life quality of the elderly.
demand service device) architecture, which uses key
Recently, with remarkable advancements in machine learning
labels instead of natural language descriptions to
and artificial intelligence, the smart home emerges into
formalize user information, care demands, smart
the public consciousness, because of its convenience and
services, and sensing devices, including the user layer,
precision in health care[4][5][6]. Smart homes could not
demand layer, service layer and device layer.
only monitor the daily living of the elderly and assist living
in patients, but also evaluate the emotions of inhabitant • Smart-desire mapping method: Due to the high cost
and warn of dangers[7][8][9]. However, the smart home and casual selection of traditional design method, we
is not widely used in the field of geriatric care, because of designed a Smart-desire mapping method (SDMM)
two main reasons: (1) the challenge of extracting required to automatically extract atomic care demands based
smart services for elderly with high precision, based on on expert knowledge and mapping smart services by
user demands; 2) the huge complexity and high costs of calculating semantic similarity and QoS similarity.

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 125 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

• Self-repairing artificial fish swarm algorithm: Owing to multi-objective knapsack problem, a global optimization
the stronger optimization ability and faster convergence algorithm is urgently needed to search for an optimized SDSP,
speed, we proposed the self-repairing artificial fish which promotes the accuracy of smart services and reduces
swarm algorithm(SAFSA) to search for an optimized the cost of sensing devices. For a multi-objective knapsack
SDSP by limiting artificial fish moving near the problem, people have put forward valuable methods, mainly
constraint boundary by self-repairing behavior. divided into two types: (1) heuristic algorithms, such
as greedy algorithm, dynamic programming algorithm,
The rest of this paper is organized as follows: we briefly simulated annealing algorithm and so on; (2) swarm
review the past research on the in-home health-care system intelligent optimization algorithm: genetic algorithm [17],
in the smart home, and intelligent optimization algorithms particle swarm optimization algorithm [18], ant colony
in section 2. We propose the framework of the APGS in algorithm [19] and so on. Because of the low efficiency
section 3. The Smart-desire mapping method is described in and slow convergence rate for large-scale problems, heuristic
section 4 and self-repairing artificial fish swarm algorithm is algorithms are replaced by swarm intelligent optimization
presented in section 5. We perform a series of experiments algorithm. However, classical intelligent optimization
to verify the scientificity and validity of SDSP in section 6. algorithms will usually plunge into local optimization and
The conclusion and future work are discussed in section 7. are sensitive to the initial parameters. For example, the
artificial fish swarm may plunge into local optimization if
2. RELATED WORKS the visual of artificial fish is too small; additionally, changes
of crossover and mutation probabilities of genetic algorithm
Recently, owing to the development and advancement of the
will result in different genetic speeds. Therefore, in order to
Internet of things and digital health, research in the smart
generate the optimized SDSP for geriatric care, we present a
home becomes increasingly important. A smart home, in
self-repairing artificial fish swarm algorithm, which introduce
which artificial intelligence techniques control home settings,
self-repairing behavior to limit artificial fish searching for an
collects data by sensors when residents perform their normal
optimized solution near the constraint boundary.
daily routines. Since sensors can collect data in a naturalistic
way without modifying an individual’s behavior, the smart
home provides a new way for automated health care. The 3. THE FRAMEWORK OF AUTOMATIC PLAN
survey in [10] showed that all participants had positive GENERATING SYSTEM
attitudes towards the technology of the smart home and were
willing to accept the installation of sensing devices in their As shown in Figure 1, we formalize user care demands
homes. Afterwards, more researchers were committed to and expert knowledge into digital description based on
providing health care services for users of various ages. Portet expert diagnosis, medical literature, and clinical diagnosis.
et al. [11] showed that inexpensive smart home technologies Additionally, smart services for geriatric care are extracted
could be used for the purpose of self-monitoring of safety, from recent researches. In this framework, Automatic Plan
health and functional statuses in existing homes, and are Generating is the key module including two submodules: (1)
urgently required. Nehmer et al. [12] used the smart home Smart-desire module is proposed to extract required smart
to provide a better assistant system in health monitoring and services for geriatric care by decomposing care demands
to improve the quality of life of elderly and disabled people. into atomic demands, calculating functional similarity and
Skubic et al. [13] provided passive sensor networks to capture non-functional similarity between atomic demands and smart
patterns representing physical and cognitive health conditions service; (2) Global optimization module, in which the SAFSA
in an aging in place elderly-care facility. Additionally, Mario is proposed to search for the optimized solution of SDSP
et al. [14] proposed a software architecture that modeled the for geriatric care based on cost evaluation and performance
functionalities of a smart home platform to deploy sensitive evaluation.
services into the digital home for health care.
However, due to the high costs and untrusted design, the Sensing Device
Selection Plan
Decoding Optimized
Solution
smart home failed to make headway in the field of health Elderly User
Literature and Clinical Diagnosis

Smart-Desire

care. In order to reduce the costs and to systematize the


Expert Diagnosis, Medical

Care Demands Decomposition


Global Optimization

Traveling Expert Knowledge Forest


Global Optimization
design of SDSP, we first formalize elderly care demands and Judging Slot Values
Algorithm

smart services in a fixed data structure based on medical


Self-repairing Artificial
User Demands Fish Swarm Algorithm
Selected services

Extracting Atomic care demands

diagnosis and recent research in the smart home, such as


Problem
activity recognition, health change detection, falling detection
Functional Non-functional
Similarity Similarity Conversion
Unknown Data

and so on [15]. Since the expert knowledge system with a


Expert Knowledge
Semantic Similarity

Intuitionistic Fuzzy

Acquisition
TF-IDF Statistics

Cosine similarity
Calculation
Researches

large amount of knowledge provided a method of simulating


Recent

Multi-objective
Knapsack Probem

the decision process of human experts [16], the expert Smart Services Automatic Plan Generating
knowledge learned in geriatric diagnosis was adopted to
decompose user demands into atomic demands. Thereafter, Figure 1 – The framework of APGS
we extracted smart services based on functional similarity and
QoS similarity between atomic demands and smart services. More narrowly, user demands are decomposed into atomic
As the selection of sensing devices is regarded as a care demands automatically by traveling expert knowledge

– 126 –
ICT for Health: Networks, standards and innovation

forest. Then, we extract atomic care demands according User Layer


Geriatric Disease Nature Language User Living
to their slot values. Additionally, an expert knowledge Information Care Needs Requirements

forest is built by expert knowledge trees which integrate Expert


Knowledge
expert knowledge and care demands for every geriatric Demand Layer
disease. Thereafter, it is a requisite to obtain smart services Care
ĊĊ
Care
for providing geriatric care for the elderly by the smart
Demand 1 Demand N

home, based on mapping similarity consisting of functional


Atomic Atomic Atomic Atomic Atomic
Care Care Care Care Care
similarity and non-functional similarity between atomic Demand 1 Demand 2 Demand 3 Demand 4 Demand G

demands and smart services. In order to make the selection Service Layer
Smart Smart Smart
of sensing devices unambiguous, we convert the problem Service Service
S2
Service
S3
S1
of selecting suitable sensing devices to realize selected smart
services into a multi-objective knapsack problem of searching
Device Layer
Pressure Sound Infrared Smart Switch
ĊĊ ĊĊ
for the optimized solution. In this paper, SAFSA is selected Sensor Sensor Sensor Bracelet Sensor

to search for the optimized solution, which could be replaced


by other optimization algorithms. Finally, we decode the Figure 2 – The system workflow in UDSD model
optimized artificial fish to recommend the user-oriented
and so on. As shown in Definition 1, the care demand
SDSP for the target elderly, including types, commodity
contains ID, Label, Description, Children and Quality
selections, quantities and installation positions of sensing
Requirement(QR), where ID the unique identifier of one
devices.
care demand, Label are keywords of functional description,
Description expresses user demand in natural language,
4. THE SMART-DESIRE MAPPING METHOD
and QR expresses quality constraints of required service.
4.1 The UDSD architecture for data formalization Moreover, Children contains the ID of its sub-demands, if this
care demand is a composited demand. Generally, QR consists
As the informal descriptions of user demands and smart of some non-functional attributes, including price, response
services limit the efficiency of automatically generating time, availability, reliability and so on. In this paper, the
optimized SDSP, we proposed a UDSD architecture to non-functional attribute QR with accuracy, response_time,
formalize elderly information, care demands, smart services smart_level, availability and reliability.
and sensing devices, and which consisted of a user layer,
demand layer, service layer and device layer, as shown in Definition 1 Every care demand in this paper contains ID,
Figure 2. Label, Description, Children and Quality Requirement.

• User layer: The concept of the user layer is used De = {I D, Label, Description, Children, QR}
to sort and formalize key information of diseases
description, natural language care needs, and other
living requirements of elderly.
4.1.2 Service Layer
• Demand layer: After we extract expert knowledge
in expert diagnosis, medical literature and clinical In order to obtain the suitable smart services for geriatric
diagnosis of geriatric diseases, the demand layer fuses care automatically, we need to formalize smart services into
user demands and expert knowledge. Specifically, care digital description in the service layer, including ID, Label,
demands are divided into composite care demands and Description and Quality of Service(QoS). Therefore, smart
atomic care demands. services in this paper are formalized with three modules.

• Service layer: It is proposed to formalize technologies 1. Definition: The definition of the smart service indicates
and services in recent research into smart services with a the functional description for geriatric care, including
fixed format, including name, label, description, quality ID, Label, Description.
of service and input requirement.
2. QoS: This represents the non-functional parameters of
• Device layer: This layer formalizes digital descriptions the smart service, including accuracy, response-time,
of sensing devices, including price, precision, measuring smart-level, availability and reliability.
range and so on, which are important in analyzing the
ability and performance of sensing devices. 3. Input requirements: It is proposed to summarize the
hardware requirements of the smart service.

4.1.1 Demand layer 4.1.3 Expert knowledge forest

Generally, care demands are extracted in expert diagnosis Knowledge excavation is the mining of potential patterns
of geriatric diseases, which represents the real care needs and behaviors by highly automated analysis of legacy data
of elderly for 24-hour geriatric care in the smart home, to help people make the right decisions. The expression of
including diet care, sport care, daily care, danger warning expert knowledge directly affects the efficiency of knowledge

– 127 –
2019 ITU Kaleidoscope Academic Conference

reasoning and the ability to acquire new knowledge. However, similarity between keyword xi and y j .
due to the complex care demands of various geriatric
diseases, the traditional knowledge expression methods are x1 y1 x1 y2 · · · x1 ym
not suitable for care demands decomposition, such as logical ­ x2 y1 x2 y2 · · · x2 ym ®
© ª
representation, semantic network, rule-based system and so SXY = ­ . .. .. .. ®® (3)
­ ..
­
. . . ®
on. Therefore, we designed the expert knowledge forest to
« xn y1 xn y2 · · · xn ym ¬
combine care demands and expert knowledge based on the
decision tree structure and the frame knowledge expression. According to [20], the semantic similarity between keywords
In the expert knowledge forest, every frame consists of five xi and y j is calculated based on path length, depth and local
expert knowledge components: (1) name, a unique name density as shown in Equation (4), where l represents the path
that can be any constant; (2) slot, a combination of expert length and h represent the path depth. Simultaneously, α
knowledge and care demand; (3) slot value, the attribute is a constant and β is a smoothing factor where β > 0. In
value, which can be 0 or 1; (4) relation, the knowledge this paper, we set α = 0.2 and β = 0.6 to generate optimal
associations between frames; (5) slot constraints, related semantic similarity, as details are shown in [20].
constraints contributed to the corresponding slot value.
eβh − e−βh
s xi , y j = e−αl  βh

(4)
4.2 Smart-desire model e + e−βh
In order to normalize the fuzzy similarity matrix, we
Due to the limitations of family space and expenditure, compress it into one dimension by taking the maximum value
designers need to extract suitable smart services to provide for each row of the matrix, and average these maximum values
geriatric care for the elderly in the smart home. In this paper, by Equation (5). However, s_sem (X,Y ) only represents the
we proposed a Smart-desire model to extract smart services average semantic similarity between the vector B and every
based on expert knowledge forest and mapping similarity. word in A. Thus, we use Equation (6) to calculate the semantic
As shown in Definition 2, Sdesir e is the output of SDMM, similarity between vector X and vector Y .
and PU E D is proposed to decompose care demands(D)
n
by traveling expert knowledge forest (E) based on user 1 Õ
s_sem (X,Y ) =

× max xi y j ; j ∈ [1, m] (5)
information(U). Additionally, in the Smart-desire model, SS n i=1
is a set of all smart services in the service layer, and ϕ (x∗, y∗ )
is the mapping method in SDMM. (s_sem (X,Y ) + s_sem (Y, X))
s_sem (|X,Y |) = (6)
2
Definition 2 Smart-Desire is presented to obtain Sdesire Therefore, the functional similarity between care demand c
based on user information and expert knowledge. and smart service s is calculated by Equation (7), where ϕ1
and ϕ2 are weight coefficients of service name and service
Smart_Desire = {SS, PU E D , ϕ (x∗, y∗ ) , Sdesir e } . description, with ϕ1 +ϕ2 =1.
Õ
Sdesire = ϕ (PU E D , SS) = Si .
f _sim(|c, s|) =ϕ1 × s_sem (|c_Description, s_Description|)
ϕ2 × s_sem (|c_Label, s_Label |)
4.3 Mapping similarity calculation method (7)

4.3.1 Functional similarity calculation 4.3.2 Non-functional similarity calculation


In the Definition module of the smart service, the Label and Since the QR of user demands are difficult to accurately
Description describe the function of this service with phrases, represent with a number, we propose a scoring set to
sentences, or concepts. In order to weight the importance of standardize these parameters, as shown in Equation (8).
words in the Description of smart services and care demands,
we employ the famous term frequency-inverse document
frequency (TF-IDF) method. After calculating the TF-IDF score ∈ {Excellent, Good, Medium, Poor, Very Poor} (8)
values of words in Description of smart service s j , we obtain
the vector X and vector Y by ranking these words according Although the scoring set can express the level of QR
to TF-IDF values, as shown in Equation (1) and Equation (2). parameters, it cannot be directly used for calculation.
Therefore, the intuitionistic fuzzy theory is used to quantify
X = (x1, x2, ..., xn ) (1) these QR parameters. In this paper, since the scoring set
is defined as 5 levels, the intermediate value is defined as
0.5, and the remaining distribute symmetrically. According
Y = (y1, y2, ..., ym ) (2) to the fuzzy number of the scoring set in Table 1, we use
Equation (9) to convert the QR to a numeric value, where
Then, we propose the fuzzy similarity matrix SXY between µQR represents the membership degree, νQR represents the
vector X and vector Y , in which xi y j represents the semantic non-membership degree and ρQR is uncertainty degree.

– 128 –
ICT for Health: Networks, standards and innovation

Table 1 – The fuzzy number of scoring set Table 2 – Unknown data for global optimization

Intuitionistic Fuzzy Numbers SymbolMeaning Symbol Meaning


Level
[µQR , νQR − ρQR ] Unknown M Quantity V Performance Values
Excellent [0.9, 0.1-ρQR ] Data W Weight L Installation Location
Good [0.7, 0.3-ρQR ]
Medium [0.5, 0.5-ρQR ]
Poor [0.3, 0.7-ρQR ]
( A Õ
B
! )
Õ
Very Poor [0.1, 0.9-ρQR ] Y1 = Min pi j ∗ xi j ∗ mi
i=1 j=1
( B
A Õ
! )
Õ
qQR = µQR − νQR × ρQR (9) Y2 = Max vi j ∗ xi j ∗ wi
i=1 j=1
In order to compare performance of smart services, the QoS  A Õ B
!
values need to be normalized. In this paper, Equation (10) in
 Õ
pi j ∗ xi j ∗ mi ≤ Max_ Cost, (14)



[21] is adopted to normalize positive QoS attributes of smart



 i=1 j=1
services, and Equation (11) is used for negative attributes.




Õ
 B
s.t. xi j = 1, i = 1, 2, ..., A
 qi j −q min
j
i f qmax − qmin

,0 j=1
 
qi j =

 
q max
j −q min
j
j j (10)


 (
 1 i f qmax − qmin =0 1, sensing device xi j is selected
 
x =

j j 
 ij
 

 0, sensing device xi j is not selected
( qmax −qi j 
j
i f qmax − qmin ,0
qi j = q max −q min
j j
j j
(11) 5.2 Unknown data acquisition
1 i f qmax
j − qmin
j =0

Then, the cosine similarity is used to calculate the As opposed to web services and cloud services, the cost
non-functional similarity between care demand ci and smart of smart services depends on the price of sensing devices.
service s j , as shown in Equation (12), where Q 0 represents However, two different services may require the same sensing
the normalized QR and Q is the normalized QoS. device. For example, the Activity Monitoring service requires
the acceleration data and the Falling Detection service
requires the same data. Therefore, we need to reduce
5 repeatable sensing devices of selected services.
q 0 k × qk
Í
Q  Q0 k=1 Definition 3 As a sensing device in smart service work in a
q_sim(ci , s j ) = =s (12)
||Q|| × ||Q 0 ||
s
5 5 specific position, we formalize every required sensing device
2
0 qk2
Í Í
qk× with its t ype and position, as di = {t ype, position}.
k=1 k=1
In Definition 3, t ype represents the type of the sensing device
Finally, the mapping similarity between atomic care demand and position is the installation position. Therefore, we count
ci and smart service s j is calculated by Equation (13), based the quantity of every type of sensing device with two rules:
on functional similarity and non-functional similarity, where
γ1 and γ2 are the weight coefficients with γ1 + γ2 = 1. 1. If di and dj from different services in Sdesir e have
the same d_t ype and d_position, we suppose that one
sensing device is enough for both smart services. Thus,
m_sim(ci , s j ) = γ1 × s_sim(ci , s j ) + γ2 × q_sim(ci , s j ) (13) the quantity of this type of sensing devices is unchanged,
while the weight is increased by one.
5. GLOBAL OPTIMIZATION ALGORITHM 2. If di and dj from different services in Sdesir e have the
same d_t ype but different d_positions, only one sensing
5.1 Transformation of sensing devices selection
device is not enough. Hence, the quantity and weight of
In order to improve service performance and reduce the cost this type of sensing devices are both increased by one,
of sensing devices, we first need to count the requirement of and two installation locations are added into the L.
sensing devices for geriatric care. Suppose that there are A In this paper, we adopt Formula (15) to evaluate the
types of sensing devices and B commodities for each type of performance of sensing devices, where ω is the compensation
sensing devices. The problem of selecting sensing devices coefficient and ξ is the general error. Additionally, y is the
can be converted into a multi-objective knapsack problem, service life of sensing devices, r is the measuring range and
if we can calculate the unknown data in Table 2. Then, we r is the average measuring range. η (η ∈ (0, 1)) indicates the
establish a global optimization selection model to maximize effect of sensing devices in smart services.
the total performance and to minimize the total cost of sensing
devices, as shown in Equation (14). Therefore, this problem ωy r
r
is a NP-complete problem like the knapsack problem. R=η (15)
ξ r

– 129 –
2019 ITU Kaleidoscope Academic Conference

5.3 Self-repairing artificial fish swarm algorithm objective functions Y1 , as shown in Equation (17):

Artificial fish swarm algorithm is a new bionic and swarm


( A B ! )
Õ Õ 1
intelligence algorithm to search for an optimized solution by Y1 = Max ∗ xi j ∗ mi (17)
p
i=0 j=0 i j
modeling four daily behavior including preying, swarming,
following and random behavior. Since only one commodity in Compared to the Ideal point method and Hierarchical method,
each type of sensing device could be selected, we proposed we choose the Linear-weighting method that uses λ1 and λ2
the representation scheme of artificial fish to compress the as weights of two objective functions based on the elderly
solution space and reduce the search region, as shown in desires. As shown in Equation (18), λ1 and λ2 are adjusted
Equation (16). More specifically, the value of xi shows that based on the inclination of the elderly, while λ1 +λ2 =1. Also,
the xi th commodity for ith type of sensing devices is selected. w1 and w2 are the weighting factors of the objective functions
Y1 and Y2 . Finally, Max{Y1} is the optimal value of Y1 and
X f = {x1, x2, x3, ..., xi , ..., xm } (16) Max{Y2} is the optimal value of Y2 under the same constraints.

Definition 4 The artificial fish X f is located near the Y = Max{λ1 w1Y1 + λ2 w2Y2} (18)
constraint boundary of the problem, if X f is a feasible
solution and it would become infeasible when we find a 1
w1 = (19)
commodity k in type i and assign k to xi , where i ∈ Max{Y1}
{1, 2, 3...A}, k ∈ {1, 2, 3...B} and the Performance/Price of 1
kth commodity is bigger than xi ’s in type i sensing devices. w2 = (20)
Max{Y2}
The research [22] proves that an optimized solution and 6. EXPERIMENTS AND RESULTS ANALYSIS
constraint boundary of the knapsack problem are usually
symbiotic. Thus, we proposed a self-repairing strategy In order to verify the accuracy and validity of the proposed
to repair artificial fish return to the constraint boundary. APGS, we formalized 40 care demands and 200 smart
For any infeasible solution X f , there are two self-repairing services for geriatric care, including hypertension, heart
strategies, where Operation (1) on xi with the least value of diseases and diabetes. Firstly, we need to verify the
Performance/Price and Operation (2) on xi with the biggest scientificity and validity of selected services for geriatric care
value of Price: in experiment 1; then, the global optimization capability and
Operation (1): Replacing xi with k, if Performance/Price of convergence rate of SAFSA should be verified in experiment
kth commodity is biggest in the same type of sensing devices 2; finally, we built the evaluation indicator system of SDSP
whose Price is less than the Price of xi , where i ∈ {1, 2, 3...A} to verify the scientificity and validity of SDSP of the smart
and k ∈ {1, 2, 3...B}. home, based on evaluations of smart home researchers.
Operation (2): Replacing xi with k, as the Price of kth In the first experiment, we listed care demands for geriatric
commodity is least in the same type of sensing devices whose experts to select needed care demands for 100 sample elderly,
Performance/Price is bigger than xi , where i ∈ {1, 2, 3...A} suffering from hypertension, diabetes and heart diseases.
and k ∈ {1, 2, 3...B}. Weight parameters in SDMM are set as: ϕ1 =ϕ2 =0.5, γ1 =0.7
and γ2 =0.3. Then, we recommended smart services, whose
Proof 1 If the infeasible artificial fish X f becomes a feasible mapping similarity are bigger than 0.8, for geriatric experts to
solution after the last Operation (1), we can conclude that manually select suitable smart services
Ñ to meet care Ñ demands.
the Price of kth sensing device is less than xi . Assume that Ultimately, we use Precision( C C D ), Recall( C D D ) and
the artificial fish X f is not near the constraint boundary. F1( 2Pr ecision+Recall ) to verify the validity of selected
∗Precision∗Recall
According to Definition 4, there is a sensing device whose services, where C is the service set calculated by proposed
Performance/Price is bigger than k and Price is less than SDMM and D is the service set selected by experts.
xi . However, due to the description of Operation (1), the We compared the performance of mapping similarity method
value of Value/Price of k is biggest in the candidate sensing (MS), keyword mapping method (KM) and variable precision
devices whose Price is less than Price of xi . Therefore, the rough set method (VPRS). As shown in Figure-3(a), the
assumption is not true and X f is near the constraint boundary precision is more than 94.4%, which indicates that selected
after Operation (1) of self-repairing behavior. smart services can excellently cover care demands of the
sample elderly. Compared to KM and VPRS methods, our
As the above Proof 1 reveals, the artificial fish X f approach has higher accuracy and coverage, since precision,
become feasible solution after Operation (1). Additionally, recall and F1 of the proposed MS are almost the biggest.
Operation (2) can be similarly proved with the same method. The similar function and description between smart services
Therefore, we properly invoke self-repairing behavior to are important reasons causing 4.5% of the mismatch. In
search for the optimal solution, when the artificial fish X f Figure-3(b), the performance of MS for elderly suffering
become infeasible after four basic behaviors. from diabetes is better than hypertension and heart diseases.
Since two objective functions of the multi-objective knapsack In particular, the performance of MS for a single geriatric
problem have opposite targets, we make a conversion for the disease is usually better than two or more geriatric diseases.

– 130 –
ICT for Health: Networks, standards and innovation

Precision Recall F1 Precision Recall F1 1 2 3 4 5 6 7 8 9 10


96.00% 96.00%
94.00% 94.00%
92.00%
100%
92.00%
90.00%
90.00%
90%
88.00%
86.00%
88.00% 80%
86.00%
84.00%
84.00%
70%
82.00%
80.00% 82.00% 60%
78.00% 80.00% 50%
MS KM VPRS Hypertension Diabetes Heart Diseases Two Diseases
40%

(a) (b)
30%
20%
10%
0%
Figure 3 – (a)The results of MS, KM and VPRS; (b) the EC UR Acc RS IT AR

results of SM for different geriatrics.


Figure 5 – The results of SDSP evaluation.
In order to verify the global optimization capability
and convergence rate of SAFSA, we randomly generated smart services set Sdesir e and to generate an optimized SDSP
Performance of sensing devices in [0,50] and generated of the smart home, including types, quantities and positions
Price in [0,100]. Supposing that there are 20×20 sensing of sensing devices, as shown in Figure 6. In future work,
devices, we make experiments under Visual=30, Step=10, energy consumption and the layout of the family should be
Tr y_Number=50, δ=35 and λ1 =λ2 =0.5. As optimal and taken into account to reduce the waste of energy resource and
worst solutions of SAFSA are all better than AFSA, PSO and to guide the deployment of sensing devices. Therefore, the
GA in Figure-4(a), we concluded that SAFSA has a better work of this paper will help the development and promotion
global optimization capability. As shown in Figure-4(b), of the smart home in the field of geriatric care.
since cycle times of SAFSA for generating the global optimal
solution is less than AFSA, the convergence rate of SAFSA
is better than AFSA because of the self-repairing behavior.
Finally, average cycle times of GA and PSO are similar to
SAFSA, because they are easier to fall into local optimum.

Average Maximum Minimum


60
50 50 50
50
0.91 41
Cycle times

40 33.9
0.86
27.8 26.7 28.2
30
0.81
20
0.76
SAFSA AFSA PSO GA 8 9
Average Solution 0.899 0.893 0.873 0.851 10 3 4
Optimal Solution 0.904 0.904 0.899 0.897
0
Worst Solution 0.894 0.878 0.846 0.798
SAFSA AFSA PSO GA

(a) (b)
Figure 6 – The prototype system of APGS.
Figure 4 – (a) The optimal values of optimization algorithms;
(b) The cycle times for obtaining the optimal solutions.
7. CONCLUSIONS AND FUTURE WORK
Finally, we built an evaluation indicator system of SDSP to
verify the scientificity and validity of SDSP of the smart Due to the complexity and waste of resources in traditional
home, based on evaluations of smart home researchers, SDSP design, the smart home is not widely used in health
as shown in Table 3. Then, we presented 20 SDSP to care. In order to promote the role of the smart home in the
conduct surveys of 20 smart home researchers. As shown field of health care, we proposed an APGS to generate the
in Figure 5, the average score is bigger than ‘9’ of the SDSP for the smart home automatically and efficiently based
three secondary indexes of smart services and showed that on the Smart-desire mapping method and Self-repairing
SDSP has better accuracy, faster response times and higher artificial fish swarm algorithm. Ultimately, experiments
intelligence levels. However, more than half of researchers of elderly suffering from hypertension, diabetes and heart
gave a ‘4-6’ score to ‘Energy Consumption’, mainly because diseases verified the scientificity and validity of SDSP. Our
the energy consumption was not taken into account to evaluate work provides a novel approach to designing a user-oriented
the performance of sensing devices. smart home efficiently and automatically, which could reduce
the labor costs and make the design pattern more transparent
Table 3 – The evaluation indicator system of SDSP
and reliable. Furthermore, an accurate SDSP is very helpful
Primary Index Secondary Index Scores for promoting the use of the smart home in geriatric care. In
Energy Consumption(EC) 1-10 future work, many standards in the field of geriatric care and
Sensing Devices smart services will be considered to standardize the design
Utilization Rate(UR) 1-10
Accuracy(Acc) 1-10 of the smart home, since the standards can not only help
Smart the elderly understand smart services, but also provide an
Services Response Speed(RS) 1-10
Intelligence Level(IL) 1-10 aid for the application and promotion of our method. Then,
Installation a new method of assigning intelligence to sensing devices
& Deployment Accuracy Rate(AR) 1-10 by software-defining intelligence is necessary to improve the
coding efficiency in smart home design. We will commit
Summarily, we implemented a prototype system to extract the to providing user-oriented geriatric care for the elderly in the

– 131 –
2019 ITU Kaleidoscope Academic Conference

smart home to greatly improve the quality of life of the elderly [12] Jürgen Nehmer, Martin Becker, Arthur Karshmer, and
in our future work. Rosemarie Lamm. Living assistance systems: an
ambient intelligence approach. In Proceedings of the
REFERENCES 28th international conference on Software engineering,
pages 43–50. ACM, 2006.
[1] Christopher B Newgard and Norman E Sharpless.
Coming of age: molecular drivers of aging and [13] Marjorie Skubic, Gregory Alexander, Mihail Popescu,
therapeutic opportunities. The Journal of clinical Marilyn Rantz, and James Keller. A smart home
investigation, 123(3):946–950, 2013. application to eldercare: Current status and lessons
learned. Technology and Health Care, 17(3), 2009.
[2] Sharon R Kaufman. Old age, disease, and the discourse
on risk: geriatric assessment in us health care. Medical [14] Mario Vega-Barbas, Iván Pau, María Martín-Ruiz, and
Anthropology Quarterly, 8(4):430–447, 1994. Fernando Seoane. Adaptive software architecture based
on confident hci for the deployment of sensitive services
[3] Igor Akushevich, Julia Kravchenko, Svetlana
in smart homes. Sensors, 15(4):7294–7322, 2015.
Ukraintseva, Konstantin Arbeev, and Anatoliy I
Yashin. Age patterns of incidence of geriatric [15] Moeness G Amin, Yimin D Zhang, Fauzia Ahmad, and
disease in the us elderly population: Medicare-based KC Dominic Ho. Radar signal processing for elderly
analysis. Journal of the American Geriatrics Society, fall detection: The future for in-home monitoring. IEEE
60(2):323–327, 2012. Signal Processing Magazine, 33(2):71–80, 2016.
[4] Jan Vanus, Jana Belesova, Radek Martinek, Jan [16] Xuewei Wang, Haibin Qu, Ping Liu, and Yiyu Cheng. A
Nedoma, Marcel Fajkus, Petr Bilik, and Jan Zidek. self-learning expert system for diagnosis in traditional
Monitoring of the daily living activities in smart chinese medicine. Expert systems with applications,
home care. Human-centric Computing and Information 26(4):557–566, 2004.
Sciences, 7(1):30, 2017.
[17] Paul C Chu and John E Beasley. A genetic algorithm
[5] Frank G Miskelly. Assistive technology in elderly care. for the multidimensional knapsack problem. Journal of
Age and ageing, 30(6):455–458, 2001. heuristics, 4(1):63–86, 1998.
[6] Ahmad Alaiad and Lina Zhou. Patients’ adoption [18] Jagdish Chand Bansal and Kusum Deep. A modified
of wsn-based smart home healthcare systems: binary particle swarm optimization for knapsack
An integrated model of facilitators and barriers. problems. Applied Mathematics and Computation,
IEEE Transactions on Professional Communication, 218(22):11042–11061, 2012.
60(1):4–23, 2017.
[19] Min Kong, Peng Tian, and Yucheng Kao. A new ant
[7] Diane J Cook, Maureen Schmitter-Edgecombe, and
colony optimization algorithm for the multidimensional
Prafulla Dawadi. Analyzing activity behavior and
knapsack problem. Computers & Operations Research,
movement in a naturalistic environment using smart
35(8):2672–2683, 2008.
home techniques. IEEE journal of biomedical and
health informatics, 19(6):1882–1892, 2015. [20] Yuhua Li, Zuhair A Bandar, and David McLean. An
approach for measuring semantic similarity between
[8] Boyuan Sun, Qiang Ma, Shanfeng Zhang, Kebin Liu,
words using multiple information sources. IEEE
and Yunhao Liu. iself: Towards cold-start emotion
Transactions on knowledge and data engineering,
labeling using transfer learning with smartphones. ACM
15(4):871–882, 2003.
Transactions on Sensor Networks (TOSN), 2017.
[9] Jens Lundström, Eric Järpe, and Antanas Verikas. [21] Liangzhao Zeng, Boualem Benatallah, Anne HH
Detecting and exploring deviating behaviour of smart Ngu, Marlon Dumas, Jayant Kalagnanam, and
home residents. Expert Systems with Applications, Henry Chang. Qos-aware middleware for web
55:429–440, 2016. services composition. IEEE Transactions on software
engineering, 30(5):311–327, 2004.
[10] George Demiris, Marilyn J Rantz, Myra A Aud, Karen D
Marek, Harry W Tyrer, Marjorie Skubic, and Ali A [22] Qing Liu, Tomohiro Odaka, Jousuke Kuroiwa,
Hussam. Older adults’ attitudes towards and perceptions Haruhiko Shirai, and Hisakazu Ogura. A new
of ‘smart home’technologies: a pilot study. Medical artificial fish swarm algorithm for the multiple knapsack
informatics and the Internet in medicine, 29(2), 2004. problem. IEICE TRANSACTIONS on Information and
Systems, 97(3):455–468, 2014.
[11] François Portet, Michel Vacher, Caroline Golanski,
Camille Roux, and Brigitte Meillon. Design and
evaluation of a smart home voice interface for the
elderly: acceptability and objection aspects. Personal
and Ubiquitous Computing, 17(1):127–144, 2013.

– 132 –
SESSION 6

DATA AND ARTIFICIAL INTELLIGENCE ERA

S6.1 Invited paper - Preparing for the AI era under the digital health framework
S6.2 Operationalizing data justice in health informatics
PREPARING FOR THE AI ERA UNDER THE DIGITAL HEALTH FRAMEWORK

Shan Xu1; Chunxia Hu1; Dong Min1

1
China Academy of Information and Communication Technology (CAICT), China

ABSTRACT and limitations of AI for health has become more and more
necessary.
Information and communication technology (ICT) for health
has shown great potential to improve healthcare efficiency, 1.1 Health industry changes
especially artificial intelligence (AI). To better understand
the influence of ICT technology on health, a framework of The developing requirement for the health industry has
the digital health industry has been proposed in this paper. changed over the decades in terms of demand and supply.
Factors from the health industry and the ICT part are The gap between supply and demand is now increasingly
extracted to study the interaction between two groups of growing, waiting for new technological productivity to fill
component factors. Health factors include service and this gap. From the demand side, an aging population is
management; and ICT factors include sensors, networks, poised to become one of the most significant social
data resources, platforms, applications and solutions. The transformations in the twenty-first century, with implications
interaction between ICT and health can be traced through for nearly all sectors of society. According to data from
the development history, from the stage of institutional World Population Prospects: the 2019 Revision [3], by 2050,
informationization to regional informationization, and one in six people in the world will be over age 65 (16%), up
finally to service intelligentization. Following such a from one in 11 in 2019 (9%). This is especially directly
developmental roadmap, AI was chosen as one of the most reflected in changes of the population's disease spectrum.
powerful technologies to study the penetration effect and key Take China for example, the prevalence of chronic diseases
development trends from the perspectives of data, computing in the population over 65 years old is 539.9‰ [4], which is
power and algorithms. The health industry will be much much higher than for the entire population. For the future,
improved or redefined in the coming AI era. To better chronic diseases, such as cardiovascular and cerebrovascular
understand the strengths, weaknesses and limitations of AI diseases, cancer, diabetes, chronic respiratory diseases, etc.
for health, exogenous factors are discussed at the end of the will become the biggest threat to public health. However, the
paper; preparations on collaboration mechanism; growth of supply resources lags much behind demand [6],
standardization and regulation have been proposed for the the situation is particularly serious for imaging, pathology
sustainable development of digital health in the AI era. and general practitioners. For example, the growth rate of
medical imaging data in China is about 30% per year, while
Keywords – Artificial intelligence, digital health, the annual growth rate of radiologists is only 4.1%, the gap
framework, information and communication technology, of pathologists is estimated to be 100 000[6][7], and it is not
interaction only limited to radiology. Training doctors takes a long time,
which means that the gap cannot be solved in the short term.
1. INTRODUCTION
1.2 ICT penetration into health
Health, as defined by the World Health Organization (WHO),
is "a state of complete physical, mental and social well-being The good news is that the arrival of the fourth industrial
and not merely the absence of disease or infirmity."[1][2]. revolution has brought us ICT technology, which has
After decades of development, the demand and supply of the enormous potential to help overcome this socioeconomic
health industry have quietly changed. Complying with the challenge. Digital health refers to the use of ICT to help
industrial development requirements, information and address the health problems and challenges faced by people
communication technology (ICT) was introduced as a new under treatment [8]. Technologies such the fifth generation
technology which has great potential to improve healthcare (5G) communications, machine-to-machine (M2M)
efficiency, thus the digital health era has begun. Among communications, cloud computing, Internet of things (IoT),
those ICT technologies, artificial intelligence (AI) is big data, AI and machine learning(ML) etc. [9] will
regarded as the most powerful one with an unpredictable inevitably penetrate theinto health industry and lead to new
developing rate. To understand the strengths, weaknesses improvements in digital health services, from medical device
manufacturing to healthcare delivery, from medical research

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 135 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

to institution management, finally leading to an increased life 2. INDUSTRIAL FRAMEWORK


expectancy and a greatly enhanced quality of life. The
specific interaction from ICT to health industry will be To see the essence of digital health development for various
illustrated in section 2.2 and later. applications and use cases, an overarching vision is
necessary to judge the current situation and predict the future.
1.3 AI for health But currently much of the academic research in this area is
limited to relatively narrow topics such as experiment
Of all ICT technologies, AI is one of the most significant improvement, so far there is no consensus on the overall
trends. Many countries deploy their national strategy on AI view of the digital health industry. Therefore, this paper tries
in response to any forthcoming impact and seize the to propose an industrial framework to follow the penetration
opportunity for development, as is shown in Table 1. Most of ICT in health, and study the corresponding effects from
of the national plans defined the priority areas in AI, and a the penetration. The framework will be expanded from the
basic consensus has been reached on the priority traditional health industry to digital health, and the specific
development of the digital health field. Under the guidance discussion on AI for health will be in section 4.
of these national strategies, considerable resources will be
allocated to exploring the use of AI for health. Yet, due to 2.1 Health industrial framework
the complexity of AI models, cautious consideration needs
to be taken in relation to data handling rules, interoperability The traditional health industry consists of two parts:
standards and evaluation methodologies, etc. to make a good healthcare service and management of staff and equipment.
preparation for the future development of AI for health. Figure 1 shows the framework when considering single
healthcare institutions. Both the services and management
Table 1 – National AI strategy deployment activities can be reflected in a certain kind of record in the
healthcare institution.
Country Policy Release
➢ Service: refers to a series of healthcare options provided
Preparing for the Future of Artificial 2016.10 to patients; although there are different understandings
Intelligence
of the workflow [10] [11], the common process always
The National Artificial Intelligence Research includes doctor reservation, check-in & triage,
and Development Strategic Plan 2016.10
payment/ pre-pay, symptom check, image inspection,
Artificial Intelligence, Automation and the
laboratory test, medical treatment, monitor & recover,
Economy 2016.12 etc.
US
Artificial Intelligence and National Security 2018.07 ➢ Management: refers to the effective control of staff and
equipment inside the institution. Staff usually includes
Executive Order on Maintaining American 2019.02 general practitioners, specialists and nurses, etc.;
Leadership in Artificial Intelligence
equipment includes device used in imaging, testing,
The National Artificial Intelligence Research surgery and monitoring, etc. [12].
and Development Strategic Plan:2019 2019.06
Update

Artificial Intelligence for Europe 2018.04

Declaration of Cooperation on Artificial


EU Intelligence 2018.04

European Coordinated Plan on Artificial 2019.2


Intelligence
Artificial intelligence: opportunities and
implications for the future of decision 2016..11
making
Growing the Artificial Intelligence Industry 2017.10
in UK Figure 1 – Health industrial framework in single institution
UK
AI in the UK_ ready, willing and able? 2018.04
2.2 Digital health framework
Industrial Strategy: Artificial Intelligence 2018.04
Sector Deal Regarding digital health, some factors are extracted from the
ICT side to discuss their corresponding effect on the above
A new generation of artificial intelligence health industrial framework. Figure 2 shows the framework
China development planning 2017.07
of digital health and the ICT factors are listed on the right
Next generation artificial intelligence 2016.7 side.
promotion strategy
Japan ➢ Sensors: enable real-time collection of information at
Artificial intelligence technology strategy 2018.6 anytime and anywhere. It can be customized to

– 136 –
ICT for Health: Networks, standards and innovation

different scenarios and requirements, such as various contributed to the digitization of data, and they started to be
wearable devices. applied in 1960s, when the United States began research on
HIS in military hospitals, and then Japan and some European
➢ Network: ensures effective transmission of information countries followed and promoted HIS in the late 1970s [13].
collected by sensors. 5G is an innovation on networks, Additionally, data played an invisible key role in the process.
combined with upper factors, giving birth to new In particular, the replacement of paper electronic data is a
applications such as telemedicine. huge innovation for the traditional industry. Electronic
➢ Data resource: refers to how the data transmitted by information is more efficiently processed, analyzed and
networks is effectively integrated and further processed. calculated than paper records, with an improvement in
Data center construction is an example. efficiency, as well as a reduction in the operational costs [14].
However, there is still limited improvement when only
➢ Platforms: integrate various component and computing considering the simple point of institution; the full value of
capabilities to achieve integration and modularity. For informationization is still waiting to be amplified.
example, cloud computing provides the foundation
support for the upper applications of digital health.
➢ Applications: promote the service in specific scenarios
and meet specific needs. AI and ML are examples
closely integrated into the service process to provide a
comprehensive service.
➢ Solutions: provide an overall service including
technical support, consulting, design, operation, etc.

Figure 3 – Interaction between ICT and health at Stage 1

3.2 Regional informationization

The second stage is regional informationization, mostly


driven by the requirements of electronic record rating and
network interconnection. Different information systems
developed at the first stage, such as HIS, HRP, EMR, PACS,
RIS, NIS, LIS, etc., are still scattered information islands in
Figure 2 – Digital health framework one hospital. Much improvement could be made to their
integration, Figure 4 shows the process. Other healthcare
3. ICT INTEGRATION STAGE institutions were added as similar blocks in the bottom, and
community network and electronic data resources played
To verify the rationality of the framework, penetration significant roles at this stage. They were carriers and
between ICT and the health industry can be tracked from the channels for communication between different institutions.
very beginning of digital health development. The history is In the late 1980s, the United States used the Community
usually defined as three stages, corresponding to the Health Information Network (CHINS) [15, 16] to explore
informationization of institution, region and service. In the regional informationization. Followed by 2004, former US
future, the combination of big data, and the massively President George W. Bush proposed to establish a national
parallel computing and AI may create a revolutionary way electronic record system within 10 years. Canada established
for evidence-based and personalized treatment. the Infoway organization in 2000 and invested hundreds of
millions in citizen electronic health systems. The British
3.1 Institutional informationization government signed a total of 6 billion pounds with top
information companies to establish a long-term nationwide
The first stage is informationization within one institution, health information network. The Korean government then
marked by the hospital information system (HIS) and also set up a committee, specializing in the research and
management information system (MIS). The digitization development of electronic health records (EHR), to promote
within one institution is the most important feature at this the sharing of health data nationwide [17]. Unlike the
stage, including the digitization of healthcare processes (HIS previous stage, regional informationization is a huge project
as an example) and management improvement (MIS as an with many stakeholders involved, with a large investment
example). Figure 3 shows the penetration of influencing and low construction success rate. Even in the United States,
factors on the previous digital health framework, and the the construction success rate is only one third [18-22]. The
specific interaction is marked in blue. Among those ICT construction experiences need to be shared and serve for
factors, data resource and software development were the future development.
leading ones. These information systems are software

– 137 –
2019 ITU Kaleidoscope Academic Conference

4. KEY TRENDS IN AI ERA

Following the development track, AI is seen as one of the


most prominent technologies in the intelligent stage, as is
also reflected by the national strategy documents of countries.
The following sections will extract the interaction of AI on
digital health separately from the intelligence stage and
discuss the key trends from the perspective of the main
component factors of AI. They are data, computing power
and algorithms which can correspond to the data, platform
and application of the ICT part in the previous framework.

4.1 Comprehensive description of health data


Figure 4 – Interaction between ICT and health at Stage 2
Large amounts of data are the foundation of intelligent
services. In order to more fully describe the state of human
3.3 Service intelligentization
health, two dimensions of expansion are undertaken,
horizontally and vertically.
The third stage is service intelligentization. In the previous
stage, the digitization of health records laid a good
Horizontal expansion refers to the full coverage of a life
foundation of data sharing and intelligent services for a wider
cycle. With the keen perception of sensors and strong
range [23]. Figure 5 shows the interaction in blue. Data,
analytical ability of AI, it could ideally cover the whole
computing platforms and personalized applications are the
process of user life, continuously monitoring and
main factors to promote service intelligentization. Data is not
comprehensively analyzing various data indicators,
limited to the digitization of records, but also refers to
including physiological data (such as blood pressure, pulse),
emerging big data technology, such as IBM Watson built on
environmental data (such as air that is breathed in), behavior
big data analysis. Computing platforms are to support the
data (such as exercising or diet), etc. IBM Watson and
process of ‘massive’ EHR and mining the hidden values.
Microsoft Azure have built a population health platform
With the increasing volume and complexity of patient
based on “AI+Cloud”, providing an overview analysis of
information, the expectations for rapid and accurate
various impact factors on personal health. Potential
diagnosis and treatment also rises. AI/ML has great potential
stakeholders including wearables companies, medical
to assist physicians with reference diagnosis and
institutions, HIS developers and health insurance, etc. can all
personalized treatment. An evidence-based medical
benefit from this model. From “treat diseases” to “prevent
decision-making system was established with the help of a
diseases”, it will to some extent alleviate the gap between
large number of cancer clinical knowledge, molecular and
supply and demand, mentioned in section 1.
genomic data and cancer case history information [24].
DeepMind also stepped into the AI for health field and
Vertical expansion refers to the deep description of life.
announced its first major health project in 2016: a
Measurement technology is continuously evolving, from the
collaboration with the Royal Free London NHS Foundation
individual level, anatomical level, human tissue, metabolism,
Trust, to assist in the management of acute kidney injury [25].
to protein, genetic aspects. Precision medicine was proposed
Not only diagnosis and treatment are penetrated, intelligent
with the rapid advancement of genome sequencing
applications can be integrated in every part of the service
technology and the cross-application of big data technology.
chain, and the corresponding application comes into being,
The United States initially invested $215 million in the
which will be illustrated in section 4.3.
Precision Medicine Initiative, China has planned to invest
US$9 billion and mentioned precision medicine in the “13th
Five-Year Plan”; Australia launched the Zero Childhood
Cancer Program in 2016 with an investment of A$20 million;
the French genome medical treatment 2025 was also
launched with an investment of 670 million euros. As the
granularity of health data descriptions deepens, AI is able to
establish an interpretation bridge between genetic
information and clinical characterization, and ultimately
achieve personalized and precise treatment.

4.2 Customized computing abilities for scenarios

With rapid increases in the amount and complexity of health


data, higher requirements are proposed for the platform. Two
Figure 5 – Interaction between ICT and health at Stage 3 ways for improvement are: processors and architecture.

– 138 –
ICT for Health: Networks, standards and innovation

Processors are major computing units in AI for health laboratory test, medical treatment, monitor & recovery. The
systems. Performance could be evaluated by the metrics of mainstream applications of AI are listed as below.
calculation speed, data bandwidth and power consumption
per unit of time. Processors used in AI usually include central ➢ AI Virtual assistant: Logistics such as online
processing unit (CPU), graphics processing unit (GPU), reservation, intelligence triage, payment and
field-programmable gate array (FPGA), application specific repairment monitoring could be effectively completed
integrated circuit (ASIC) and system-on-a-chip (SoC) by AI virtual assistants. Information input could be in
accelerators, etc. The Google Brain was once based on the various formats, such as audio, pictures, EHR scan and
CPU, but the general calculators have limited abilities for questions answering. By speech/image recognition and
floating point calculations, and was unable to meet deep natural language processing technology, it could
learning requirements, especially in model training. Though understand the patient's description of symptoms,
GPU is currently the primary choice due to its high- automatically provides intelligent consultation, triage
bandwidth caches and strong parallel computing power, suggestions and payment assistance. An intelligent
customized chips have more potential than these general- voice product “Yun Medical Sound” has been applied
purpose chips. FPGA is very flexible to achieve a high in more than 40 hospitals in China, with a voice
degree of customization, and ASIC even has a better transcription accuracy rate of over 97%. Additionally,
performance, with a computing speed of over 5-10 times these kinds of products’ functions can also be expanded
faster than FPGA. High R&D costs and production cycles to service rating, doctor matching, in-hospital
are two main obstacles for customized processors. A scale navigation, medical insurance reimbursement, pre-
effect may reduce the cost in the long term. Tractica forecasts diagnosis data collection, post-diagnosis follow-up, re-
that the market for deep learning chipsets will increase from examination reminder, health knowledge teaching, etc.
$1.6 billion in 2017 to $66.3 billion by 2025, and ASIC The application forms of the virtual assistant are very
market will be the largest by 2025 [26]. flexible and adaptive to certain scenarios, including
APP, websites and embedded programs, etc.
Network architecture is also customized to support AI
services. Continuous health condition monitoring and ➢ Medical imaging aided diagnosis: The core steps in
complex health management scenarios require flexible health service, such as symptom check and image
computing abilities. Architecture with a combination of inspection are currently penetrated with AI in the form
cloud and edge computing will be increasingly suitable for of medical imaging aided diagnosis. Based on
growing health needs. Cloud-computing solutions offer a computer vision and pattern recognition technology, AI
pay-per-use model that provides on-demand access to could achieve image classification and retrieval, 3D
computing resources. The cloud platform for deep learning reconstruction, image segmentation, feature extraction,
can be customized on TensorFlow, Caffe, MXNet, Torch, lesion identification, target area delineation and
etc., and provides developers with common models to reduce automatic annotation, etc. Various application
R&D costs. Algorithm training, assessment, visualization scenarios include fundus screening [27], breast
tools and API services are also available for customization. pathology diagnosis [28], X-ray reading, brain CT
Because of the convenience and low-cost operation, AI segmentation, bone injury identification, bone age
training tasks are gradually deployed on the cloud instead of analysis, organ delineation, dermatological auxiliary
the device. Meanwhile, edge computing developed on the diagnosis, etc. Some research even shows a better
devices is designed to be adaptive to application scenarios. It performance and efficiency than that provided by
is a blue sea with diverse forms and low competitiveness. IoT humans [29].
or wearables such as intelligent watches, headphones and
wristbands, and mobile phones are currently major drivers of ➢ Clinical decision support system (CDSS): Key steps
the edge market. AI inference tasks are increasingly such as laboratory test judgement and medical
deployed on devices to support the diversified scenarios and treatment are integrated with CDSS. Traditional CDSS
needs. builds on a top-down approach, with expertise and rules
based on expert systems to simulate the clinical
4.3 Closely integrated algorithm with health process decision-making process. AI based CDSS, without the
reliance on predefined rules, could ensure the
With large databases, high-performance computing, AI timeliness of evidence updates. Advanced natural
algorithms could strongly support and achieve personalized language processing, cognitive computing, automatic
medicine. The close combination between AI algorithms and reasoning and deep learning, etc. are used. AI-based
traditional health processes is the key to success. As is shown CDSS could greatly take full advantage of digital
in Figure 1, the framework of the health industry consists of medical data accumulated on a large scale in clinical
service and management. The integration can also be seen work in recent years, and overcome the weakness of
from these two perspectives. inefficiency in knowledge construction and limited
information coverage for traditional decision making,
Service process usually includes reservation, check-in & thus eventually accelerating industry development.
triage, payment/ pre-pay, symptom check, image inspection,

– 139 –
2019 ITU Kaleidoscope Academic Conference

The management process in the health industrial framework These preparation factors sit alongside the health direct
is divided into two parts: equipment and staff. The workflow in healthcare institutions; thus, they can be defined
corresponding applications of AI are also listed as below. as exogenous factors that play an external effect on the health
industry. Figure 6 shows the complete framework of digital
➢ Staff and institution management: Personnel in health health with the consideration of exogenous factors including
institutions usually includes physicians of various collaboration mechanisms, standardization and regulation,
specialties, nurses, technicians specializing in specific etc.
equipment, administrative financial clerks and other
support personnel. Intelligent institution management
application could either refer to specific problems like
scheduling the nurse personnel, performance appraisal,
workload distribution, task assignment, patient
feedback collection and analysis, etc. [12]. Besides,
auxiliary talent training is another direction for AI to
improve staff management. Royal Philips' annual
health survey shows that in Singapore, about 37% of
medical professionals can use artificial intelligence to
support administrative tasks, only 28 % of them have
the digital literacy to use it for diagnosis. Auxiliary
talent training could be a customized education and
collaboration platform. InferScholar Center released in
March 2019 [30] is equipped with advanced models and
visualization tools for the clinical research. Ali Health
is trying to break down various clinical case data into a
three-dimensional “virtual patient” in the physician
training system of Ali ET Medical Brain [31]. Figure 6 – Effects from exogenous factors

➢ Equipment and drug operation: Health institutions 5.1 Collaboration mechanism


frequently and continuously use large equipment to
measure patients’ health data. Intelligently detecting The collaboration mechanism refers to the way that related
the operation of the equipment with IoT sensors and AI stakeholders collaborate and contribute together. AI for
analysis could avoid emergencies such as equipment health is an interdisciplinary integration and innovation
failures. Moreover, drug development could also be between the ICT and the health industry. Expertise from the
supported by AI. New drug development requires an health and AI community are of great importance to promote
averaged investment of 2.87 billion US dollars [32]. this cross-domain task. The mechanism can be considered in
Only 5 out of the 5 000 can be used in animal three aspects listed below.
experiments on average, and finally only 1 of them can
enter the clinical trial stage [33]. AI could help with ➢ Top-level design: National or overview strategy of AI
including target screening, drug mining and drug for health industrial plan can act as a guidance to gather
optimization to improve development efficiency. more industrial power. This top-level design may
Computer simulation calculates the ability of small include goal definition, demand analysis, strategic
molecules to the drug target, increasing the screening direction, priorities, timeline and role division. Many
speed and success rate, and eventually reducing the AI strategies were deployed, but not AI for health. This
development cycles and overall costs. kind of top-level design will give an overarching view
of the industry development and help form an industry
5. CORRESPONDING PREPARATION consensus to integrate scattered opportunities and
create a common blueprint.
With the increasing penetration of AI into health processes,
and considerable resources allocated to exploring the use of ➢ Information exchange: AI for health provides end-to-
AI for health, the era of AI for health is coming. 9.5 billion end service, which give higher requirements on product
dollars of venture investment is reported in global digital development. Effective ways for information exchange
health in 2018, which is an increase of more than 30% over can help gather more news from different roles in the
the previous year; and the corporate finance provided to production chain. Competition provides early
digital health companies totaled $13 billion, which is a 58% incentives to prototype in the early stages; industry
increase from $8.2 billion in 2017 [34]. Yet, due to the alliance is another flexible way to extensively gather
complexity of AI models, it is difficult to fully understand industrial forces and seek cooperation opportunities in
their strengths, weaknesses and limitations. The mature stages.
corresponding preparation is necessary, requiring serious
consideration. ➢ Financing: To improve the health level of mankind is a
huge project that needs strong support including

– 140 –
ICT for Health: Networks, standards and innovation

financing. It includes major R&D project budget agencies need to answer. Recently, the International
support, profit distribution and national health Telecommunication Union (ITU) established an
insurance management, etc. Especially with the ITU/WHO Focus Group on artificial intelligence for
progress of aging, how to effectively reduce the cost of health (FG-AI4H), which works in partnership with
medical insurance has become a common problem that WHO to especially establish a standardized assessment
needs to be solved in various countries. framework for the evaluation of AI-based methods for
health, diagnosis, triage or treatment decisions [42]
5.2 Standardization
➢ Security : It includes the concerns of data security,
Under the overview control of the collaboration mechanism, network security and product security. Data security
standardization could technically act as an accelerator for refers to data ownership, data handling policy and
integration innovation. Consideration on standardization privacy protection during usage. Network security
could be prepared as the following part. refers to cybersecurity, avoiding products being
attacked by illegal cyberattacks. Product security refers
➢ Data format and interface: Much previous efforts have to the safe use of the product. Currently with the rapid
been made to meet the demand of medical system development of AI for health application, most of the
interconnection and compatibility. Personal health applications investigated could not provide relevant
device standards (ISO / IEEE 11073) and Digital evidence or peer-reviewed research to support their
Imaging and Communications in Medicine (DICOM) products. According to a study published in Nature
are known as addressing the interoperability. Though Digital Medicine, only two of the 73 applications in
AI for health focuses more on the application layer, their survey provided evidence of research [43].
updates on data formats and interfaces should also be
considered to meet the development requirement. ➢ Ethics:Ethics are important to consider especially for
the health field. Major countries and international
➢ Data quality: It refers to the standardization of content organizations have established AI ethics institutions
requirement input to AI algorithms, and it is a new focusing on the discussion of ethical guidelines and
demand due to new technology of AI. Medical images standards. In June 2019 the US Food and Drug
used by AI may contain undesirable artefacts (e.g. Administration released a discussion paper of proposed
background noise), lack focus, exhibit uneven ‘Regulatory Framework for Modifications to Artificial
illumination or under/overexposure, etc. [35]. Intelligence/Machine Learning (AI/ML)-Based
Moreover, the quality of the annotation for AI training Software as a Medical Device (SaMD)’ and also
is also critical. To form a unified understanding and requested feedback including on ethical aspects [44].
workflow on annotation among different groups of
clinicians is a difficult but necessary task. Several 6. CONCLUSION
public datasets are released for research, including
Kaggle, ImageNet, Messidor database [36-40], but for In this work, we choose the perspective of interaction of ICT
long-term development and scaled application, on the health industry. An industrial framework of the digital
standardization on data content and annotation are very health industry was proposed to better understand the
necessary requirements for sustainable development. interaction between component factors from the health and
ICT sides. We extracted and reconstructed different
5.3 Regulation component factors to expand the framework from the
traditional health industry to digital health. The traditional
With collaboration mechanism acting as a macro-control, health industrial framework is divided into service and
standardization as a technical accelerator, regulation is to management parts, and ICT factors are listed as sensors,
define the bottom line of the industry and maintain its networks, data resources, platforms, applications and
legality. The International Medical Device Regulators solutions. This paper also tracks the interaction through the
Forum (IMDRF) was established to discuss the common development history of the digital health industry, from
problems in international medical device regulation, with institutional informationization to regional
representatives from regulatory authorities in Australia, informationization, and finally to service intelligentization.
Brazil, Canada, China, European Union, Japan and the Following such a developmental roadmap, AI was chosen as
United States, as well as WHO [41]. From their working one of the most powerful technologies to discuss the key
group setting, main concerns on regulation can be divided trends from data, computing power and algorithms. Service
into reliability, security and ethics parts. and management processes in the health industry were
observed on the effects of ICT penetration. In the end,
➢ Reliability: The performance of AI algorithms can be exogenous factors such as a collaboration mechanism,
evaluated in the metrics of accuracy, precision, ROC, standardization and regulation were proposed and discussed
F-measures, interpretability, robustness, generalization, to better prepare for supporting the sustainable development
etc. In the face of such an emerging technology, how to of digital health in the AI era.
evaluate AI/ML-based software as a medical device
(SaMD) is a problem that all national regulatory

– 141 –
2019 ITU Kaleidoscope Academic Conference

7. ACKNOWLEDGEMENT [10] Quaglini, S., Stefanelli, M., Lanzola, G., Caporusso,


V., Panzarasa, S.: Flexible guideline-based patient
I would like to thank Mr Yuntao WANG, Ms Weimin careflow systems. Artificial Intelligence in Medicine
ZHANG from CAICT for the data and cases from first-hand 22(1), 65–80 (2001)
industrial research, and Mr Tao WANG for reading a first
version of this editorial. In addition, many thanks to Dr [11] Reijers H.A., Russell N., van der Geer S., Krekels
Gauden GALEA and Ms Mengji CHEN from WHO for G.A.M. (2010) Workflow for Healthcare: A
providing many valuable suggestions during the writing Methodology for Realizing Flexible Medical
process. Treatment Processes. In: Rinderle-Ma S., Sadiq S.,
Leymann F. (eds) Business Process Management
REFERENCES Workshops. BPM 2009. Lecture Notes in Business
Information Processing, vol 43. Springer, Berlin,
[1] World Health Organization Constitution of the Heidelberg
World Health Organization as adopted by the
International Health Conference, New York, 19–22 [12] Pyropoulos C D. AI planning and scheduling in the
June 1946; signed on 22 July 1946 by the medical hospital environment[J]. Artificial
representatives of 61 States (Official Records of the Intelligence in Medicine, 2000, 20(2):101-111.
World Health Organization, no. 2, p. 100) and
entered into force on 7 April 1948. In Grad, Frank P. [13] K Lynas. Canada Health Infoway properly managing
(2002). "The Preamble of the Constitution of the federal taxpayer dollars: Auditor General[J].
World Health Organization". Bulletin of the World Canadian Pharmacists Journal, 2010, 143(1):9.
Health Organization. 80 (12): 982.
[14] Morris, A.H. (2000). Developing and implementing
[2] World Health Organization. (2006). Constitution of computerized protocols for standardization of
the World Health Organization – Basic Documents, clinical decisions. Annals of Internal Medicine, 132,
Forty-fifth edition, Supplement, October 2006. 373–83.

[3] United Nations: World Population Prospects 2019: [15] Qian W, Jie W, Yao D etal. Ontology-Based design
Highlights: and information sharing for medical information[C].
https://population.un.org/wpp/Publications/Files/WP In: IEEE Int Conf on Software Engineering and
P2019_Highlights.pdf Service Sciences. Piscataway, NJ, USA: IEEE,
2010, 663-666.
[4] World Bank East Asia and Pacific Regional Report:
https://openknowledge.worldbank.org/bitstream/han [16] Kilic O, Dogac A, Eichelberg M. Providing
dle/10986/23133/32945.pdf?sequence=4&isAllowed interoperability of eHealth communities through
=y Peer-to-Peer networks[J]. IEEE Transactions on
Information Technology in Biomedicine, 2010,
[5] World Health Organization, World Health Statistics 14(3): 846-853.
2018:
https://apps.who.int/iris/bitstream/handle/10665/272 [17] Edwards, Michael. Lippeveld,Theo. Decision
596/9789241565585-eng.pdf?ua=1 support systems for improving the analytic capacity
of decentralized routine health information systems
[6] Annual Report on Healthy City Construction in in developing countries. Proceedings of the Hawaii
China (2018), ISBN:978-7-5201-3936-6 Intemadonal Conference on Sciences[J]. v 37, 2004,
P 2375-2383.
[7] 2018-2024 Artificial Intelligence + Medical Imaging
Industry Market Research and Investment Prospect: [18] Gajanayake R, Iannella R, Sahama T. Sharing with
https://www.chyxx.com/research/201710/578114.ht care: an information accountability perspective[J].
ml IEEE Internet Computing, 2011, 15(4): 31-38.

[8] Bhavnani, Sanjeev P.; Narula, Jagat; Sengupta, [19] Tiina,Suominen,Tarjal, Asikainen, Paula. The
Partho P. (7 May 2016). "Mobile technology and the outcomes of regional healthcam information systems
digitization of healthcare". European Heart Journal. in health care-A review of the research literature
37 (18): 1428–38. doi:10.1093/eurheartj/ehv770. International Journal of Medical Informafics[J]. V
PMC 4914890. PMID 26873093. 78, nil, 2009(9) ,P 757-771.

[9] Svetlana Sicular, Kenneth Brant, Hype Cycle for [20] Stolyar,Anna. Lober, William B. Drozd,Daniel R. A
Artificial Intelligence, 2018[J], Gartner. patient-centered health record in a demonstration
regional health information network Conference
Proceedings* 1st Transdisciplinary Conference on

– 142 –
ICT for Health: Networks, standards and innovation

Distributed Diagnosis and Home Healthcare [J]. [30] InferScholar Center.


D2H2 2006, 2006,P 160-163. https://www.infervision.com/en/solution

[21] Haux,. Health information systems-Past, present, [31] Ali ET Medical Brain.
future. International Journal of Medical https://www.alibabacloud.com/et/medical
Informatics[J]. V 75,n 3-4 SPEC. ISS. March / April
2006,P 268-281. [32] Joseph A. DiMasi, Henry G. Grabowski, Ronald W.
Hansen (2016). "Innovation in the pharmaceutical
[22] Winter Alfred. Brig Birgitl. Funkat Gert. 3LGM2- industry: New estimates of R&D costs". Journal of
Modeling to support management of health Health Economics.
information systems. International Journal of
Medical Informatics [J]. V 76, n2*3, February / [33] California Biomedical Research Association. "New
March 2007, P145-150. Drug Development Process" https://ca-
biomed.org/wp-content/uploads/2018/02/FS-
[23] Centers for Medicare & Medicaid Services (CMS), DrugDevelop.pdf
and Office of the National Coordinator for Health
Information Technology (ONC), HHS. Medicare [34] Mercom Capital Group report,
and Medicaid programs; modifications to the https://www.fiercehealthcare.com/tech/venture-
Medicare and Medicaid Electronic Health Record funding-for-digital-health-reached-9-5b-2018
(EHR) Incentive Program for 2014 and other
changes to EHR Incentive Program; and health [35] A. Galdran., T. Araújo, A. Mendonça, A. Campilho.
information technology: revision to the certified Retinal Image Quality Assessment by Mean-
EHR technology definition and EHR certification Subtracted Contrast-Normalized Coefficients, in:
changes related to standards. Final rule[J]. Federal European Congress on Computational Methods in
Register, 2014, 79(171):52909-33. Applied Sciences and Engineering Springer 2017 pp.
844–853.
[24] Doyle-Lindrud, Susan, DNP, AOCNP, DCC.
Watson Will See You Now: A Supercomputer to [36] Kaggle diabetic retinopathy competition
Help Clinicians Make Informed Treatment forum. https://www.kaggle.com/c/diabetic-
Decisions. Clinical Journal of Oncology Nursing; retinopathy-detection/forums/t/15605/human-
Pittsburgh Vol. 19, Iss. 1, (Feb 2015): 31-32. performance-on-the-competition-data-set . Accessed
June 30, 2016.
[25] Julia Powles, Hal Hodson. Google DeepMind and
healthcare in an age of algorithms, Health and [37] Kaggle Diabetic Retinopathy Detection
Technology, 2017, Volume 7, Number 4, Page 351 competition. https://www.kaggle.com/c/diabetic-
retinopathy-detection . Accessed June 30, 2016.
[26] Deep Learning Chipsets, CPUs, GPUs, FPGAs,
ASICs, SoC Accelerators, and Other Chipsets for [38] Krizhevsky A, Sutskever I, Hinton GE. ImageNet
Training and Inference Applications: Global Market classification with deep convolutional neural
Analysis and Forecasts: networks. Adv Neural Inf Processing Syst.
https://www.tractica.com/research/deep-learning- 2012:1097-1105.
chipsets/
[39] Russakovsky O, Deng J, Su H, et al. ImageNet large
[27] Mookiah MRK, Acharya UR, Chua CK, Lim CM, scale visual recognition challenge. Int J Comput Vis.
Ng EYK, Laude A. Computer-aided diagnosis of 2015;115(3):211-252.
diabetic retinopathy: a review. Comput Biol Med.
2013;43(12):2136-2155. [40] Decencière E, Etienne D, Xiwei Z, et al. Feedback
on a publicly distributed image database: the
[28] Elmore JG, Longton GM, Carney PA, et al. Messidor database. Image Anal Stereol.
Diagnostic Concordance Among Pathologists 2014;33(3):231-234. doi:10.5566/ias.1155
Interpreting Breast Biopsy Specimens. JAMA.
2015;313(11):1122–1132. [41] The International Medical Device Regulators Forum
doi:10.1001/jama.2015.1405 (IMDRF):http://www.imdrf.org

[29] Gulshan V, Peng L, Coram M, et al. Development [42] Wiegand Thomas, Krishnamurthy Ramesh,
and Validation of a Deep Learning Algorithm for Kuglitsch Monique, et al. (2019). WHO and ITU
Detection of Diabetic Retinopathy in Retinal Fundus establish benchmarking process for artificial
Photographs. JAMA. 2016;316(22):2402–2410. intelligence in health. The Lancet. 394.
doi:10.1001/jama.2016.17216 10.1016/S0140-6736(19)30762-7.

– 143 –
2019 ITU Kaleidoscope Academic Conference

[43] Digital mental health tools won't see clinical [44] US Food and Drug Administration, proposed
adoption without validation, industry players say. Regulatory Framework for Modifications to
https://www.mobihealthnews.com/content/digital- Artificial Intelligence/Machine Learning (AI/ML) -
mental-health-tools-wont-see-clinical-adoption- Based software as Medical Device (SaMD):
without-validation-industry-players https://www.fda.gov/media/122535/download

– 144 –
OPERATIONALIZING DATA JUSTICE IN HEALTH INFORMATICS

Mamello Thinyane

United Nations University Institute on Computing and Society, Macau SAR, China

ABSTRACT developments are also increasingly being recognized and


understood: growing inequality, new forms of
There is a growing awareness of the need and increasing marginalization and exclusion, digital waste, disruptions and
demands for technology to embed, be sensitive to, be decimation of norms.
informed by, and to be a conduit of societal values and
ethical principles. Besides the normative frameworks, such This potential of the 4IR to have adverse developmental
as the Human Rights principles, being used to inform impacts is giving motivation and impetus to global efforts
technology developments, numerous stakeholders are also towards ensuring that the outcomes of the use of technology
developing ethical guidelines and principles to inform their in society are consistent with our values, goals and desired
technology solutions across various domains, particularly futures. These efforts are advancing at many levels (e.g.
around the use of frontier technologies such as artificial organization, national, global) and from various fronts (e.g.
intelligence, machine learning, Internet of things, robotics legal, technological, educational, standards). For example,
and big data. Digital health is one of the domains where the legal stipulations such as the General Data Protection
convergence of technology and health stands to have a Regulation (GDPR), the Health Insurance Portability and
significant impact on advancing sustainable development Accountability Act (HIPAA), and the Protection of Personal
imperatives, specifically around health and wellbeing (i.e. Information Act (POPIA) are in place to protect and guide
SDG3). As far as digital health is concerned, what values the use of data. Ethics frameworks such as Ethical OS, Data
and ethical principles should inform solutions in this domain, Ethics Framework, and Asilomar AI principles, are being
and more significantly, how should these be translated and formulated to inform technology solutions and use. At the
embedded into specific technology solutions? This paper standards level, examples include the ISO/IEC 29100:2011
explores the notion of data justice in the context of health “Information technology, security techniques, privacy
informatics and outlines the key considerations for data framework” standard on privacy protection of personally
collection, processing, use, sharing and exchange towards identifiable information (PII), as well as the work from the
health outcomes and impact. Further, the paper explores the International Telecommunication Union (ITU) Focus Group
operationalization of Mortier et al.’s Human-Data on Data Processing and Management (FG-DPM) within
Interaction principles of legibility, agency and negotiability Working Group 3 on “Data sharing, interoperability and
through a health informatics system architecture. blockchain” as well as Working Group 4 on “Security,
privacy and trust including Governance”. At the global level,
Keywords – data justice, human-data interaction, personal normative frameworks such as the Human Rights principles,
health informatics provide high-level guidelines that could be operationalized
in the development of technology solutions across various
1. INTRODUCTION domains. One such domain that is being transformed by the
recent information and communication technology
The fourth industrial revolution (4IR) is set to transform developments is health. Digital health is not only improving
society in many fundamentally deep and broad ways. Unlike health service delivery, it is also introducing new
the previous industrial revolutions, the impact of the 4IR technologies and solutions towards universal health
stands to be unprecedented due to the velocity, scope and coverage and global health and wellbeing goals [3].
system impacts of the technological developments [1]. Some
of the ensuing and anticipated technological developments This research explores the use of data within the digital
are set to have fundamental and existential impacts on our health domain, highlighting the pathways from data to health
lives, for example, the societal evolution towards the outcomes and impacts, the key challenges and risks
infosphere [2], human augmentation through biotechnology, associated with the use of personal health data, as well as an
and the pervasiveness of robotics, autonomous computing overview of data justice principles and their application in
and artificial intelligence (AI). The potential of the 4IR, like digital health. The discussions in this paper are supported
other technological developments before, to contribute to and augmented with the findings from a survey that was
advancing sustainable development imperatives is broadly undertaken in pursuit of two lines of inquiry, firstly, to
recognized, e.g. supporting innovation, improving understand individuals’ use of personal health informatics,
efficiencies and enhancing livelihoods. However, the in particular, their motivations for data collection and
challenges and risks presented by these technological monitoring, as well as their current practice around health

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 145 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

monitoring; secondly, to understand the attitudes and values management of their health, including to inform behavior
around data sharing and social sense-making. The survey change and track progress on specific health goals.
consisted of 14 questions on demographics, personal health
informatics practice, sustainable development goals, data 2.1 Personal health informatics
sharing, and an open-ended question on the current practice
(i.e. framed as “What information and data do you use in Li et al. [4] formally define personal health informatics
your everyday life that you find relevant for your simply as a class of applications “that help people collect and
wellbeing?”). The 981 respondents in the survey, the reflect on personal information.” The field has gained
majority of whom are from North America, were recruited increasing popularity due to several developments, including
via virtual snowballing, social media channels and a research the rise of quantified-self movement [5], the availability of
panel via an online survey platform. affordable self-tracking technology, and the proliferating
phenomenon of datafication of individuals and societies [6].
The paper is structured as follows: the next section provides The promise of the self-tracking devices to offer individuals
a broad overview of digital health, paying attention to health a non-subjective and unambiguous assessment of their
informatics and the value proposition of data for health. This physical wellbeing and the state of their bodies has been part
is followed by an introduction of the notion of data justice of society for over a century; the weigh scales have played a
and its relevance to the digital health domain in general, but predominant role in this regard [7]. Beyond the development
also to health informatics specifically. Various formulations of new technologies used for personal health informatics, the
of data justice are discussed, after which is distilled a list of 21st century self-tracking landscape has also introduced new
requirements to inform technology designs. This is followed considerations, including the commoditization of personal
by a proposal of a health informatics architecture that is data, new value dimensions associated with aggregate data,
informed by the data justice principles. Lastly, the merits of and the wide sharing of data beyond the individuals who the
this architecture are discussed, juxtaposed to other related data is about [7], [8]. Therefore, while personal informatics
technologies. fundamentally regards the use of own data by individuals for
their benefits, the contemporary reality is that personal data
2. DIGITAL HEALTH AND HEALTH and its use exists within a broad, multifaceted ecosystem.
INFORMATICS

Digital health, the confluence of information and


communication technologies (ICTs) and health, has opened
up numerous opportunities to both enhance the delivery of
existing health interventions and introduce new technology-
driven health interventions [3]. Digital health includes
telehealth, tele-consultants, tele-coaching, social networking,
and online communities, online access to records, as well as
independent self-monitoring apps. In recognizing the
potential of technology and innovation to enhance health
services, the seventy-first World Health Assembly
underscored the need to “ensure that digital health solutions
complement and enhance existing health service delivery
models, strengthen integrated, people-centered health
services and contribute to improved health, and health equity,
including gender equality, and addressing the lack of
evidence on the impact of digital health”[3].

One of the core elements within digital health is health Figure 1 - Motivation and uses of personal informatics
informatics, comprising the technologies for the
management of electronic health records, medical data, The use of data towards the achievement of health outcomes
health indicators and personal health data. Traditionally, the has traditionally been premised on the argument that more
bulk of health data collection and processing was undertaken and better data leads to better health choices and decisions,
by health service providers, with individuals as the primary and that the increasing availability of health information on
sources of health data, as well as the primary beneficiaries of the Internet would lead to the emergence of ‘informed
the health outcomes associated with the use of the data. This patients’ [9] and ‘digitally engaged patients’ [10]. The
data, which represents one of the key resources for the transtheoretical model (TTM) of behavior change [11],
business operation of health providers, typically exists in the which has been the predominant model for the psychology
form of electronic health records. However, with the of intentional behavior change, has also informed the
growing ubiquity of health technology tools, individuals are formulation of personal health informatics models such as
increasingly also participating in the collection and the stage-based model of personal informatics [4] and the
management of their health data. In the context of personal lived informatics model of personal informatics [12]. In our
health informatics, individuals are collecting data for self- research, we have identified, through the thematic coding of

– 146 –
ICT for Health: Networks, standards and innovation

the open-ended survey question, the predominant pathways Beyond the risks of social control, this has the potential to
to impact as well as the motivations and current practice of open up individuals to the risks of exploitation through
the participants with regards to personal informatics. Figure surveillance capitalism and commoditization of personal
1 highlights the main “motivation and use” themes with their data, as has been demonstrated, for example, in the cases of
corresponding coding reference frequencies. 23andMe, Facebook, and Cambridge Analytica [17]–[19].

Table 1 - Motivations and styles of personal informatics Thirdly, the empowerment narrative echoes the
technological determinism sentiments, which are not
Motivation & use / Tracking universally valid and consistent. In our survey results, on the

Documentary
style investigation of the participants’ use of personal health

Diagnostic

Fetishised
Directive

Rewards
informatics towards health outcomes and the attitudes
towards data sharing, we coded 18 references that expressed
both a strong resistance and refusal to use and / or to share
personal health data. For example: “I don’t use information
Awareness and monitoring X
or data. I take my medicines and vitamins, and see my doctor
Benefit for others
often” (GIS_806); “How I feel, do not use data” (GIS_504),
Compare and reflect X “Mindfulness of my moods and stress level; awareness that I
Curiosity and information am the major actor in my life, but that I can’t control
Dealing with an ailment X X anything outside myself” (GIS_379), where the participants
Informing action X emphasized the reliance on self-awareness as opposed to on
Maintaining health and X technology devices and data; “Actually none because
wellbeing everything changes and everyone has their viewpoint to
Reach new goals and improve X make you believe what they are telling is true” (GIS_596),
expressing the lack of trust in the system stakeholders.
The motivations and uses of personal health informatics
identified in our research correspond to three of five of Health informatics tools and technologies are employed to
Rooksby et al. [13] style styles of personal information empower patients to achieve better health and to improve
tracking. These observations support the position that as health service delivery by health service providers. The
individuals engage in the collection and use of personal impact pathways from these digital resources to specific
health data, through various impact pathways and a health outcomes are non-trivial and need to be critically
combination of personal conversion factors [14], they are understood, taking into consideration the situations of the
empowered to pursue and achieved desired health outcomes. different actants, the contextual factors, as well as the overall
This empowerment narrative of personal health informatics digital health ecosystem.
has informed many digital health programs and projects
around the world. It has, however, been criticized and shown 2.2 Health data ecosystem
to present an overly simplified techno-utopian perspective
that fails to consider the nuanced complexities of personal Individuals are the primary unit of attention within the health
health informatics. domain, as far as being the main beneficiaries of the targeted
health outcomes. They, however, exist as one of the actants
Firstly, while the importance of the informational and within a complex ecosystem consisting of a variety of
technology resources cannot be denied, the empowerment stakeholders, including health service providers, health
narrative fails to recognize the varying agency as well as the industry stakeholders, public sector entities, households, and
endowments of conversion factors, such as underlying data communities, as well as other civil society stakeholders. The
and digital illiteracies, as well as general illiteracy, for use of data towards the achievement of health outcomes,
different individuals and population groups [14]. In an therefore, permeates this complex ecosystem and needs to be
empirical research investigating “informational practices” of considered when taking into consideration the interactions
32 mid-life women on the use of hormone replace therapy with and the data exchanges between the different
(HRT) for relief of menopausal symptoms, Henwood et al. stakeholders.
[9] found that there was a strong reluctance on the part of the
participants to take on the implied responsibilities of data Firstly, in the context of the sustainable development data
management; they observed problems with the information ecosystem or that of future data-driven societies, sharing of
literacy of the participants; and there were also challenges personal data needs to be considered not only with
associated with information-sharing in medical encounters individuals’ personal social circles but also with other
with health professionals. stakeholders within the wider data ecosystem. For example,
the role of citizen-generate data to support the monitoring of
Secondly, the proliferation of personal health informatics progress towards the sustainable development goals, through
technologies that track and monitor our everyday functioning direct contributions to the indicators or via proxy indicators,
has the potential to unleash Orwellian techno-dystopia of has been recognized and well highlighted in the literature.
panoptic surveillance assemblages that extend paternalistic
social control by the strong and the powerful [15], [16].

– 147 –
2019 ITU Kaleidoscope Academic Conference

Secondly, while deriving relevant insights from health justice. As noted by Taylor [27], the ends of various data
informatics primarily ensues through the individual’s justice formulations is to achieve both specific outcomes and
engagement with their data, research has found that also specific configurations of the associated data
individuals also engage in sharing of their data with others assemblages towards the achievement of those outcomes: in
for sense-making purposes [20]–[22]. Thus, the collection the case of Johnson’s [29] framework, the end goal is
and use of data by individuals also comprise the social embedding anti-discrimination principles and features in the
dimension. design of database systems; for Heeks and Renken [28], the
focus is on data distribution in a way that achieves fair access,
Thirdly, personal health data also gets shared to support participation and representation; and lastly Dencik et al. [30]
external pursuits such as biomedical research, where data on are interested in the means of limiting data collection and
health profiles, cohort data, as well as physical activity data distribution in contexts of surveillance capitalism.
can support projects such as the Global Alliance for
Genomics and Health [23]. The sharing of data in this In the work of Mortier et al. [31], in which they formalize
context can be motivated from the perspective of the the notion of human-data interaction (HDI), they explicate
Universal Declaration of Human Rights, which recognizes the interaction between humans and data systems in a way
the “right of everyone to share in scientific advancement and that places “the human at the center of the flows of data, and
its benefits” [23]. Thus sharing of data can be towards these providing mechanisms for citizens to interact with these
goals, which are associated with citizen science, as well as systems and data explicitly”. While the formulation of HDI
increased participation and engagement in advancing is not explicitly from a social justice nor ethics perspective,
scientific research [24]. it gives recognition to the fact that the underlying issues in
HDI sit at the intersection of “the various disciplines
In all these cases of external sharing of personal health data, including computer science, statistics, sociology,
there is, however, the persistent risk of “Googlization of psychology, and behavioral economics” [31]. Further, it
health research,” which is associated with the increasing gives recognition to the fact that human-data interaction
data-driven encroachment and involvement of the major happens in the context of complex data ecosystems, which
technology companies within the health and biomedical are constitutive of the global data-driven society. In this
sectors [17]. The potential benefits of the application of these complex interaction of different stakeholders with different
technological developments on issues of health and capabilities, interests and agendas, there is an ongoing
wellbeing are immense; they include major improvements in contestation for the voices of humans and human-centric
disease diagnosis, improving access to services through perspectives not to be marginalized and excluded. Some of
telehealth solutions and advancing the developmental the powerful and key actants within the health informatics
aspirations of achieving universal health coverage. The ecosystem include health-service providers, the health
challenges, however, are equally immense and are associated industry, as well as the non-human technology-related
not only with adverse health outcomes but also with negative actants, as has been highlighted by Sharon [17] regarding the
sociocultural and economic consequences. These challenges influence of the technology companies in the health data
are related to issues of bias, privacy [25], informed consent, research. Further highlighting the complexity, Morley and
context transgressions [26], health data commoditization, Floridi [16] offer a poignant critique of the techno-utopian
new power asymmetries and discriminations [27], data formulation of mHealth technologies as empowering devices
valorization and benefit-sharing, and the importation of and warn against the risk of medical paternalism. Privileging
digital capitalism practices into the health realm [17]. the position of the humans within the health informatics
ecosystem, as has been done in the HDI framework, allows
3. DATA JUSTICE IN HEALTH INFORMATICS for the critical investigation of issues towards an explicit goal
of enhancing the substantive freedoms of individuals to
Numerous definitions of “data justice” have been advanced achieve their desired health outcomes and enhancing their
in the literature, which fundamentally recognize the social health capabilities [32].
justice dynamics and impacts of the use of data in society.
Taylor [27] defines data justice as the “fairness in the way In this paper, the HDI framework has been adopted to frame
people are made visible, represented and treated as a result the discussion of the outworking of data justice in health
of the production of digital data.” In her formulation of data informatics systems. The paper expands on the imperatives
justice she decomposes the concept to three notions of of legibility, agency and negotiability to identify specific
(in)visibility – associated with access to representation, and considerations and non-functional requirements to inform
informational privacy; (dis)engagement with technology, the design of health informatics systems.
which is linked to sharing in data benefits as well as
autonomy in data choices; and to antidiscrimination, which 3.1 Legibility
is linked with the ability to challenge bias and preventing
discrimination. Heeks and Renken [28] define data justice Legibility is summarily defined as “being able to be
simply as “the primary ethical standard by which data- understood by people they concern, as a precursor to
related resources, processes and structures are evaluated.” exercising their agency” [31]. This is defined with regards to
They, however, expand this to formulate three notions of the data, as far as individuals understanding what data has
instrumental, procedural and distributive rights-based data been collected, how it is being used, by whom, and when it

– 148 –
ICT for Health: Networks, standards and innovation

is being used; but legibility is also defined with regards to 3.3 Negotiability
the algorithms that process the data, towards ensuring that
algorithms are understood and that the various forms of Negotiability is defined in terms of “active and engaged
algorithm opacity are reasonably mitigated [33]. While at a interaction with data as contexts change.” This makes
simple level the “concerned” people could be understood to recognition of the fact that not only do situations and
refer to the people who the data is about, in reality, the people contexts change, but also do individuals’ desires, attitudes
who are impacted by collected health data, which Loi [34] and preferences. The use of personal health data is tightly
terms as digital phenotypes, and the nature of the impact are coupled to and contingent on the context; individuals need to
very diverse. In the case of health informatics, there are the retain the legibility and agency in different contexts. This
identified individuals who the data is about; there are further decomposes into the following considerations:
individuals who collect the data and who are involved in the
creation and shaping of the digital phenotypes, and there are 1. (Perpetual) Control: the continued ownership and
also people who are impacted by generalizations that control of personal health data and digital phenotypes,
emanate from health informatics [34]. In this paper, the the digital traces that have value towards specific health
notion of “ownership” of data is used in the first sense, which outcomes, in perpetuity [34].
regards health informatics as the self-extension of and as 2. Data provenance: with the changing contexts and the
being constitutive of the individual who the data is about. evolution of data, it is vital to maintain the genealogy of
personal health data.
From the analysis of Mortier et al.’s [31] description and
discussion of “legibility,” supported by the investigations
undertaken in this research, the following health informatics
systems requirements and considerations are formulated:

1. Accounting and auditing: to keep track of and enable an


inspectable audit of the use of personal health data.
Further, to allow for the auditing of the associated
algorithms.
2. Feedback and notifications: to inform the owners of the
collection and use of their data.
3. Relevant insights: to provide actionable insights that
facilitate the subsequent use of the data.

3.2 Agency

Agency is defined in terms of enhancing “the capacity for the


humans to act in these data systems” [31]. Enhancing
individuals’ agency does not presuppose their intention to Figure 2 – Data-sharing stakeholder clusters
participate and to be engaged in the active management of
their data, as observed in Henwood et al.’s [9] research, 3. Contextual integrity: in the research undertaken in this
where participants showed reluctance to take on the project, an investigation into the willingness of
responsibility of managing their data. It rather has participants to share their personal health data with
implications on the technology affordances that enhance the specific stakeholders within the data ecosystem (i.e.
ability of individuals to act on and with their data question framed as “To what extent would you be happy
meaningfully. The requirements that emanate from the to share your personal health information with the
undertaken analysis include: following individuals / organizations?”) illustrates the
significance of contextual integrity as far as personal
1. Permissions and access control: the ability of health data is concerned [26]. A correlation (i.e.
individuals to permit and restrict certain types of use of Spearman correlation) and clustering (i.e. agglomerative
their data by different stakeholders. hierarchical clustering with complete linkages method
2. Consent and withdrawal: to enable individuals to using Euclidian distance between the scores) analysis of
consent to data collection and also to withdraw and the responses highlights three distinct contexts within
exercise the right to be forgotten. which the participants would share their data: with their
3. Revocation of data: beyond the ability to withdraw from doctors, with their families and friends, with external
data collection, individuals should have the ability to organizations and stakeholders (see Figure 2). Each of
have previously recorded data revoked and deleted. these contexts represents specific requirements and
preferences regarding data use.
4. Anonymization, delinking, and data commons: the
ability to anonymize and delink data, and to facilitate the
ability of individuals to share their data broadly within
the data ecosystem, e.g. to support scientific research by
contributing to data commons.

– 149 –
2019 ITU Kaleidoscope Academic Conference

4. PRELIMINARY ARCHITECTURE PROPOSAL the functionality (e.g. access control, auditing, context
integrity checks) to use the data to be shared with the health
The architecture proposed in this paper is framed for a very service providers; this is achieved through the cloning and
specific digital health scenario, specific requirements and migration of the DataAgent from the PHIX main container
specific context. The scenario is that of sharing personal to the service provider containers, and provides inter-agent
health information data (e.g. health indicators collected on communication and synchronization between the associated
personal monitoring devices, historical health records and DataAgents. The data owner has control of his community
digital phenotypes [34]) with a health service provider, and of DataAgents with the ability to gain visibility of where his
ensuring legibility, agency and negotiability in the data has been shared, to understand the specific utilization of
interaction between the individual and their data. A subset of their data and to control the use of specific DataAgents, for
the requirements detailed in the previous section can be met example, updating permissions and access control, revoking
and implemented with standard techniques and solutions. and killing shared agents.
For example, some of the requirements around data privacy
can be handled using information security techniques, such
as public cryptography systems [35], as has been the practice
for say HIPAA compliance and, more recently, GDPR
compliance. However, there are specific requirements
associated with the HDI imperatives, specifically
negotiability, that give motivation for the architecture
proposed in this paper. In particular, the architecture
addresses the requirement for enhancing the control that
owners of data retain over their data once the data is shared,
and ensuring that the dynamic contextual constraints are
enforced on the subsequent use of the data.

The proposed architecture, Personal Health Information


eXchange (PHIX), is based on the multi-agent systems
(MAS) paradigm. As a candidate implementation of this
architecture, the JADE multi-agent system platform is
considered [36]. JADE is a framework to develop agent
applications in compliance with the Foundation for
Intelligent Physical Agents (FIPA) specification for
interoperable multi-agent systems. FIPA aims at providing a
reference model for the implementation of highly
interoperable complex agent systems. The specification
defines a minimum set of key agents that are necessary for Figure 3 - Health informatics architecture proposal
the operation of MAS platforms; these include the Agent
Management System (AMS) – which provides for the Within this architecture, as per the defined scenario, service
management and control of other agents on the platform; the discovery is primarily handled via the use of the DF through
Agent Communication Channel (ACC) – which provides the which the health service providers publish their details.
communication mechanism between agents on the platform; Individuals who need to share their data (i.e. via cloning and
as well the Directory Facilitator (DF) which provides a migration) would similarly employ the DF to query the data
yellow page services for the agent platform. Besides for the relevant health providers. The key feature of this
providing the basic features that are specified in the FIPA architecture is to bundle personal health data along with the
specification, JADE provides a JAVA-based distributed functionality to manage its use in various contexts into the
agent platform, with transport mechanisms for inter-agent DataAgent, which is under the control of the data owner. By
communication, automatic registration of agents with the exploiting the agent mobility and migration feature of MAS,
AMS, a GUI for the management of the agent platform, a sharing of data is not associated with relinquishing control
library of FIPA interaction protocols, as well functionality over the data, the DataAgent enforces the contextual
for monitoring the interactions between the agents [36]. constraints, as well as the dynamic access controls decided
by the data owner.
PHIX consists of the core MAS platform, distributed agent
containers hosted by the health service providers, and the 5. DISCUSSION
DataAgent, which encapsulates personal health data, as well
as the functionality associated with the use of the data. The While the PHIX architecture fundamentally explores and
key element of this architecture is the DataAgent which illustrates the operationalization of ethical principles and
functions as a mobile virtual data double that allows for values, such as the HDI imperatives, in technology solutions,
individuals’ health data to be secure packaged, using relevant it also proposes a technical solution for the specific challenge
knowledge representation standards and ontologies (e.g. associated with enhancing access control to and contextual
triple-based RDF or RDFS); allows for the data along with integrity of personal health data. Some of the solutions that

– 150 –
ICT for Health: Networks, standards and innovation

have been proposed for this challenge include MeD-lights, a REFERENCES


system that uses the traffic light metaphor (i.e. red, yellow,
green) to indicate and label the sensitivity levels of personal [1] K. Schwab, “The Fourth Industrial Revolution:
health data [37]. The MeD-lights system provides a what it means, how to respond,” Foreign Affairs,
mechanism for an intuitive specification of the privacy and Dec. 2015.
confidentiality requirements associated with personal health
data. In this solution, the challenge of forfeiting control, at a [2] L. Floridi, The 4th revolution : how the infosphere
technology level, once data is shared, is not addressed. is reshaping human reality. Oxford University
Press, 2014.
Mortier et al. [31] have proposed the concept of a databox,
initially conceived as a distributed system for the federation [3] World Health Organization, “Resolution
of personal health data, providing APIs to access data held WHA71.7,” Resolut. deliberations eHealth, no.
in the personal databoxes, and fundamentally moving the May, 2018.
code and processing to data, such that only results of the
requested computation are communicated to third parties, [4] I. Li, A. Dey, and J. Forlizzi, “A stage-based model
without releasing personal data. The design of the databox is of personal informatics systems,” in Proceedings of
informed by the requirements for it to be a trusted platform, the 28th international conference on Human factors
to provide for data management, enabled controlled access, in computing systems - CHI ’10, 2010, p. 557.
and to enable incentives for all parties. While the databox in
this solution has some similarities to the functionality of the [5] A. Marcengo and A. Rapp, “Visualization of human
DataAgent, the primary difference is that the databox behavior data: the quantified self,” Innov.
provides a federated repository to various data sources and approaches data Vis. Vis. Anal., vol. 1, pp. 236--
accepts code requests for execution on the personal data. The 265, 2014.
DataAgent provides data sharing through agent mobility,
which is coupled with the functionality to manage the use of [6] J.E. Mai, “Big data privacy: The datafication of
the data within the specific context. personal information,” Inf. Soc., vol. 32, no. 3, pp.
192–199, May 2016.
The PHIX architecture is consistent with both the digital
phenotype perspective [34], as well as the notion of a [7] K. Crawford, J. Lingel, and T. Karppi, “Our
digital/virtual ‘data double’ that is endowed with both data metrics, ourselves: A hundred years of self-tracking
and functionality. Invariably, the proposed architecture is from the weight scale to the wrist wearable device,”
framed to deal with a very specific narrowly defined scenario Eur. J. Cult. Stud., vol. 18, no. 4–5, pp. 479--496,
(i.e. sharing of personal health informatics data with a health 2015.
service provider) that neglects some of the challenges
experienced in personal health informatics, such as N- [8] D. Boyd and K. Crawford, “Critical Questions for
dimensional attribute of data associated with the social and Big Data,” Information, Commun. Soc., vol. 15, no.
communal ownership of data. 5, pp. 662–679, Jun. 2012.

6. CONCLUSION [9] F. Henwood, S. Wyatt, A. Hart, and J. Smith,


“‘Ignorance is bliss sometimes’: Constraints on the
The use of technology and data in and by society needs to be emergence of the ‘informed patient’ in the changing
on terms that are consistent with the values and the ethical landscapes of health information,” Sociol. Heal.
standards of a society. As far as digital health and health Illn., vol. 25, no. 6, pp. 589–607, 2003.
informatics are concerned, the data justice principles
encapsulated in frameworks such as the HDI, stand to [10] D. Lupton, “The digitally engaged patient: Self-
provide guidelines that can inform the development and monitoring and self-care in the digital health era,”
implementation of digital health technology solutions. Soc. Theory Heal., vol. 11, no. 3, pp. 256–270,
Operationalizing such ethical principles and value Aug. 2013.
frameworks is non-trivial and requires that the principles are
translated and decomposed into specific constitutive system [11] J. O. Prochaska and W. F. Velicer, “The
requirements. This paper has explored and presented an Transtheoretical Model of Health Behavior
investigation of data justice in health informatics and has Change,” Am. J. Heal. Promot., vol. 12, no. 1, pp.
suggested the operationalization of the HDI negotiability 38–48, Sep. 1997.
requirements of (perpetual) control and contextual integrity
through a MAS-based PHIX architecture that encapsulates [12] D. A. Epstein, A. Ping, J. Fogarty, and S. A.
individuals’ data in a dynamic, mobile, virtual ‘data double’ Munson, “A lived informatics model of personal
DataAgent component. informatics,” in Proceedings of the 2015 ACM
International Joint Conference on Pervasive and
Ubiquitous Computing - UbiComp ’15, 2015, pp.
731–742.

– 151 –
2019 ITU Kaleidoscope Academic Conference

[13] J. Rooksby et al., “Personal tracking as lived [25] B. Jacobs and J. Popma, “Medical research, Big
informatics,” in Proceedings of the 32nd annual Data and the need for privacy by design,” Big Data
ACM conference on Human factors in computing Soc., vol. 6, no. 1, p. 205395171882435, 2019.
systems - CHI ’14, 2014, pp. 1163–1172.
[26] H. F. Nissenbaum, Privacy in context : technology,
[14] S. Nambiar, “Capabilities, conversion factors and policy, and the integrity of social life. Stanford Law
institutions,” Prog. Dev. Stud., vol. 13, no. 3, pp. Books, 2010.
221–230, Jul. 2013.
[27] L. Taylor, “What is data justice? The case for
[15] K. D. Haggerty, Richard V. Ericson, “The connecting digital rights and freedoms globally,”
surveillant assemblage,” Br. J. Sociol., vol. 51, no. Big Data Soc., vol. 4, no. 2, p. 205395171773633,
4, pp. 605–622, 2000. Dec. 2017.

[16] J. Morley and L. Floridi, “The Limits of [28] R. Heeks and J. Renken, “Data justice for
Empowerment: How to Reframe the Role of development,” Inf. Dev., vol. 34, no. 1, pp. 90–102,
mHealth Tools in the Healthcare Ecosystem,” Sci. Jan. 2018.
Eng. Ethics, no. 0123456789, 2019.
[29] J. Johnson, “The question of information justice,”
[17] T. Sharon, “When digital health meets digital Commun. ACM, vol. 59, no. 3, pp. 27–29, 2016.
capitalism, how many common goods are at stake?”
Big Data Soc., vol. 5, no. 2, p. 205395171881903, [30] L. Dencik, A. Hintz, and J. Cable, “Towards data
2018. justice? The ambiguity of anti-surveillance
resistance in political activism,” Big Data Soc., vol.
[18] S. Sterckx, J. Cockbain, H. Howard, I. Huys, and P. 3, no. 2, p. 205395171667967, Dec. 2016.
Borry, “‘Trust is not something you can reclaim
easily’: patenting in the field of direct-to-consumer [31] R. Mortier, H. Haddadi, T. Henderson, D.
genetic testing,” Genet. Med., vol. 15, no. 5, pp. McAuley, and J. Crowcroft, “Human-Data
382–387, May 2013. Interaction: The Human Face of the Data-Driven
Society,” SSRN Electron. J., Oct. 2014.
[19] S. Zuboff, “Big other: Surveillance Capitalism and
the Prospects of an Information Civilization,” J. Inf. [32] J. P. Ruger, “Toward a Theory of a Right to Health:
Technol., vol. 30, no. 1, pp. 75–89, Mar. 2015. Capability and Incompletely Theorized
Agreements.,” Yale J. law Humanit., vol. 18, no. 2,
[20] A. Puussaar, A. Clear, and P. Wright, “Better p. 3, 2006.
together: Reciprocal sharing and social
sensemaking of data,” in Workshop on “Quantified [33] J. Burrell, “How the machine ‘thinks’:
Data and Social Relationships” -CHI2017, 2017. Understanding opacity in machine learning
algorithms,” Big Data Soc., vol. 3, no. 1, p.
[21] R. Fleck and D. Harrison, “Shared PI: Sharing 205395171562251, Jan. 2016.
personal data to support reflection and behaviour
change,” in Workshop on" Beyond Personal [34] M. Loi, “The Digital Phenotype: a Philosophical
Informatics: Designing for Experiences of Data"- and Ethical Exploration,” Philos. Technol., vol. 32,
CHI2015, 2015. no. 1, pp. 155–171, Mar. 2019.

[22] S. Stals, M. Smyth, and O. Mival, “Sharing and [35] H. S. Gardiyawasam Pussewalage and V. A.
exploring Quantified-Self Data on In-Place Oleshchuk, “Privacy preserving mechanisms for
experiences and emotions,” in ACM CHI 2017 - enforcing security and privacy requirements in E-
Quantified Data and Social Relationships, 2017. health solutions,” Int. J. Inf. Manage., vol. 36, no.
6, pp. 1161–1173, 2016.
[23] B. M. Knoppers and A. M. Thorogood, “Ethics and
Big Data in health,” Curr. Opin. Syst. Biol., vol. 4, [36] F. Bellifemine, A. Poggi, and G. Rimassa, “JADE –
pp. 53–57, Aug. 2017. A FIPA-compliant Agent Framework,” Fourth Int.
Conf. Pract. Appl. Intell. Agents Multi-Agent
[24] J. P. Woolley et al., “Citizen science or scientific Technol. (PAAM 1999), pp. 97–108, 1999.
citizenship? Disentangling the uses of public
engagement rhetoric in national research [37] E. K. Adams, M. Intwala, and A. Kapadia,
initiatives,” BMC Med. Ethics, vol. 17, no. 1, p. 33, “{MeD}-Lights: A Usable Metaphor for Patient
Dec. 2016. Controlled Access to Electronic Health Records,”
in Proceedings of the 1st {ACM} International
Health Informatics Symposium, 2010.

– 152 –
SESSION 7

SAFETY AND SECURITY IN HEALTHCARE

S7.1 Thought-based authenticated key exchange


S7.2 Cyber-safety in healthcare IoT
THOUGHT-BASED AUTHENTICATED KEY EXCHANGE

Phillip H. Griffin

Griffin Information Security

ABSTRACT "universal access to health care for all a reality – across the
globe" [3]. With over "95% of the world population" being
Identity authentication techniques based on password- "covered by mobile networks" as of December 2018 and
authenticated key exchange (PAKE) protocols rely on weak over "7 billion mobile subscriptions in the world" [3], ICT
secrets shared between users and host systems. In PAKE, a is poised to connect patients to the "social services, health
symmetric key is derived from the shared secret, used to workers, and care agencies" that can help them overcome
mutually authenticate communicating parties, and then their healthcare challenges [2].
used to establish a secure channel for subsequent
communications. A common source of PAKE weak secrets Though there have been notable improvements in achieving
are password and passphrase strings. Though easily SDG outcomes, there is still much more work to be done.
recalled by a user, these inputs typically require keyboard ICT promises to play an increasingly important roll in this
entry, limiting their utility in achieving universal access. work, as it is the "technology with the greatest impact in
This paper describes authentication techniques based on promoting the inclusion of persons with disabilities" [4],
weak secrets derived from knowledge extracted from and it has the ability to eliminate isolation of the elderly by
biometric sensors and brain-actuated control systems. The "connecting them to the world around them" [5]. With the
derived secrets are converted into a format suitable for use growing availability of smart phones, wireless and mobile
by a PAKE protocol. When combined with other computing, ICT can deliver a new age, "not only of
authentication factors, PAKE protocols can be extended to information sharing in general, but of the proliferation of
provide strong, two-factor identity authentication that is web-based services" and mobile access that can help bring
easy to use by persons living in assistive environments. health and wellbeing to both " disabled and non-disabled
communities alike" [4].
Keywords – assistive environments, authentication,
biometrics, key exchange, security It is especially important to remediate security risk for those
people requiring assistive living services, and for those who
1. INTRODUCTION depend on telemedicine. The delivery of ICT "services
provided through cloud and web-based systems over
In 2017, the World Health Organization (WHO) reported unsecured public networks exposes this vulnerable
that more than "one billion people worldwide - about 15% population to increased security risk" [5]. Authentication
of the world's population" are persons with some form of and secure communications are crucial security controls for
disability [1]. Earlier United Nations (UN) and WHO those who must rely on telemedicine, which uses
reports predicted a tripling of the number of "people aged "telecommunications to, remotely, provide medical
65 or older" in 2010 "to 1.5 billion in 2050, 16 % of the information and services” and to reliably “transfer medical
entire world population" [2]. As the numbers of elderly and information and services from one place to another" [6].
disabled people continue to grow, more of them are striving
to retain their autonomy and remain in their homes. As the Providing vulnerable populations and their caregivers who
cost of healthcare continues to rise, governments have rely on these systems with security assurance begins with
struggled to find ways of providing care to these vulnerable reliable mutual authentication that is accessible by everyone.
populations. A user-centric approach guided by the design goals of
universal access can help to ensure that inclusive outcomes
Ambient assisted living (AAL) aims to achieve the UN are achieved. Providing data confidentiality and secure
Sustainable Development Goal (SDG) of ensuring healthy communications solutions that combat man-in-the-middle
lives and promoting the wellbeing of all people, regardless and phishing attacks is also critical. These goals can be met
of their age, location or income. At its core, AAL relies on by extending the capabilities and scope of an existing
the use of information and communications technology protocol used for secure authentication, Recommendation
(ICT) innovation, networks and standards to deliver ITU-T X.1035.
services that increase "the life quality of patients" and "their
relatives" [2]. ICT and "specifically mHealth solutions"
provide new opportunities to bring access to healthcare and
AAL services "to people in remote areas" and to make

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 155 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

2. PAKE PROTOCOL STANDARDIZATION challenge. In this case, the protocol will end without the
user credentials being exposed to the attacker.
Password-authenticated key exchange (PAKE) protocols
have been defined internationally in Recommendation ITU- When the client authentication-attempt message in a PAKE
T X.1035 [7] and ISO/IEC 11770-4 [8]. PAKE is a protocol is augmented with a user's biometric sample, the
“cryptographic protocol that allows two parties who share PAKE protocol can be extended to provide both mutual
knowledge of a password to mutually authenticate each authentication, and two-factor user identity authentication.
other and establish a shared key, without explicitly The biometric sample included by the user in their
revealing the password in the process” [9]. PAKE protects authentication-attempt message enjoys the same protection
users from phishing and man-in-the-middle attacks, so that against phishing and man-in-the-middle attacks afforded by
users can authenticate with an easily recalled password that PAKE. The user still benefits from mutual authentication,
is never exposed to an attacker. gaining assurance that the intended server has been
accessed instead of an attacker's server.
PAKE protocols achieve mutual authentication without
requiring that users possess digital certificates. By not 3. BIOMETRIC EXTENDED PAKE PROTOCOL
requiring certificates, the cost and operational complexity
of providing mutual authentication solutions can be reduced Biometric authenticated key exchange (BAKE) is an
compared to solutions that rely on a public key extension of the PAKE protocol that provides strong, two-
infrastructure (PKI). By design, PAKE protocols never factor user identity authentication [10]. BAKE extends
expose "the user password to a server impersonation or PAKE by including a user biometric sample, a something-
eavesdropping attack" [5] during a user authentication you-are authenticator, in the PAKE authentication-attempt
attempt. message sent by a user to a server [10]. A claimed user
identity (i.e., an account name) is sent to the server in the
This characteristic of PAKE “prevents off-line dictionary clear. Transfer of the user biometric sample is protected by
attacks, a common password authentication problem.” [9]. encryption under the symmetric key derived from a PAKE
The user's password is input to a Diffie-Hellman key user password, a something-you-know authenticator.
exchange process to derive a symmetric key. This derived
key is used as the basis for ensuring the confidentiality of ICT innovations have led to increased availability and
communications between a user and a server during sophistication of "inexpensive mobile computing devices"
operation of a PAKE protocol. that incorporate "wide varieties of biometric sensors" [5].
"Face, voice, gesture and touch biometric sensors are
The operation of a PAKE protocol, as depicted in Figure 1, becoming commonplace" [5]. This makes it practical for
begins with the user providing a password to a browser or system designers to offer users greater choice that serves
user agent. The password must be preregistered, a value more users. Designers "no longer need to settle on just one
known to the server, so that the user and server can derive biometric technology for authentication" [5]. The ubiquity
the same cryptographic key. The user can assert an identity of sensor-rich ICT devices presents opportunities "to create
claim by presenting an account name to the server in the designs that provide secure authentication and access to
clear, along with their authentication-attempt message web-based services to a greater number of elderly and
encrypted using their password-derived key. disabled users" [5]. ICT innovation is an important enabler
of universal access.

For some biometric technology types, operation of a BAKE


protocol can require two user inputs, one input for each
authentication factor. The user may be required to enter
their password through a keyboard or touch screen, then to
provide a biometric sample using a separate sensor device.
Requiring two user input actions can make two-factor
authentication solutions less convenient and more
Figure 1 – PAKE-based web authentication (Source: Web challenging for some users.
2.0 Security & Privacy (W2SP) 2009)
However, biometric sensor data provides a rich source of
This encrypted message contains a user challenge to the user authentication information. For some biometric
server. If the server a user intends to access receives the technology types, data containing two authentication factors
encrypted message, the stored password for the user can be collected from a biometric sensor with a single user
account can be located, the key needed to decrypt the input. As one example, a microphone can collect a user
message can be derived, the message can be decrypted, and voice sample that contains speaker recognition data, from
the server can respond to the user challenge. If an attacker which a biometric sample can be matched against a
receives the encrypted message, they will not possess the previously stored biometric reference. Using this same
user password needed to derive the key, and they will not voice sample, a speech recognition tool can extract user
be able to decrypt the user message and respond to the user

– 156 –
ICT for Health: Networks, standards and innovation

knowledge, a spoken password that can be used to operate X.894 [11], can transfer encrypted content of any type or
PAKE. format using any symmetric encryption algorithm and a
named key. When this CMS type is used with BAKE or
Figure 2 describes the steps required to operate a BAKE PAKE, this key name can be set to the user account
protocol. These steps illustrate that BAKE operations differ associated with the password known to the user and server.
little from those of PAKE. These differences are in the
collection of a user biometric sample, inclusion of the 4. BRAIN-ACTUATED AUTHENTICATION
sample in the authentication-attempt message, and in the
matching of the biometric sample by the server required by Data sources other than biometric sensors can be mined for
BAKE. user knowledge. Researchers have shown that
"noninvasively recorded electric brain activity can be used
to voluntarily control switches and communication
channels" [12]. Using brain accentuated techniques can
allow "near-totally paralyzed subjects the ability to
communicate" using "brain-actuated control" (BAC)
devices [12]. Electroencephalogram (EEG) data collected
from a human brain through a scalp sensor array can be
filtered to reduce noise, and then further decomposed into
discrete, independent components.

EEG data can be fed into a brain computer interface (BCI)


to "enhance a user’s ability to interact with the environment
via a computer and through the use of only thought" [13].
BAC techniques allow the use of "brain signals to make
decisions, control objects and communicate with the world
using brain integration with peripheral devices and
systems" [14]. Recent research that coupled an augmented-
reality (AR) video streaming device to a BCI has shown
that people can be trained "to modulate their sensorimotor
rhythms to control an AR Drone navigating a 3D physical
space" [13]. Through the use of a BCI, individuals living in
Figure 2 – Biometric authenticated key exchange
assistive environments could gain access to healthcare
information and telemedicine services "using telepresence
This similarity between the protocols makes it possible for
robotics"[13].
BAKE to be gradually and unobtrusively introduced into an
existing PAKE environment to enhance user security. If a
Larger EEG components that account for muscle or eye
PAKE protocol is presented with a biometric sample it does
movements can be differentiated and grouped. Neural
not expect or know how to use, processing of that
networks have been used in the past to classify these
component of a user authentication-attempt message can be
movements [14]. More recently, "artificial neural networks
ignored. The PAKE protocol can still achieve mutual
(ANNs)" have been used to "classify imaginary motions" of
authentication, thwart phishing and man-in-the-middle
individuals [14]. This sorting process used to classify
attacks, achieve single-factor user authentication, and
movements can be based on which scalp sensors detect
establish a secure channel between communicating parties.
them, and on their relative signal strength and timing
following a stimulus event. These components allow the
The PAKE protocol and its BAKE extension still face
intentions of an individual to be distinguished from one
hurdles for establishing interoperable vendor solutions.
another and used as the basis for selecting between control
First, there is presently no standardized, agreed format for
choice alternatives, i.e., choosing between left and right.
messages used to exchange information between the user
and server. Second, there is no standardized way to indicate
Thoughts of a subject imagining that they are moving an
which of all of the standard PAKE variants [7, 8] are being
object can be filtered and modeled using neural networks to
used in an encrypted message. Third, there is no
classify the "imaginary motions" performed by the
standardized means of representing the schema of the
individual [14]. These brain signals indicate the intent of a
payload that becomes the encrypted content of the user
subject to perform some real act, such as moving their left
authentication-attempt and server response messages used
hand or right foot, even when those body parts do not exist.
by PAKE.
The subject's intended motions can be executed using
physical objects through BCI-activated controls. However,
However, these information exchange message formats and
just before this activation occurs, these intentions are
payloads are defined for standardization, they can be
something the individual knows and can be considered user
wrapped for protection in a value of the cryptographic
knowledge.
message syntax (CMS) type NamedKeyEncryptedData.
This CMS type, specified in Recommendation ITU-T

– 157 –
2019 ITU Kaleidoscope Academic Conference

Knowledge-based cryptographic techniques such as PAKE At present, information exchange in the ITU-T X.1035
combined with signals capable of "noninvasive brain- protocol is defined only in prose. An ITU-T X.1035
actuated control of computerized screen displays or revision should augment this prose with an ASN.1 schema
locomotive devices" could allow even "motor-limited and defined in terms of ITU-T X.894 CMS type
locked-in subjects" to securely authenticate their identities NamedKeyEncryptedData. This schema should associate a
to an information system and to establish a secure channel PAKE OID with this CMS type in a message. The
for subsequent communications [12]. NamedKeyEncryptedData type provides a standardized
way for applications to encrypt content of any type or
The key to making this approach to identity authentication format with a cryptographic key that uses any encryption
and secure communication viable relies on the realization algorithm specified by a message sender.
that human intentions manifested as electrical signals that
emanate from the human brain can be used as something- This key can be identified using the keyName field of type
you-know authentication factors. If a user's intentions can NamedKeyEncryptedData. This field can be transferred
be treated as weak secrets that are represented in the form unencrypted by a sender to indicate the name of their user
of character strings, they are in a format suitable for input account on a target server. The indicated account name can
to a PAKE protocol. At present there are no standardized then be used by the server to identify that user's password.
techniques for mapping the results produced by a neural Type NamedKeyEncryptedData can be associated with an
network model to the weak secrets needed to operate a OID that identifies any PAKE protocol version as follows:
PAKE protocol.
PAKExchange ::= SEQUENCE {
5. FUTURE STANDARDIZATION type OBJECT IDENTIFIER,
pake NamedKeyEncryptedData
5.1 Focus areas -- The keyName field is a UserID
}
ITU-T Study Group 17 (SG17) has developed a wide range
of ICT standards. Their expertise spans many different The account name indirectly identifies the user password on
areas of technology, including telebiometrics, cryptography, the server. The server uses this password to derive the key
identity management, security architecture, modeling and needed to decrypt the user message. If decryption succeeds,
formal definition languages for information exchange. This identity authentication of the user has also succeeded and
breadth of expertise makes it possible for SG17 to "bridge the user challenge recovered.
multiple domains, bringing them together in standards with
a cross industry focus that benefit multiple communities" The server can encrypt its response to the user's challenge
[15] and makes SG17 well suited to developing the cross- with their shared symmetric key, and send the response to
domain standards required to address the needs of elderly the user in another NamedKeyEncryptedData message.
and disabled populations. When the user receives a correct response from the server,
mutual authentication is achieved, and a secure channel for
These populations often include underserved people that subsequent communications is established.
could benefit from remote services provided to AAL and
other healthcare environments. To enhance the ability of An ASN.1 schema for the content encrypted for exchange
these users to securely access remote resources, SG17 between the user and server should be defined and
should revise its 2007 version of the ITU-T X.1035 PAKE standardized. At a minimum, the encrypted payload of
protocol. Following revision, standardization efforts that NamedKeyEncryptedData must contain components for a
leverage ITU-T X.1035 to create new PAKE-based user challenge and a server response. These components
mechanisms for identity authentication and access control should be optional but constrained so that at least one
should be undertaken. A core focus of this standardization component is present in an exchange. This would allow the
effort should be on achieving the goals of universal access client and the server to exchange the same schema payload
to enable more inclusive authentication solutions. during PAKE operation.

A first step in an ITU-T X.1035 revision should enable The encrypted payload schema should contain an optional
PAKE use with the secure information exchange messages component to support a BAKE extension to the PAKE
approved recently in the ITU-T X.894 CMS protocol. This allows two-factor user authentication to be
Recommendation. This effort should define an information supported but not required. The payload schema should also
object identifier (OID) in ITU-T X.1035 that include an optional extensibility mechanism for use by any
unambiguously identifies its processing requirements in an implementation for any purpose. This mechanism should be
instance of communication. An ITU-T X.1035 OID will defined as a series of one or more authenticated attributes,
allow the ITU-T version of PAKE to be distinguished from each uniquely identified by an OID. These attributes are
the other standardized versions of PAKE defined in protected in the encrypted payload and authenticated by
ISO/IEC 11770-4, which already assigns a unique OID PAKE processing.
value to each of its PAKE versions.

– 158 –
ICT for Health: Networks, standards and innovation

5.2 Password-authenticated transport layer 5.3 Two-factor biometric authenticated key


security exchange

In their 2016 paper on password authentication in the SG17 should create a new standard that provides a strong,
transport layer security (TLS) protocol, Manulis, Stebila, two-factor identity authentication solution based on PAKE.
Kiefer and Denham noted that password authentication is The new standard should expand the current ITU-T X.1035
"perhaps the most prominent and human-friendly user protocol processing to include a step for matching a user
authentication mechanism widely deployed on the Web" biometric sample to a reference template associated with
[16]. The authors described the many threats associated their server account and password. For purposes of
with user reliance for the protection of their credentials on biometric matching, the user could be enrolled in a
secure server-authenticated TLS channels established using biometric system local to the server, or they could be
a public key infrastructure (PKI) [16]. They attribute these enrolled in a separate system that provides a remote
threats to PKI-related problems including that "security matching service. The later case could enable 'biometric
fully relies on a functional X.509" PKI that in practice may portability', allowing a user to enroll one time in a biometric
be flawed, and on "users correctly validating the server’s system, then subsequently to be matched from any device.
X.509 certificate" without being phished by an attacker [16].
These assumptions about PKI implementations have been In current ITU-T X.1035 protocol processing, a user
shown not to be unreliable. attempting authentication sends the server an encrypted
message along with their account name. The server locates
The authors note that many PKI failures in TLS are due to the password associated with the account and derives the
the "problems with the trustworthiness of certification key needed to decrypt the message and authenticate the user.
authorities (CAs), inadequate deployment of certificate When a biometric sample is included by the user in the
revocation checking, ongoing threats from phishing attacks, encrypted authentication attempt, the server can use this
and the poor ability of the users to understand and validate biometric sample to further authenticate the user with a
certificates" [16]. Rather than rely on the rare case where second authentication factor.
users possess the personal certificates needed to benefit
from mutual authentication, the authors propose using The confidentiality of the authentication-attempt message is
PAKE as "part of the TLS handshake protocol" [16]. provided using a symmetric key derived from the user
Following the execution of PAKE in the TLS handshake, password. The user can safely include their biometric
"the key output by PAKE" would be used as "the TLS pre- sample in the encrypted message, since the PAKE protocol
master secret" for deriving "further encryption keys protects the confidentiality of their personally identifiable
according to the TLS specification" [16]. information (PII) from phishing and man-in-the-middle
attack. Only the intended message recipient, the server that
Though PAKE techniques have been standardized for years shares the user account password, can derive the key
in Recommendation ITU-T X.1035 and in ISO/IEC, there needed to decrypt the message and gain access to the user
has been no PAKE standard "agreed upon and implemented biometric sample.
in existing web browser and server technologies" [16].
SG17 should standardize PAKE for use as an option in the When biometric matching is performed local to the server,
TLS handshake. This would broaden the use of PAKE as a at a minimum, the user biometric sample must be included
standalone authentication technique to its use in a protocol in the encrypted user message. When more than one
widely used to conduct online electronic commerce biometric technology type is supported, an identifier of the
transactions and to provide secure communications between type of sample being presented for authentication must also
internet applications. be included. It is possible for a biometric matching system
to support multiple technology types, so more than one
Adding PAKE to TLS would enable all users to benefit sample and type may be presented by the user for
from "secure password authentication" in "any application authentication. The format and processing of these values
that makes use of TLS", without requiring users to possess should be standardized by SG17 to promote vendor
X.509 certificates [16]. ITU standardization of PAKE usage interoperability.
in the handshake would allow "standard TLS mechanisms
for key derivation and secure record-layer communication" Biometric matching may be performed on a system remote
to continue being used [16]. An ITU-T standard for using to the server authenticating the user. In this case, the
PAKE in TLS would provide users the convenience and encrypted user authentication-attempt must also identify the
low cost of passwords and the security benefits of mutual location of the remote matching service for each biometric
authentication. By making PAKE available to users as a type being presented for authentication. The unique
PKI alternative, the threats to users from phishing and man- biometric reference template identifier associated with the
in-the-middle attacks that are known to plague TLS could user enrolled in a biometric system, and the type of the
be addressed. biometric sample should also be included. A standardized
schema for exchanging this information as an encrypted
attribute should be standardized by SG17.

– 159 –
2019 ITU Kaleidoscope Academic Conference

5.4 Brain-actuated control authenticated key CONCLUSION


exchange
In this paper, single and multifactor identity authentication
The term 'telebiometrics' refers to the standardization of techniques based on PAKE protocols were described. The
biometric devices used in the telecommunications domain. ability to derive weak secrets from user knowledge
Recommendation ITU-T X.1081 specifies a telebiometric extracted from biometric sensors and brain-actuated control
multimodal model based on both the "interaction between a systems was highlighted. The paper discussed how derived
human being and the environment", and on the "forms of weak secrets could be converted into a format suitable for
measurement of the magnitude of physical interactions input to a PAKE protocol. The paper also illustrated how
between a person and its environment" [17]. The model new standardization efforts to revise and extend PAKE
specifies measurements of these "physical interactions", could help achieve universal access to healthcare,
and also recognizes "behavioral interactions" [17]. The telemedicine and other network services by users with
multimodal model supports the measurement of the diverse abilities, while enhancing the security of all users.
interactions between a person and a telebiometric device "in
both directions" [17]. To achieve these aims, ITU should define a standardized
ASN.1 schema for information exchange that supports all
The telebiometric multimodal model provides a common PAKE protocol versions and a BAKE extension. This
framework for the specification of "security applications schema should incorporate the NamedKeyEncryptedData
and safety aspects" [17] of telebiometrics. Though EEG cryptographic message defined in Recommendation ITU-T
data is not collected for the purpose of biometric matching, X.894. An extensible mechanism should be specified that
EEG data is similar to X.1081 telebiometric data collected makes possible the unambiguous identification of each
"by a measurement instrument recording some bio- PAKE protocol version.
phenomenon". Both non-biometric EEG data and
telebiometric data can be used to model interactions at a This mechanism should use ASN.1 information object
"layer where the human body meets electronic" devices identifiers that can be associated with the ITU-T X.894
[17]. CMS type NamedKeyEncrptedData in a message.
Standardization of a PAKE protocol message would enable
Recommendation ITU-T X.1081 enables modeling of the development of interoperable vendor solutions. These
biometric authentication in terms of the interactions of a solutions would benefit users by lowering their cost of
person with a biometric sensor. An important benefit of this gaining secure access to network delivered health services,
standard is in its aiding in the design of authentication and enhancing their security through access that provides
solutions that can preserve human "privacy and safety" by multifactor and mutual authentication.
making these interactions "explicit and engineerable" [17].
However, there is no ITU authentication standard similar to ITU should standardize a common ASN.1 payload type for
Recommendation ITU-T X.1081 for using non-biometric the content encrypted for exchange between users and
devices that interact with people and telecommunication servers during PAKE operations. An optional component of
devices used to deliver healthcare. this ASN.1 type should allow a BAKE extension to be used
to provide strong, multifactor user authentication. Another
As BAC devices become more integrated with mobile optional payload component should support a user proof-of-
technologies for edge computing and part of the Internet of possession authentication factor, a registered object known
things (IoT), their users will gain greater access to in-home to the server.
healthcare monitoring and other healthcare services
delivered remotely. This connectivity gain will also make An integer version component should be included to allow
them more vulnerable to attack. The ITU-T X.1080.0 [18] future changes to the payload to be detected by deployed
telebiometric data protection Recommendation specifies implementations. Optional server challenge and response
use of the SignedData and EnvelopedData CMS types for components should be defined as opaque strings to support
authentication and data confidentiality, but does not allow any type of data in any format required by vendors. These
PAKE or its extensions. optional components should be constrained so that at least
one component is present in a message, so that the same
Both of these CMS types rely on the use of certificates payload type can be used by both communicating parties.
supported by a PKI. Given an environment that involves a
user's "brain signals to make decisions, control objects and An optional authenticated attributes component should also
communicate" [14], identity authentication is an important be included. This payload component should be specified
security control. The potential for risk inherent in systems with ITU-T X.894 CMS type AuthAttributes to provide
that might provide feedback to the user makes mutual extensibility and to support the use of the schema in other
authentication an important consideration for both security standards, protocols and applications. An authenticated
and user safety. The CMS SignedData message does not attribute should be defined to support biometric matching
provide mutual authentication, multifactor authentication of on a separate system. This attribute should allow a user to
the user, or the convenience of password authentication. All specify the location of a biometric service provider (BSP)
of these capabilities can be provided by an extended PAKE. that offers a remote matching service, the user biometric

– 160 –
ICT for Health: Networks, standards and innovation

type and sample, and the user-enrolled biometric reference images" that can "represent movements completely
template identifier at the BSP. This feature would provide unrelated to any language" [10].
user portability of their biometric credential across multiple
devices with only a single user enrollment. As described by Fong, Zhuang and Fister, these types
include footsteps, "finger positions and hand posture" [19].
Recommendation ITU-T X.1080.0 provides an informal Some biometric technology types are considered to be
CMS specification for data protection based on IETF RFC ‘weak’ for general use. For a constrained population living
5652. SG17 should revise Recommendation ITU-T in an in-home healthcare environment, who may have been
X.1080.0 to reference ITU-T X.894 CMS, whose syntax authenticated on entry, these types may offer value for user
complies with the current ASN.1 standards. This change identification and authentication, especially when
will allow ITU-T X.1080.0 adopters to eliminate the use of telemedicine and telemonitoring services are assisted by
RFC 5652 syntax that is “based on X.208, the deprecated robotics.
1988 version of ASN.1 that was withdrawn as a standard in
2002” [15]. Adoption of ITU-T X.894 will allow any of the REFERENCES
ASN.1 encoding rules to be used, removing the IETF one-
rule restriction. ITU-T X.894-based ITU-T X.1080.0 [1] Astbrink, G., Shabbir, M., Giannoumis, G.A. (2018)
implementations will also gain new options for 1.3 Billion Reasons for Making Technology
telebiometric data protection, including field level Accessible. Internet Governance Forum Workshop
tokenization and a SigncryptedData type that can be used to Session (WS) #45.
replace SignedData and EnvelopedData.
[2] Calvaresi, D., Cesarini, D., Sernani, P., Marinoni, M.,
The TLS protocol is widely used and well suited for server et al. (2017). Exploring the ambient assisted living
to server mutual authentication, since both communicating domain: a systematic review. Journal of Ambient
parties are likely to possess digital certificates. However, Intelligence and Humanized Computing, 8(2), 239-
when individuals must authenticate to a server using TLS, 257.
they must often rely on a password. The lack of users with
certificates makes mutual authentication with TLS rare and [3] ITU-D. (2019). mHealth for NCD - BeHe@lthy
successful phishing attacks on users likely. BeMobile. ICT Applications.

ITU should standardize a profile of the TLS handshake [4] ICT Consultation. (2013). The ICT opportunity for a
protocol that ensures secure access for mobile device users. disability-inclusive development framework.
This profile should support mutual authentication based on
user passwords protected by PAKE. An ITU standard for [5] Griffin, P. H. (2015). Security for ambient assisted
TLS should enable the use of PAKE extensions that provide living: Multi-factor authentication in the internet of
multifactor user authentication with samples collected from things. In 2015 IEEE Globecom Workshops (GC
the biometric sensors readily available on smart mobile Wkshps) (pp. 1-5). IEEE.
devices. This new TLS standard would allow mobile users
to enjoy the benefits of strong, two-factor user [6] Hamdi, O., Chalouf, M. A., Ouattara, D., & Krief,
authentication and mutual authentication without the cost of F. (2014). eHealth: Survey on research projects,
digital certificates and the risk of being phished. comparative study of telemonitoring architectures
and main issues. Journal of Network and Computer
A revision of Recommendation ITU-T X.1081 should Applications, 46, 100-112.
include consideration of non-biometric telemedicine
devices. This revision could be achieved through a new [7] Recommendation ITU-T X.1035 Password-
normative annex or as a separate standard. ITU-T X.1081 authenticated key (PAK) exchange protocol, 2007.
security aspects could incorporate work being proposed in
ITU-T X.tas, since, as this paper has shown, it is possible [8] ISO/IEC 11770-4 Key Management – Mechanisms
for a biometric sensor to also collect user knowledge for Based on Weak Secrets, 2017.
use as an authentication factor. The X.tas: Telebiometric
authentication using speaker recognition standardization [9] Engler, J., Karlof, C., Shi, E., Song, D. (2009). Is it
should especially consider the BAKE protocol extension to too late for PAKE? In Web 2.0 Security and Privacy
PAKE. (W2SP) 2009.

The X.tas work should be broadened to include other types [10] Griffin, P. H. (2015). Biometric knowledge
of biometrics for which "knowledge extraction can mine extraction for multi-factor authentication and key
something-you-know information from biometric sensor exchange. Proceedings of the 2015 Complex
data" [10]. These biometric types could be used to support Adaptive Systems Conference, Missouri Institute of
the operation of PAKE and its extensions. These types of Science and Technology, in San Jose, California.
biometrics include collected "user gestures as binary video

– 161 –
2019 ITU Kaleidoscope Academic Conference

[11] Recommendation ITU-T X.894 Information [16] Manulis, M., Stebila, D., Kiefer, F., & Denham, N.
technology - Generic applications of ASN.1: (2016). Secure modular password authentication for
Cryptographic message syntax, 2018. the web using channel bindings. International
Journal of Information Security, 15(6), 597-620.
[12] Makeig, S., Enghoff, S., Jung, T. P., & Sejnowski, T.
J. (2000). A natural basis for efficient brain-actuated [17] Recommendation ITU-T X.1081 The telebiometric
control. IEEE Transactions on Rehabilitation multimodal model - A framework for the
Engineering, 8(2), 208-211 specification of security and safety aspects of
telebiometrics, 2011.
[13] LaFleur, K., Cassady, K., Doud, A., Shades, K.,
Rogin, E., & He, B. (2013). Quadcopter control in [18] Recommendation ITU-T X.1080.0 Telebiometrics -
three-dimensional space using a noninvasive motor Access control for telebiometrics data protection,
imagery-based brain–computer interface. Journal of 2017.
neural engineering, 10(4), 046003.
[19] Fong, S., Zhuang, Y., & Fister, I. (2013). A
[14] Bhattacharya, S. (2016). Optimization of biometric authentication model using hand gesture
Electroencephalograph-Based Classification for images. Biomedical engineering online, 12(1), 111/.
Imaginary Motion Brain Computer Interface Study.

[15] Griffin, P. Telebiometric Information Security and


Safety Management. Proceedings of the 5th ITU
Kaleidoscope Conference: Building Sustainable
Communities (ITU Kaleidoscope 2013).

– 162 –
CYBER-SAFETY IN HEALTHCARE IOT

Duncan Sparrell1

1
sFractal Consulting, United States

ABSTRACT from ancillary to safety critical. IAmTheCavalry.org was


founded to focus on the intersection of computer security and
Healthcare is becoming more connected. Risks to patient and public safety. “IoT is where bits and bytes meet flesh and
public safety are increasing due to cybersecurity attacks. To blood” [12].
best thwart cyberattacks, the Internet of health things (IoHT)
must respond at machine speed. Cybersecurity standards 2. THREATS
being developed today will enable future IoHT systems to
automatically adapt to cybersecurity threats in real time, Over 90% of healthcare institutions have been attacked [13].
based on a quantitative analysis of reasonable mitigations The impact of failed security is increasing as well. At the
performing triage to economically optimize the overall RSA Conference USA in 2018, hackers “killed” (simulated)
healthcare outcome. This paper will discuss cybersecurity patients without the doctors even being aware the operating
threats, risk, health impact, and how future IoHT room (OR) had been hacked [14]. Marathons affect patient
cybersecurity systems will adapt to threats in real time. care due to the ambulance delays (due to rerouting around
the marathon) resulting in a statistically significant increase
Keywords – Cyber-safety, healthcare, Internet of things in the 30-day mortality rates [15]. If people died due to a 4.5
minute average increase in the length of the ambulance ride,
1. INTRODUCTION then it seems logical that people died in the massive hospital
ransomware-caused outage in the UK [16] as well as other
If “software is eating the world”[1], then the Internet of hospital attacks such as Hollywood Presbyterian where
things (IoT) is blanketing the world. International ambulances were rerouted to other hospitals in LA traffic [17]
Telecommunication Union (ITU), Recommendation ITU-T or similar events in other hospitals [18-22].
Y.2060 defines an IoT device as a “piece of equipment with
the mandatory capabilities of communication and the Attackers make use of automation, resulting in attacks
optional capabilities of sensing, actuation, data capture, data occurring at the speed of light; yet defense occurs at the
storage and data processing.” [2]. This paper defines the speed of lawyers. Obviously, lawyers need to be involved.
Internet of health things (IoHT) as all ITU-T Y.2060 IoT Lawyers should be consulted a priori so they are not needed
devices used in healthcare and ambient assisted living [3]. to be consulted during the attack. To do this requires
This definition is broader than implantable medical devices anticipating the possible attacks and responses. “Think evilly
and includes: care, diagnostic, ambient-assisted and but act ethically” [23].
administrative devices, since they all could potentially affect
patient health if exploited. “While advanced devices can IoHT designers must take into account attacks that will be
offer safer, more convenient and timely health care delivery, part of a well-funded, well-staffed campaign to achieve a
a medical device connected to a communications network particular mission. The mission may be against the owner of
could have cybersecurity vulnerabilities that could be the IoHT (e.g. the healthcare provider), the IoHT may be an
exploited resulting in patient harm.” said Amy Abernethy, attack vector against another entity (e.g. the healthcare client
M.D., Ph.D., the United States (US) Food and Drug either as an individual, or as group such as military
Administration (FDA) principal deputy commissioner [4]. personnel).

IoHT is the merging of the information technology (IT) Looking at real-world non-cyber failures and disasters gives
world with the operational technology (OT) world to bring great insights into what an attacker could do. As an example,
about increased innovation, efficiency and quality of there were 8 failures that led to the Deepwater Horizon / BP
healthcare [5-11]. oil spill in the Gulf of Mexico [24]. Seven of the 8 problems
were with actuators, sensors or decision algorithms, all
As IoT pervades the healthcare industry, cybersecurity in failures that could also be caused by a cyberattack. Even the
IoHT must evolve both to recognize new threats but also to 8th cause, faulty cement, could be caused by a supply chain
recognize different consequences i.e. impact on patient attack. The analysis does not have to be of mega-disasters. A
health. This paper will discuss trends that when combined similar analysis could be done of the typical failures in
will make IoHT safer and demonstrate the important role almost any manufacturing process, or to any medical
cybersecurity standards will play as cybersecurity evolves simulation. This points out the need for domain-specific

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 163 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

knowledge when assessing IoHT cybersecurity. This is not because the new technology itself becomes a low-probability,
something that could be accomplished by the IT department high-impact threat vector. A better alternative would be to
or outside cybersecurity experts as it requires healthcare increase the upfront costs to mitigate the catastrophic case
domain-specific knowledge. with other controls and/or insurance.

3. RISK ANALYSIS

Cybersecurity spending for the period 2017-2021 is expected


to total over 1 trillion dollars [25]. At the same time, the cost
of cybercrime is projected to reach two trillion dollars by
2019 [26] despite the increased spending on cyber defense.
Problems are exacerbated by the lack of trained security
personnel [27,28].

The main purpose of cybersecurity is to reduce risk.


However, most cybersecurity decisions today are made
based on fear, uncertainly and doubt (FUD) [29]. Informed
risk decisions should be made using mathematics, science
and engineering. “There are plenty of fields with massive risk,
minimal data, and profoundly chaotic actors that are
regularly modeled using traditional mathematical models” Figure 2 – Comparing Loss Exceedance Curves
[30]. Cybersecurity can learn from other fields such as the
insurance industry where loss exceedance curves are used as
Loss exceedance curves can apply to casualty information.
a tool for catastrophe planning such as: river flooding,
IoHT would need to incorporate both financial and casualty
tornadoes, hurricane storm surges and droughts [31].
data to make informed risk decisions. Cybersecurity controls
Similarly, loss exceedance curves are also used in oil and
could potentially increase patient mortality in cases where
natural gas exploration [32].
the control impacts emergency access or constrained
resources [33]. Quantitative studies optimize overall health
Loss exceedance curves can be used in cybersecurity for outcomes by including both the positive impacts (e.g reduced
mathematically modeling risk [30]. This approach mortality due to preventing attack) and negative impacts (e.g.
incorporates decomposition, summation and validation over increased mortality due to reduced emergency access) of
time. An example is shown in Figure 1. The curve is cybersecurity controls.
probabilistic and shows the likelihood of losses exceeding a
certain amount. Note the x-axis is log scale and the entire
Factor Analysis of Information Risk (FAIRTM) [34] is one
chart is for a fixed time period, e.g. one year.
methodology for conducting quantitative risk analysis and
creating loss exceedance curves. Taxonomy and analysis
standards have been developed for FAIRTM [35,36].

Duty of Care Risk Analysis (DoCRA) is a standard [37]


developed to help organizations determine whether their
safeguards appropriately protect others from harm while
incurring a reasonable burden.

Chris Chronin, Chair of the DoCRA Council, recommends


extending FAIRTM to explicitly balance the likelihood and
impact of foreseeable threats against the burden of
safeguards in such a way as to meet the legal definition of
‘reasonable’ from the judge’s viewpoint in a case to
determine liability [38].

4. AUTOMATION
Figure 1– Loss Exceedance Curve The defense has not kept pace with the offense. Attackers
can, on average, breach a system in seconds or minutes
The real advantage comes from comparing two alternatives, whereas it takes defenders weeks, months or even years to
as in Figure 2. The existing base case is shown in blue. The respond [39]. The attacker utilizes sophisticated, adaptive,
red alternative costs $500k to implement and decreases the automated tools and the defender reactively responds with
50% loss by over $4M. But note this particular alternative manual, slow, uncoordinated tools and processes. The
also increases the chance of a catastrophic loss by a factor of defense must automate to operate at the speed of the offense.
10. Although this may seem counterintuitive, it is common Automation is a win/win, cheaper AND better.

– 164 –
ICT for Health: Networks, standards and innovation

Integrated Adaptive Cyber Defense (IACD) is a research Threat sharing has not been as effective as envisioned and
effort jointly funded by the US Department of Homeland has run into obstacles [44]. The initial STIXTM version 1
Security (DHS) and the US National Security Agency (NSA), specification was not readily accepted by industry. Version
in collaboration with The Johns Hopkins University Applied 2 is now available with significant improvements addressing
Physics Lab (JHU/APL) and industry. IACD seeks "to many of the industry concerns and is gaining broader
revolutionize cybersecurity ... through the universal adoption. In the US, the passage of the Cybersecurity
automation and interoperability of cyber defenses" [40]. Information Sharing Act [45] incentivized sharing by
IACD is an effort to get humans from ‘in the loop’ to ‘on the removing certain liabilities. Significant progress has been
loop’. The focus is product agnostic interoperability by made in this area, particularly in certain industry groups
decoupling functions and standardizing interfaces. IACD working with their Information Sharing and Analysis
seeks to create an adaptable, extensible ecosystem “to Centers (ISACs).
dramatically change the timeline and effectiveness of cyber
defense via integration, automation, and information To maximize the benefit of STIXTM involves not only
sharing.” This can be accomplished by decoupling the sharing ‘what happened’ but also deciding ‘what to do’,
functions and standardizing the interfaces between functions. called Courses of Action (CoAs). To effectively share CoAs,
IACD categorizes security functionality into: standards for both atomic actions and for a playbook
including the decision points and the flow of the atomic
• sensing: gathering all the data actions are required.
• sense-making: correlating and analyzing data,
transforming into information, knowledge and Another IACD objective is the standardization of the
intelligence command and control (C2) language for security
• decision-making: deciding what to do technologies, the atomic actions in a CoA. For example,
• acting: sending the actual commands. firewalls have existed for over 25 years yet the ‘word’ used
to prevent a packet passing through the firewall could be:
‘drop’, ‘deny’, ‘reject’, ‘block’, ‘blacklist’, etc. depending on
Gap analysis of the IACD work has led to standards activities which implementation is used. This is compounded across
in sharing threat intelligence, sharing courses of action, and many security technologies with new ones being
in a common command and control (C2) language. continuously added. This poses several problems for the user
community. It is hard to share CoAs when two organizations
One of the IACD objectives is the sharing of threat data use different vendor products. The cost of retooling
among interested, trusted parties. DHS started an industry disincentivizes changing vendors or adding alternative
forum on threat sharing that evolved and moved into OASIS, vendor products. This was less of an issue when security
a non-profit standards development organization. The technology was physical appliances. In today’s cloud/IoT
OASIS Cyber Threat Intelligence (CTI) Technical environment, switching vendors and/or adding new
Committee (TC) [41] created the Structured Threat technologies should be quicker and easier.
Information Expression (STIXTM) [42] and the Trusted
Automated Exchange of Intelligence Information (TAXII TM) The OASIS Open Command and Control (OpenC2)
specifications [43] to address the need to model, analyze and Technical Committee was founded to standardize machine-
share cyberthreat intelligence. Figure 3 shows an example of to-machine command-and-control to enable cyber defense
STIXTM ontology. system interoperability at machine speed [46,47]. Just as
automation has a fundamental impact on attacker economics,
OpenC2 will have a fundamental impact on defender
economics [48,49].

The OASIS Collaborative Automated Course of Action


Operations (CACAO) for Cyber Security Technical
Committee [50] develops standards for implementing CoAs
including the decision points and playbooks mentioned
earlier.
Figure 3 – Example of STIXTM Ontology
Figure 4 shows an automation flow including STIX TM,
TAXIITM, OpenC2 and CACAO.

– 165 –
2019 ITU Kaleidoscope Academic Conference

The economic advantages to be gained by automation are


better security at lower costs due to faster response times. In
addition to lower costs, another advantage of vendor agnostic
cybersecurity standards is removing ‘vendor lock-in’. The
commoditized interface [58] will force vendors to compete
on price and functionality, and this should spur innovation as
well. Several vendors recognize this and have made
significant contributions [59]. Standards have been shown to
spur innovation [60] by removing artificial barriers. In the
case of the standards mentioned in this article, the intent is
that standardizing the interface will allow innovators easier
entry into the market due to the ‘plug and play’
Figure 4 – Automation Flow standardization with existing customer ecosystems. Open
source software projects are beginning to appear to support
Efforts in this area are not confined to classic IT but also the community [61-69].
affect OT as cyber-physical systems disrupt many industries
[51]. California Energy Systems for the 21st Century (CES- An area where healthcare has been in the lead is in the area
21) seeks to address the cybersecurity challenges of future of software transparency and using the Cybersecurity Bill of
energy systems in California [52]. The energy industry has Materials (CBoM) for vulnerability analysis. A CBoM
increasing challenges as more energy generation moves to contains both a traditional hardware bill of materials and a
the edge (e.g. wind and solar power) while attacks increase Software Bill of Materials (SBoM). The US Federal Drug
both with IoT as a target and with IoT as a vector of attack Administration (FDA) now includes CBoM as part of the
[53,54]. CES-21 has developed a framework similar to pre-market guidance to medical device manufacturers [70]
IACD which utilizes the concept of a machine-to-machine and the US National Telecommunications and Information
(M2M) automated threat response (MMATR) which uses Administration (NTIA) conducted a successful proof of
existing standards to the extent possible and identifies where concept (PoC) with multiple healthcare delivery
new standards are needed. CES-21 has been active in organization and multiple medical device manufacturers [71].
STIXTM, TAXIITM, OpenC2 and CACAO.
5. CONCLUSIONS
JHU/APL did studies on their network comparing various
automation scenarios with their current manual scenarios Cybersecurity standards being developed today will enable
[55]. Figure 5 shows their findings. Computers scale better future IoHT systems to automatically adapt to cybersecurity
than humans, so more indicators were analyzed and threats in real time, based on a quantitative analysis of
efficiency was increased. The most significant finding was reasonable mitigations performing triage to economically
the attacks were stopped two orders of magnitude faster, optimize the overall healthcare outcome. Quantitative risk
resulting in significantly less damage. analysis will use standards such as FAIRTM and DoCRA.
Automation will be driven by standards such as SBoM,
STIXTM, TAXIITM, OpenC2 and CACAO.

REFERENCES

[1] M. Andreessen, “Why Software Is Eating The


World”, The Wall Street Journal, August 20 2011.
Available
https://www.wsj.com/articles/SB1000142405311190
3480904576512250915629460 .

[2] International Telecommunication Union,


Recommendation ITU-T Y.2060, Overview of the
Figure 5 – Automation Advantages Internet of things, June, 2012. Available
https://www.itu.int/rec/T-REC-Y.2060-201206-I .
Phantom Cyber, a security orchestration vendor, published
similar savings in combating phishing [56]. Their customer [3] J. Rodrigues, D. Segundo, H. Junqueira, M.Sabino,
reduced phishing incident response costs by 98% and saved R. Prince, J. Al-Muhtadi, V. De Albuquerque,
$1.06M annually. "Enabling Technologies for the Internet of Health
Things", Access IEEE, vol. 6, pp. 13129-13141,
Zepko, a managed security service provider in the United 2018.
Kingdom, used OpenC2 to increase the efficacy of their
Security Operations Centre (SOC) by 25-30% [57].

– 166 –
ICT for Health: Networks, standards and innovation

[4] USFDA, “FDA informs patients, providers and [14] J. Corman, et al. “Hacking Healthcare Live”, RSA
manufacturers about potential cybersecurity Conference USA, San Francisco, April 25, 2018.
vulnerabilities for connected medical devices and Available:
health care networks that use certain https://www.rsaconference.com/videos/live-
communication software”, USFDA News Release, simulation-a-medical-device-hack-and-patient-
1-Oct-2019. Available https://www.fda.gov/news- codes-rsac-2018 .
events/press-announcements/fda-informs-patients-
providers-and-manufacturers-about-potential- [15] A. Jenna, et al, “Delays in Emergency Care and
cybersecurity-vulnerabilities . Mortality during Major US Marathons”, New
England Journal of Medicine, Vol 376, 2017, pp.
[5] A. Martinez-Balleste, “Exploring IoT Industry 1441-50. available:
Applications: Paving the Way for Future IoT https://www.nejm.org/doi/pdf/10.1056/NEJMsa161
Applications in Healthcare”, IEEE. Available 4073 .
https://ieeexplore.ieee.org/servlet/opac?mdnumber=
EW1485 . [16] A. Morse, “Investigation: Wannacry cyber attack
and the NHS”, UK National Audit Office, April 25,
[6] A. K. Alharam and W. El-madany, “Complexity of 2018. Available: https://www.nao.org.uk/wp-
Cyber Security Architecture for IoT Healthcare content/uploads/2017/10/Investigation-WannaCry-
Industry: A Comparative Study”, 5th International cyber-attack-and-the-NHS.pdf .
Conference on Future Internet of Things and Cloud
Workshops, 2017. Available [17] K. Chinthapalli, “The hackers holding hospitals to
https://ieeexplore.ieee.org/document/8113801 . ransom”, BMJ 2017;357:j2214. Available
https://doi.org/10.1136/bmj.j2214 .
[7] H. Breivold and K. Sandstrom, "Internet of Things
for Industrial Automation -- Challenges and [18] C. Sienko, “Ransomware Case Studies”, Available
Technical Solutions", 2015 IEEE International https://resources.infosecinstitute.com/category/healt
Conference on Data Science and Data Intensive hcare-information-security/healthcare-attack-
Systems, Sydney, Australia, 2016, pp. 532-539. statistics-and-case-studies/ransomware-case-studies-
hollywood-presbyterian-and-the-ottawa-hospital/ .
[8] L. Probst, et al., “Digital Transformation
Scoreboard 2018”, European Commission, [19] "Inside the New York hospital hackers took down
Luxembourg 2018. Available: for 6 weeks". 18-Aug-2917. Available
https://ec.europa.eu/growth/tools- https://www.cbsnews.com/news/cbsn-on-
databases/dem/monitor/sites/default/files/Digital%2 assignment-hackers-targeting-medical-industry-
0Transformation%20Scoreboard%202018_0.pdf . hospitals/ .

[9] K. Pretz, “How the Industrial Internet of Things is [20] B. Lovelace, L. Gurdis, “Hospital CEO forced to
Changing the Face of Manufacturing”, The pay hackers in bitcoin now teaches others how to
Institute, IEEE, Feb. 23, 2018. available: prepare for the worst”. Available
http://theinstitute.ieee.org/technology-topics/smart- https://www.cnbc.com/amp/2018/04/06/hosptial-
technology/how-the-industrial-internet-of-things-is- ceo-forced-to-pay-hackers-in-bitcoin-now-teaches-
changing-the-face-of-manufacturing. others.html .

[10] ”Understanding the Industrial Internet of Things”, [21] C. O’Gara, "Would You Have Surgery in a Hacked
Transmitter, IEEE, May 8, 2018. available: Hospital?", 7-Oct-2019. Available
https://transmitter.ieee.org/understanding-industrial- https://www.secureworldexpo.com/industry-
internet-things/. news/would-you-agree-to-surgery-in-a-hacked-
hospital .
[11] “Revolutionizing the IIoT Industry One Streetlight
at a Time”, Spectrum, IEEE. Available: [22] L. Beers, "Multiple Victorian hospitals hacked in
https://spectrum.ieee.org/telecom/internet/revolutio suspected ransomware attack". 1-Oct-2019.
nizing-the-iiot-industry-one-streetlight-at-a-time . Available
https://7news.com.au/news/health/multiple-
[12] J. Corman, “Bits & Bytes Meet Flesh & Blood”, victorian-hospitals-hacked-in-suspected-
presented at LASCON, Austin, TX, Oct 23, 2015. ransomware-attack-c-481074 .

[13] E. Perakslis, “Cybersecurity in Healthcare”, New [23] D. Sparrell, “Let it be hacked,” Code Beam SF
England Journal of Medicine 371(5):395-7, July- 2018, San Francisco, USA, 15-17-March-2018,
2014. available: https://youtu.be/NYkwvVKlbU8 .

– 167 –
2019 ITU Kaleidoscope Academic Conference

[24] J. Mullins, “The eight failures that caused the Gulf [33] G. Zheng, G.Zhang, W.Yang, C.Vali, R. Shankaran,
oil spill”, New Scientist, Sep. 8, 2010 available: M.Orgun, “From WannaCry to WannaDie: Security
https://www.newscientist.com/article/dn19425-the- Trade-offs and design for implantable medical
eight-failures-that-caused-the-gulf-oil-spill . devices”, IEEE, 17th International Symposium on
Communications and Information Technologies,
[25] S. Morgan, “2018 Cybersecurity Market Report”, 25-27 Sept 2017. Available
Cybersecurity Ventures, May 31, 2017,\. Available: https://ieeexplore.ieee.org/document/8261228 .
https://cybersecurityventures.com/cybersecurity-
market-report/ . [34] J. Freund, J. Jones, “Measuring and Managing
Information Risk: A FAIR Approach”, Butterworth-
[26] S. Morgan, “Cyber Crime Costs Projected to Reach Heinemann, 2014. ISBN-13: 978-0124202313.
$2 Trillion by 2019”, Forbes, Jan. 17, 2016.
available: [35] Open Group, “Risk Taxonomy (O-RT)”, Open
https://www.forbes.com/sites/stevemorgan/2016/01/ Group Technical Standards, Version 2.0, 18-Oct-
17/cyber-crime-costs-projected-to-reach-2-trillion- 2013. Available
by-2019 . https://publications.opengroup.org/c13k .

[27] S. Morgan, “One Million Cybersecurity Job [36] Open Group, “Risk Analysis (O-RA)”, Open Group
Openings in 2016”, Forbes, Jan. 2, 2016. Available: Technical Standards, 18-Oct-2013. Available
https://www.forbes.com/sites/stevemorgan/2016/01/ https://publications.opengroup.org/c13g .
02/one-million-cybersecurity-job-openings-in-
2016/. [37] DoCRA Council, “Duty of Care Risk Analysis
Standard”, Version 0.5, April, 2018. Available
[28] P. Sawers, “Global cybersecurity workforce to be https://docraprod.wpengine.com/wp-
short 1.8 Million by 2022”, Venture Beat, June 7, content/uploads/2018/04/Duty-of-Care-Risk-
2017. Available: Analysis-Standard-v05.pdf .
https://venturebeat.com/2017/06/07/global-
cybersecurity-workforce-to-be-short-by-1-8- 38] C. Cronin, “The Questions a Judge will ask you
million-personnel-by-2022-up-20-on-2015/ . after a Data Breach”, Borderless Cyber, Oct 2019.
Available https://us19.borderlesscyber.org/program-
[29] C. Bryant, “How to justify your IT Security Budget”, schedule/program/108/plenary-session-keynote-the-
17-Oct-2016. Available questions-a-judge-will-ask-you-after-a-data-breach .
https://www.risklens.com/blog/how-to-justify-your-
it-security-budget/ . [39] Verizon, “2016 Data Breach Report”, available:
https://www.verizonenterprise.com/resources/report
[30] D. Hubbard and R. Seiersen, “How to Measure s/rp_DBIR_2016_Report_en_xg.pdf .
Anything in Cybersecurity Risk”. Hoboken, NJ:
Wiley, 2016. [40] “Integrated Adaptive Cyber Defense” available:
https://www.iacdautomate.org/learn/ .
[31] C. Valasquez, et al., “Hybrid Loss Exceedance
Curve (HLEC) for risk assessment”, International [41] “OASIS Cyber Threat Intelligence (CTI) Technical
Symposium on Computational Civil Engineering, Committee (TC)”. Available: https://www.oasis-
Iasi, Romania, May, 2013. available: open.org/committees/tc_home.php?wg_abbrev=cti .
https://www.researchgate.net/profile/Alex_Barbat/p
ublication/259609767_Hybrid_loss_exceedance_cu [42] R. Piazza, J. Wunder, B. Jordan, “STIXTM Version
rve_HLEC_for_risk_assessment/links/0deec52ce53 2.0”, OASIS Committee Specification, 19 July
c507de4000000/Hybrid-loss-exceedance-curve- 2017. Available https://www.oasis-
HLEC-for-risk- open.org/standards#stix2.0 .
assessment.pdf?origin=publication_detail .
[43] J. Wunder, M. Davidson, B. Jordan, “TAXIITM
[32] M. Nederlof (1994) "Comparing probabilistic Version 2.0”, OASIS Committee Specification 01.
predictions with outcomes in petroleum exploration Available http://docs.oasis-
prospect appraisal". Nonrenewable Resources,v.3, open.org/cti/taxii/v2.0/cs01/taxii-v2.0-cs01.html .
No.3, 1994, p.183-189.

– 168 –
ICT for Health: Networks, standards and innovation

[44] C. Douris, “Cyber Threat Data Sharing Needs [54] C. Douris, “As Cyber Threats to the Electric Grid
Refinement”, Lexington Institute white paper for Rise, Utilities and Regulators Seek Solutions”,
Energy Industry, Aug 2017. Available: Forbes, Jan 16, 2018. Available:
https://www.lexingtoninstitute.org/cyber-threat- https://www.forbes.com/sites/constancedouris/2018/
data-sharing-needs-refinement/ . 01/16/as-cyber-threats-to-the-electric-grid-rise-
utilities-regulators-seek-solutions/#624559c1343e .
[45] U.S. Senate. 114th Congress, (2015, Oct. 27). “The
Cybersecurity Information Sharing Act”. Available: [45] W. Peters, “IACD Overview and IACD
https://www.congress.gov/bill/114th- Framework”, IACD Community Day, Laurel,
congress/senate-bill/754 . Maryland, 23-March-2017.

[46] T. Spring, “NSA-Backed OpenC2.org Aims to [56] P. Royer, “Orchestration and Automation”,
Defend Systems at Machine Speed”, Threatpost, OpenC2 Forum, 29-Sep-2016.
June 22, 2017. Available https://threatpost.com/nsa-
backed-openc2-org-aims-to-defend-systems-at- [57] A. Bradbury, “OpenC2 and OrchID – Using
machine-speed/126454/ . OpenC2 in a Managed Security Services Provider”,
OpenC2 Forum, 29-Sep-2016.
[47] J. Romano, D. Sparrell, “Open Command and
Control (OpenC2) Language Specification Version [58] S. Yu, “The Future of Orchestration” Integrated
1.0”, OASIS Committee Specification, 11-July- Cyber, Laurel, Maryland, 1-2-May-2018.
2019. Available https://www.oasis-
open.org/standards#oc2-ls-v1.0 . [59] “Symantec Integrate Cyber Defense Exchange”,
Symantec, 2019. Available
[48] D. Sparrell, “Defense at Machine Speed,” https://www.symantec.com/content/dam/symantec/d
Borderless Cyber USA Conference, New York, NY ocs/data-sheets/integrated-cyber-defense-exchange-
USA, June 21-22, 2017. en.pdf .

[49] J. Hiner, “The four types of cybersecurity threats [60] M. Sherif, D. Sparrell, “Standards and innovation
and a formula to fight them”, June 22, 2017. in telecommunications”, Communications
Available: Magazine, IEEE Volume 30, Issue 7, Jul 1992
https://www.techrepublic.com/article/the-4-types- Page(s):22- 29.
of-cybersecurity-threats-and-a-formula-to-fight-
them/ . [61] J. Gurney, “OpenC2 AWS Actuator”. Available:
https://github.com/newcontext-oss/openc2-aws-
[50] “OASIS Collaborative Automated Course of Action actuator .
Operations (CACAO) for Cyber Security Technical
Committee”. Available https://www.oasis- [62] W. Trost, “OpenC2 AWS Reference
open.org/committees/cacao/charter.php . Implementation”. Available:
https://github.com/att/openc2-aws .
[51] “The Cyber-Physical Systems Revolution” in IEEE
Computing Edge, Vol. 4, No. 5, May, 2018, pp. 10- [63] M. Stair, D. Hamilton, “OpenC2 Lycan for Python”.
13. Available: Available: https://github.com/oasis-open/openc2-
https://www.computer.org/cms/computing-edge/ce- lycan-python .
may18-final.pdf .
[64] E. Ortiz, “A Web Self Service Application for
[52] R. Corrigan, “California Energy Systems for the Generating OpenC2 Commands”, available:
21st Century (CES-21)”, presented at IACD https://github.com/netcoredor/openc2-cmdgen .
Community Day, Laurel, Maryland, March 23,
2017. Available: [65] E. Ortiz, “GUI Tool for OpenC2 Command
https://drive.google.com/file/d/1NWtwUN4Uv2LFk Generation”, DefCon 26 Demolabs, Las Vegas,
TUdTfL5q-TfWATDgUMi/view . Nevada, 12-Aug-2018. Available:
https://www.defcon.org/html/defcon-26/dc-26-
[53] J. Van Randwyk, et al., ‘California Energy Systems demolabs.html .
for the 21st Centruy 2016 Annual Report”,
Lawrence Livermore National Laboratory, March [66] D. Sparrell, “OpenC2 API Simulator (OCAS)”.
29, 2017. Available: https://e-reports- Available: https://github.com/oasis-open/openc2-
ext.llnl.gov/pdf/878504.pdf . ocas .

– 169 –
2019 ITU Kaleidoscope Academic Conference

[67] D. Kemp, “JSON Abstract Data Notation (JADN)”, [71] “Healthcare Proof of Concept”, NTIA Software
Available: https://github.com/oasis-open/openc2- Component Transparency Working Group, 27-June-
jadn . 2019. Available
https://www.ntia.doc.gov/files/ntia/publications/wor
[68] B. Essing, “OpenC2 Lycan for Java”. Available: king_group_healthcare_proof_of_concept_-_2019-
https://github.com/oasis-open/openc2-lycan-java . 06-27_-_v1_002.pdf .

[69] D. Sparrell, “OpenC2 Lycan for Beam”. Available:


https://github.com/oasis-open/openc2-lycan-beam .

[70] USFDA, “Content of Premarket Submissions for


Management of Cybersecurity in Medical Devices”.
Available
https://www.fda.gov/media/119933/download .

– 170 –
SESSION 8

DATA PROTECTION AND PRIVACY IN HEALTHCARE

S8.1 Technical and legal challenges for healthcare blockchains DQG smart contracts
S8.2 Design of a credible blockchain-based e-health records (CB-EHRs) platform
S8.3 The GDPR transfer regime and modern technologies
TECHNICAL AND LEGAL CHALLENGES FOR HEALTHCARE BLOCKCHAINS
AND SMART CONTRACTS

Steven A. Wright1

1
Georgia State University

ABSTRACT [5] are computerized transaction protocols executing


contractual terms on top of the blockchain as code to
The paper considers the technical and legal challenges minimize risk [6]. Digital Autonomous Organizations
impacting recent proposals for healthcare applications of (DAOs) have been proposed as legal entities based on
blockchain and smart contracts. Healthcare blockchain data blockchains. Blockchain technology is evolving rapidly and
and actors are rather different to cryptocurrency data and some [7] refer to generations of blockchain, with Blockchain
actors, resulting in a different emphasis on blockchain 1.0 associated with cryptocurrency, Blockchain 2.0
features. Technical issues with healthcare blockchain associated with smart contracts and Blockchain 3.0 including
implementation and trust are considered, as well as a variety other application areas like health and IoT.
of potential legal issues. Conclusions and recommendations
are proposed for open source and standardization efforts to Blockchains are increasingly proposed as solutions in
reduce technical and legal risks for healthcare blockchains healthcare; however, technical and legal issues remain as
and smart contracts. risks for design and deployment of healthcare blockchains.
One way to reduce risk and build trust in a software system
Keywords – blockchain, healthcare, legal, smart contract is through the use of standards [8]. Though not specifically
in the healthcare area, a number of standards development
1. INTRODUCTION organizations have started work in the area of distributed
ledger technologies including IEEE, ISO1 ITU-T, W3C.
Blockchain’s rise in popularity is usually traced from bitcoin Standards typically promote interoperability between
though some antecedents exist [1]. Blockchains provide a complex systems. Open source software projects are also
distributed, peer-peer, linked data structure; a distributed emerging that reduce risk as a complement to some
ledger that can be used to maintain transaction order and traditional standardization activities [9]. Open source
consistency. A ledger is a book of accounts or transaction software can also increase the trust in a software system
history that could be implemented in a number of ways. A because the code is publicly available for inspection [10].
blockchain can also be considered as a distributed database Open source implementations enable rapid evolution of
organized as a list of ordered, immutable blocks, where the technologies to adapt to uncertain and evolving requirements.
entries in those blocks are not always transactions. The A number of blockchain projects have open source code
computing nodes (miners) of the blockchain sequence the available and some2 have initiatives focused on healthcare.
blocks with timestamps and maintain integrity with each Development of open source or standards takes time, but
block containing a hash of the previous block. The uncertainty around treatment of legal issues from
blockchain structure maintains properties such as accumulating legal precedent and evolution of laws and
transparency, robustness, auditability and security [2]. While regulations in diverse jurisdictions may take longer.
the initial bitcoin application was 'permissionless', recently
applications have featured authorized use of the blockchain The scope of healthcare blockchains is reviewed in section 2
by trusted users. Beyond cryptocurrencies, blockchains have to illustrate the variety of proposals and contrast these with
been proposed for applications in a number of different fields cryptocurrency applications. Technical issues of particular
including financial, integrity verification, governance, relevance to healthcare blockchains are considered in section
Internet of things (IoT), health, education, privacy and 3. A variety of general potential legal issues of healthcare
security, business and industry [3]. The United Nations is blockchain operations are discussed in section 4.
also exploring options for blockchains [4]. Smart contracts Conclusions and recommendations to reduce the technical

1 ISO/TC 307 has a number of specifications under development 2 e.g. https://www.hyperledger.org/resources/industries/healthcare


including a Reference Architecture (ISO/CD 23257),
Terminology (ISO/DIS 2739) and work on Smart Contract
interactions (ISO/TR 23455).

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 173 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

and legal risks of healthcare blockchains are then presented and operations of the blockchain are truly immutable, then it
in section 5. cannot evolve to reflect the changing needs from its users
and the commercial / legal environment. A blockchain is
2. HEALTHCARE BLOCKCHAINS simply a distributed data structure that does not create value
until it is applied in a particular economic context. In their
A variety of healthcare applications have been proposed survey, [17] categorized the health data referenced by the
[3],[11],[12],[13] including drug counterfeiting prevention3, blockchain as financial, database queries, transaction records,
clinical trials, public healthcare management, longitudinal ambient temperature, consent forms, clinical trial records,
healthcare records, automated health claims adjudication, personal records, medical records, sensor data and/ or
online patient access, sharing patients’ medical data, user- location data. Medical records, sensor data and personal
oriented medical research, precision medicine and smart records were the most frequently identified data categories.
contracts to improve the credibility of medical research. From 19 companies, [18] identified healthcare data being
Healthcare applications are being created; [14] identified managed as electronic medical records, electronic health
nine different healthcare applications on Ethereum and two records, and personal health records. electronic medical
applications on Hyperledger. [15] points out that healthcare records (EMRs) contain clinical data related to a specific
applications must balance patient care with information patient stored by the responsible healthcare provider [19].
privacy, access, completeness and cost. The designers of Personal health records (PHR), store data collected by
healthcare information systems may have a number of patients monitoring their health conditions, using their smart
different requirements associated with the systems they are phones or wearable devices [20]. Electronic health records
designing, and the criteria for applying blockchain are not (EHRs), for example, are designed to allow patient medical
always clear [16]. Applications may be a good fit for history to move with the patient or be made available to
blockchain according to [15] if: multiple stakeholders are multiple healthcare providers [21]. [22] proposed a
contributing; more trust is required between parties than blockchain-based EHR as a mechanism to share data
currently exists; an intermediary could be removed or between PHRs and EHRs; but it did not resolve the trust and
omitted to increase trust or efficiency; there is a need for access control mechanisms required. The blockchain PHR
reliable tracking of activity and there is a need for data to be feasibility study in [23] revealed some challenges due to the
reliable over time. In their survey, [17] categorized size of the data records (which impacted both the
healthcare blockchain application areas as clinical trials, performance of the system and operational costs) as well as
biomedical databases, health records, medicines supply, privacy aspects. A blockchain as a database of personalized
medical insurance, wearables and embedded or mhealth, records is likely structured significantly differently than a
with the majority of papers on health records. [14] also noted cryptocurrency blockchain (e.g. separate blockchains for
electronic medical records as the most common area with an personal records c.f. common blockchains for fungible
increasing numbers of papers. In their survey, [17] identified currencies of commodities). The data lifecycle in the
the following rationales for using blockchains in healthcare healthcare blockchain would depend on the use cases that are
applications: access control, non-repudiation, data needed to support the healthcare actors.
versioning, logging, data provenance, data auditing and data
integrity. Access control, data integrity and logging were the 2.2 Actors in healthcare blockchains
most prevalent rationales. [14] identified the benefits of
blockchains for healthcare applications as decentralization, In considering the role of blockchain in a value chain, [24]
improved data security and privacy, health data ownership, identified the need to decide not just what valuable
availability/robustness, transparency and trust, and data information to be captured in the blockchain, or what
verifiability. The data stored in and the actors operating on a operations need to be performed by the blockchain, but also
healthcare blockchain lead to some differences (c.f. for whom the blockchain should be accruing this value. In
cryptocurrencies) in required blockchain features. EMR applications of blockchains, as an example, the value
of the recorded data in the blockchain is not intrinsic; rather
2.1 Data in healthcare blockchains it comes from the association with a particular user e.g. a
patient or a medical practitioner. As a result, the transactions
Blockchains maintain timestamped and cryptographically adding data to the blockchain are most likely not anonymous
signed blocks of transaction data. The data integrity transactions as in bitcoin; rather using the hash as an
mechanisms of the blockchain provide limitations in electronic signature to establish the provenance of the data.
operational flexibility and governance. If the data structures While medical actors may have need of the broader range of

3 The Drug Supply Chain Act (DSCSA) of 2013 requires the


Food and Drug Administration (FDA) to develop standards and
regulations for an interoperable electronic system to identify
and trace medications. A number of pilot projects for this
purpose have been developed using blockchain technologies
(https://www.drstevenawright.com/pharmaceutical-supply-
blockchains/).

– 174 –
ICT for Health: Networks, standards and innovation

blockchain applications such as those identified by [3], in against dimensions of time to achieve consistency, system
this paper the focus is on application areas that are uniquely availability, failure tolerance, scalability, latency,
related to healthcare, rather than application areas like auditability, liveliness, denial of service resistance and
payments for services by bitcoin that may be broadly system complexity. Standardized benchmarks and targets for
applicable across a number of industries. [25] identified the healthcare blockchain performance have not yet been
major stakeholders in digital health systems as patients, the identified.
public, healthcare professionals and health administrators;
however, regulatory agencies and legal systems may also Software engineering has developed tools and methods to
need to be able to operate on or interact with the healthcare support the development and operation of software systems,
blockchains. Provisions would also be needed for minors, but to date these are not optimized for blockchain systems.
access under a healthcare power of attorney, and in some [32] identifies the features and implementation challenges of
cases access after death by heirs. interoperability for healthcare blockchain applications and
proposes foundational software patterns to help address them.
3. TECHNOLOGY ISSUES [33] identifies blockchain oriented software engineering
challenges as new professional roles, security and reliability,
Technology issues can be seen as risks impeding design and software architecture, modeling languages and metrics, and
deployment of healthcare blockchains. Ethereum and proposes new directions for blockchain oriented software
Hyperledger were the most frequently mentioned blockchain engineering related to enhancement of testing and debugging
implementation technologies, found by [17] but only 2% of for specific programming languages and the creation of
the papers surveyed were reporting on implementations, so software tools for smart contract languages. [34] echoes the
healthcare blockchains are still at the early stages of adoption. call for further development of blockchain oriented software
There is not one blockchain but a variety of implementations engineering best practices and design patterns.
with different characteristics [26],[27] (even bitcoin has
forked). Identified technology challenges to the development 3.2 Identity and trust issues in healthcare
of healthcare blockchains include interoperability, security blockchains
and privacy, scalability, speed and patient engagement [14].
Interoperability, scalability and speed are characteristics of Many of the benefits (e.g. improved data security and
the software implementation of healthcare applications on privacy, health data ownership, transparency and trust, data
the blockchain. The degree of patient engagement can be verifiability, non-repudiation, data provenance) sought from
significantly impacted by not just the implementation and healthcare blockchains rely on some form of trust. To
trust issues, but also the usability of the system and the achieve their healthcare objectives, patients need to trust
overall user experience with the healthcare blockchain. healthcare providers. Patients and healthcare professionals
Security, privacy and trust issues reflect concerns about not need to trust the validity of data used for diagnosis and
just the implementation, but the processes for assuring the treatment. Trust has been defined in many different ways by
users can trust the blockchain and its associated software, as different researchers. [35] proposed an interdisciplinary
well as the organizational and legal context. [28] points out model of trust involving components for disposition to trust,
that health information technology in general needs to institution-based trust, trusting beliefs and trusting intentions.
consider not just clinical information, but also socio- Since literally everyone is potentially a patient, and patients
technical concepts of value and trust concepts to be are actors in most healthcare blockchains, addressing all of
successful. those trust components may be necessary for the broad
adoption of healthcare blockchains; not all of them, however,
3.1 Implementation issues in healthcare blockchains are directly solved by blockchains. Disposition to trust and
institution-based trust lie more in the realm of psychological,
Healthcare blockchain applications, whether directly on the sociological and economic concepts. Trusting beliefs and
blockchain, or smart contracts or DAOs, are all software; and intentions may be more manageable for healthcare
software bugs impact the functionality and quality of blockchains that are explicit about what actors can rely on
blockchain systems. [29] performed an empirical study of and for what purposes in the healthcare blockchain use cases.
over one thousand bugs identified from 19 open source
blockchain systems categorizing them and studying their Because of the use of blockchain technology in the financial
resolution to determine that the frequency distributions of industry, and the associated loss risks, the security of
bug types share similar trends across the studied projects, blockchains and related smart contracts have received
implying that these would apply to healthcare blockchain significant attention. In a survey on the security of
applications also. They noted that security bugs took the blockchain systems [36] proposed a taxonomy of the targets
longest median time to fix and that more than 35% of of security attacks. For Blockchain 1.0 (cryptocurrency)
performance bugs took more than a year to fix. While not blockchains the targets were the blockchain consensus
providing specific metrics, [30] identified dimensions for the mechanism, the public key encryption scheme, the
quality of blockchain implementations as including security, cryptocurrency application criminal activity (e.g. money
privacy, throughput, size and bandwidth, performance, laundering ransomware), the transaction verification
usability, data integrity and scalability. [31] surveyed the mechanism, and transaction design flaws that could lead to
performance characteristics of six different blockchains privacy leakage. For Blockchain 2.0 (smart contract)

– 175 –
2019 ITU Kaleidoscope Academic Conference

blockchains, the targets were the smart contract application data contained or referenced in the blockchain record is
(criminal smart contracts), program design flaws, program protected by some form of intellectual property a smart
implementation flaws, smart contract virtual machine (e.g. contract associated with the blockchain could provide an
Ethereum Virtual machine) design flaws. These same automated market for efficiently licensing such content.
components would be risks for healthcare blockchains, Where the blockchain acts as a substitute for the law, there
though the incentives for exploitation would be different is no backstop of traditional legal enforcement. This may be
than for fungible commodities or currencies. attractive in regions where there is no rule of law, or legal
enforcement is weak. As an example of a substitute, the UN
[31] analyzed six types of blockchains to identify the conducted a successful trial using blockchain to track food
mechanisms that they used to implement traditional aid to refugees [40]. The challenge for such systems is the
information security principles of confidentiality, human actors interfacing with the blockchain system, and
information availability, integrity, non-repudiation, their incentives (or the lack of them) for participation.
provenance, pseudonymity and selective disclosure, with
confidentiality and selective disclosure being the least 4.1 Legal entities in healthcare blockchain
supported principles. Data security and privacy, however, architectures
have been identified as key objectives for healthcare
blockchains, and the lack of support for these features would The law covers relations among people and the things they
reduce trust in these systems. Confidentiality features can be own. At least since the industrial revolution, the law will
built on top of the blockchain using smart contracts. [37] consider human beings (or other legal persons) responsible
proposed a system for sharing medical records using for their machines’ acts. While blockchains may be more
permissioned blockchains for access control and smart secure than other approaches, courts can apply existing legal
contracts for monitoring and logging access violations but mechanisms to decide which parties bear the losses and
did not encrypt the underlying records for confidentiality. responsibility for damages. Legal risks do not vanish if
[38] proposed a mechanism for secure storage of medical healthcare services are provided or supported through
records for use with blockchains. Most blockchains require blockchains and smart contracts, etc. Whether DAOs could
some entity in the role of a “miner” to maintain the operation eventually rise to the status of a legally recognized person
of the blockchain through consensus decisions for remains to be seen.
blockchain consistency, blockchain checkpointing, etc. but
simple blockchains do not assure confidentiality of The actors that control the governance of the blockchain are
blockchains during mining operations. While basic not necessarily those using the blockchain. Disruptive
blockchain functionality excels at assuring integrity, evolution could strand users on an unsupported fork of the
additional capabilities (different to cryptocurrencies) will blockchain. The Ethereum and Hyperledger blockchain
likely be required to monitor and assure actors’ requirements systems used in a number of healthcare blockchain
for confidentiality and selective access. Confidentiality and applications are both open source projects that have some
privacy considerations in healthcare use cases may require form of governance through the open source community;
additional emerging crypto-technologies to enable patients’ open source, however, is a gift economy which may be
control of their data. challenged to timely respond to some users’ needs for
evolution and support of the blockchain. Private blockchains
4. LEGAL ISSUES whether organized for profit, or as non-profit consortiums
can provide an entity to control the evolution of the private
Legal issues can be seen as risks impeding design and blockchain, but at the cost of centralizing the function on that
deployment of healthcare blockchains. Legal systems have entity (e.g. what happens if that entity fails?). Decred 4 and
geographic boundaries, but the distributed nature of Tezos5, in contrast, build in governance mechanisms for
blockchains can cross those boundaries. Participants in evolution of their blockchains.
blockchains that cross the boundaries of different legal
systems may be subject to foreign jurisdiction. Both the legal A healthcare blockchain application could rise to the level of
system and blockchains can promote trust or undermine it. a smart contract; with autonomous (workflow) actions
[39] notes that blockchain can act as supplement, triggered by transactions as programmed in the terms of the
complement or substitute for the law. Where the existing smart contract running on the blockchain. A regular contract
trust architecture is generally functional, the blockchain would identify the parties involved and their roles or actions
application can act as an additional (supplementary) layer required as part of the contract and similarly a smart contract
subject to established legal rules, e.g. by enhancing existing defines the actors and roles associated with the contract. [41].
messaging or transaction systems with authenticated While the roles and responsibilities of actors in a smart
messages or transactions. Where the existing trust based on contract can be changed at design time, they cannot be
the legal system is insufficient or breaking down, then the changed during operation. The entities designing the smart
distributed ledgers of the blockchain could complement and contract may not be the same as those creating instances of
extend the existing trust architecture. As an example, if the

4 https://decred.org . 5 https://tezos.com .

– 176 –
ICT for Health: Networks, standards and innovation

the smart contract; nor supporting the execution environment corporations to use distributed ledgers to maintain their share
of that smart contract. The parties are identified with their ownership registry. Vermont (12 V.S.A. § 1913) explicitly
blockchain accounts and transactions record obligations identified blockchain records as being admissible as
fulfilled under the smart contract. Smart contracts can evidence in court. Wyoming (§17-206) exempts open
replace error-prone human judgements with specific rule- blockchain tokens from registration as securities in contrast
based actions capturing best practices and by automating with views from regulatory agencies like CFTC and SEC
workflows eliminate the need for acknowledgements by treating cryptocurrencies as securities or commodities.
healthcare professionals [42]. While healthcare data may not seem like a commodity or
security, healthcare blockchain advocates may need to care
Perhaps inspired by Barlow’s declaration of the whether emerging regulatory language is over-inclusive.
independence of cyberspace [43], the decentralized,
anonymous and autonomous nature of some early blockchain Much of the existing legal precedents are based on criminal
implementations lead to proponents of DAOs which behavior around blockchain 1.0 cryptocurrency/ fintech, but
purported to have the operating software of the blockchain the data underlying healthcare blockchains is not a fungible
be an independent legal entity. Other automated trading financial asset. Market participants involved in distributed
systems have made automated transactions on behalf of their ledger systems like blockchain also must keep in mind
account owners for some time, but here the software itself conduct-related legislation implementing public policy
was purported to be the account owner. The law has a history including Antitrust, data protection, copyright, property and
of recognizing fictitious entities (e.g. corporations). tax, but, in comparison with cryptocurrencies, these areas are
Ownerless corporations have been proposed almost 30 years not anticipated to be of particular concern for healthcare
ago [44] and the enabling acts of several states would seem blockchains.
to permit zero-member LLCs [45] though such entities
would raise a number of social and political concerns [46]. The recent European Union General Data Protection
An early implementation of a DAO based on bitcoin did not Regulation (GDPR) creates additional legal protections for
fare well [47]. Despite efforts to transition governmental personal information in general, and other jurisdictions may
services to electronic form, from service of process to be considering similar regulations. Blockchains operated
judgement enforcement a purely software entity would be within the scope of those regulations may need additional
difficult to interface with a human and paper-driven legal design features to meet the GDPR requirements [49].
system. Beyond general data privacy regulation, healthcare
blockchains and smart contracts would be impacted by
Distributed ledger technologies could be considered by healthcare specific regulations (e.g. HIPPA [50] which has
courts in several legal systems as joint ventures or obligations for data privacy in contrast with many
partnerships between participants [48]. If a partnership were blockchain implementations that rely on a publicly visible
determined to exist, then joint and several liability would blockchain).
extend to all the partners. Joint and several liability means
the plaintiffs can collect any damages award from any one of Consider a healthcare smart contract executing on a
a group of partners. The extent of the partnership would be blockchain accepting data from an oracle reporting on a
determined by the court given the facts and circumstances of physiological condition through a smart phone, making some
the case. analysis of the data and reporting exceptional health
conditions as an alarm to a healthcare professional. The
4.2 Public law definition of a medical device [51] is sufficiently broad that
this healthcare smart contract could be considered a medical
Because blockchain technology is relatively new, there is not device and subject to medical device regulation. An error in
yet a lot of blockchain specific laws and regulation in place, such a smart contract medical device could create product
and what there is has been driven by cryptocurrencies rather liabilities.
than healthcare blockchain applications. Blockchain related
legislation is under consideration in a number of 4.3 Private law
states6.Arizona explicitly recognized electronic signatures
secured by blockchains as valid signatures and defined smart Private law differs in different legal systems, but generally
contracts secured through blockchains as valid electronic liabilities can arise through contracts, torts, partnerships or
records. A.R.S §44-7061 defines a smart contract as: “an specific legislation. Tort claims are particularly important
event-driven program, with state, that runs on a distributed, where there is no contractual liability. Joint tortfeasors are
decentralized, shared and replicated ledger and that can take two or more individuals with joint and several liability in tort
custody over and instruct transfer of assets on that ledger”. for the same injury to the same person or property. Whether
Delaware enacted legislation (D.C. §8-224) enabling healthcare smart contracts implemented on blockchain

6 http://www.ncsl.org/research/financial-services-and-commerce
/the-fundamentals-of-risk-management-and-insurance-viewed-
through-the-lens-of-emerging-technology-webinar.aspx.

– 177 –
2019 ITU Kaleidoscope Academic Conference

would be recognized as legitimate contracts would depend (see e.g. [58] using the wisdom of the crowd rather than
on the facts and circumstances in a particular jurisdiction, but arbitrators, but ethical issues may limit the applicability of
it appears that some jurisdictions may recognize smart this approach in healthcare smart contract disputes. While
contracts as legally binding [52] [53]. Contract law typically legislation typically directs courts to respect private
recognizes a contract established through a variety of arbitration decisions, such legislation might need extensions
different mechanisms (implied agreements, click through to support dispute resolution by smart contracts.
licenses etc.), however currently, there is not a lot of specific
legislation, regulation or legal precedent related to smart 5. CONCLUSIONS AND RECOMMENDATIONS
contracts. In the case of a private blockchain, there may be a
number of ancillary documents that users of the blockchain Emerging technologies often present a challenge or gap
may be required to agree to before using the service that can between technology advancements and the law. The gap
establish the legitimacy of the legal effect desired by the creates uncertainty that limits commercial investments and
smart contract terms. adoption of the technologies. The gap can be closed from
both sides, by designing technological solutions considering
Smart contracts are good at setting forth, ex ante, the existing legal issues and/or by changing legal or regulatory
anticipated conditions and consequences and then ensuring regimes to consider aspects of the technology solutions.
the consequences occur upon fulfillment. Legal contracts are Open source and standards can help eliminate some barriers
good at cleaning up the mess ex post, when, inevitably, to wider deployment.
things do not go according to plan [39]. Smart contracts, as
proposed by Szabo, have no explicit linkage between the Many of the technological risks of blockchain
smart contract and any external legal contracts; Ricardian implementations are not unique to healthcare use cases.
contracts explicitly link them [54]. Many smart contracts Healthcare specific blockchain design patterns and
need to interface with the outside world for information and performance benchmarks may eventually emerge through
those external data sources are called oracles. Oracles can be the open source communities as the healthcare use cases
humans though perhaps more typically some external entity evolve. Evolution of blockchain capabilities and design
makes its data feed available to the smart contract. patterns to support confidentiality and selective disclosure
may be particularly helpful for healthcare applications. The
Smart contracts can include “self-help” enforcement blockchain work on zero knowledge proofs (e.g. zcash) and
mechanisms where breaches of the contractual terms can be privacy preserving computation (e.g. [59]) seem promising
identified, and remedies enforced, through execution of the directions.
smart contract [55]. The completeness of such approaches is
one concern (e.g. did the parties identify all the possible ways While the evolution of public law and regulation will typically
in which the contract could be breached; can they agree on wait for action by deliberative bodies, private law related to
reasonable valuations for liquidation of the damages if the contracts may be more amenable to innovative approaches
form of the breach is not foreseen). Another concern arises from open source and standards. [39] identified safe harbors
when the contract is impacted by external events not foreseen and sandboxes as well as modularization or standardized terms
in the contract terms (e.g. a bankruptcy stay that impacts a in smart contracts as legal initiatives to reduce risk in
blockchain transaction, frustration or force majeure). Courts blockchain adoption. Healthcare is typically a regulated
may void contracts that exceed the limits of contract law, e.g. industry and the creation of safe harbors or sandboxes for
if the contract is unconscionable or violates some public healthcare blockchain applications would typically require
policy. Smart contracts would not provide mechanisms to actions by regulatory agencies. There are already examples of
escape the limits of contract law. Blockchains have been regulatory agencies such as the FDA experimenting with
hacked and forked which can impact the owners of assets blockchain technology to build expertise [60].
administered by the blockchain. Smart contracts may be
better positioned than the legal system to respond to such Contracts are private law, and as lawyers build expertise in
events assuming that they are foreseeable and detectable. particular transactions, they typically reuse standard terms that
experience has indicated as being enforceable to meet their
Smart contracts and oracles have been proposed as a objectives. Standardized forms may be used for particularly
mechanism for dispute resolution with courts or private common transactions. Several consortia and commercial
actors interfaced with the smart contract [56]. More entities and standards bodies7 are working on standardized
speculative and controversial approaches would be to use a terms for smart contracts though these seem to be focused on
computational mechanism for dispute resolution. The commercial transaction terms rather than healthcare
DAMN proposal [57] envisions a dispute resolution smart transaction terms. The availability of standardized healthcare
contract because arbitration is often easier to enforce transactions and processes should facilitate the development of
internationally than local court decisions. Prediction markets smart contract terms for the healthcare blockchains. Healthcare
have also been proposed for smart contract dispute resolution smart contracts could be designed to include dispute resolution

7 See e.g. OpenLaw, Clause.io, Agrello, ISO TC 307.

– 178 –
ICT for Health: Networks, standards and innovation

clauses, but standardized smart contract support for [12] T-T.Kuo, et .al."Blockchain distributed ledger
confidentiality and selective disclosure (e.g. access logging) technologies for biomedical and health care
may be more tractable in the near term. applications." J. of the Am. Med. Informatics Assn. 24.6
(2017): 1211-1220.
Reducing risks to design and deploy healthcare blockchains
[13] M. Mettler, "Blockchain technology in healthcare: The
and smart contracts will require different approaches for the revolution starts here." 18th Int’l Conf. on e-Health
different types of risk. Interoperability risks can be reduced Networking, App. and Serv. (Healthcom). IEEE, 2016.
through the development of standardized data formats for the
secure interchange of different types of health records. This [14] C.Agbo, et.al.,"Blockchain Technology in Healthcare: A
may not be the first risk to tackle though as it assumes there Systematic Review," Healthcare, vol. 7, no. 56, 2019.
are existing systems that needs to interoperate. The security
toolbox already provides a number of mechanisms to support [15] M. Englehardt, "Hitching healthcare to the chain: An
fine grained distinctions in authentication and authorization to introduction to blockchain technology in the healthcare
support the privacy and security requirements of healthcare sector.," Tech. Innovation Mgmt Rev., vol. 7, no. 10, 2017.
blockchains, though the specific use cases and role definitions
may still be evolving. Reducing legal uncertainties may be a [16] S. Lo, "Evaluating Suitability of Applying Blockchain," in
longer process due to the timescales required to accumulate IEEE Int’l Conf. on Engg. of Complex Comp. Sys., 2017.
legal precedents or evolve laws and regulations through
consensus mechanisms. Private law arrangements can provide [17] G.Drosatos, et. al., “Blockchain Applications in the
Biomedical Domain: A Scoping Review”, Computational
some protections while public laws evolve.
and Structural Biotech. J., Vol 17, pp 229-240, 2019
6. REFERENCES [18] D.Dimitrov, "Blockchain Applications for Healthcare
Data Management," Healthcare Information Res., vol. 25,
[1] A. Narayanan, "Bitcoin's Academic Pedigree," Comm. of no. 1, pp. 51-56, 2019.
the ACM, vol. 60, no. 12, pp. 36-45, 2017.
[19] M.Steward, "Electronic Medical Records," J. of Legal
[2] K. Christidis, et. al. "Blockchains and smart contracts for Medicine, vol. 26, no. 4, pp. 491-506, 2005.
the internet of things," IEEE Access, vol. 4, pp. 2292-
2303, 2016. [20] P. Tang. et.al, "Personal Health Records: Definitions,
Benefits, and Strategies for Overcoming Barriers to
[3] F.Casino, "A systematic literature review of blockchain- Adoption," J. of the American Medical Informatics Assoc.,
based applications: Current status, classification and open vol. 13, no. 2, pp. 121-126, 2006.
issues," Telematics and Informatics, vol. 36, pp. 55-81,
2019. [21] K. Hayrinena, et.al., Impacts of Electronic Health
Records: A Review of the Research Literature,," Int'l J. of
[4] UN, "Global Opportunity Explorer," 2019. Medical Informatics, vol. 77, no. 5, pp. 291-304, 2008.
https://www.unglobalcompact.org/docs/publications/GOE
_2019_Insights.pdf. [22] C.Esposito, et.al., "Blockchain: A Panacea for Healthcare
Cloud-Based Data Security and Privacy?," IEEE Cloud
[5] N. Szabo, “Smart Contracts”, Virtual School, 1994 Computing, vol. 5, no. 1, pp. 31-37, 2018.

[6] N. Szabo, “The idea of smart contracts”, Nick Szabo’s [23] Y. Park, et.al.,"Is Blockchain Technology Suitable for
papers and concise tutorials Vol. 6, 1997 Managing Personal Health Records? Mixed-Methods
Study to Test Feasibility," J. Med. Internet Res., vol. 21,
[7] M. Swan, “Blockchain: Blueprint for a new economy", no. 2, pp. 1-8, 2019
O'Reilly Media, Inc., 2015.
[24] T.Felin,et.al., "What problems will you solve with
[8] D. Osterwalder, "Trust Through Evaluation and blockchain?," MIT Sloan Mgmt Rev., Fall, pp. 32-38, 2018
Certification?," Soc. Science Comp. Rev., vol. 19, no. 1,
pp. 32-46, 2001. [25] A. Adjekum, et.al.,"Elements of Trust in Digital Health
Systems: Scoping Review," J. Med. Internet Res., vol. 20,
[9] S.Wright, et., al., "Open source and standards: The role of no. 12, 2018
open source in the dialogue between research and
standardization." IEEE Globecom Workshops 2014. [26] M. Macdonald, M., et.al. "The blockchain: a comparison
of platforms and their uses beyond bitcoin." COMS4507-
[10] Y. Ho, "Trust and distrust in open source software Adv. Computer and Network Security(2017).
development.," J. of Comp. Inf. Sys. , vol. 54, no. 1, pp.
84-93, 2013. [27] T-T. Kuo, et.al. "Comparison of blockchain platforms: a
systematic review and healthcare examples." J. of the Am.
[11] S. Angraal, et.al,"Blockchain technology: applications in Med. Informatics Assn. 26.5 (2019): 462-478.
health care." Circulation: Cardiovascular quality and
outcomes 10.9 (2017): e003800.

– 179 –
2019 ITU Kaleidoscope Academic Conference

[28] M. Wong, et.al.,"Socio-Technical Considerations for the [44] K. Iwai, "Persons, Things and Corporations: The
Use of Blockchain Technology in Healthcare," Studies in Corporate Personality Controversy and Comparative
Health Tech. and Informatics, vol. 247, pp. 636-640, 2018. Corporate Governance," AM. J. COMP. L., vol. 49, pp.
583-600, 1999.
[29] Z.Wan, et.al., "Bug characteristics in blockchain systems:
A largescale empirical study," in IEEE/ACM 14th Int’l [45] S.Bayern, "Of Bitcoins, Independently Wealthy Software,
Conf. on Mining Software Repositories (MSR), 2017. and the Zero-Member LLC," Northwestern U. Law Rev.,
vol. 108, pp. 257-270, 2014.
[30] B. Koteska, et.al., "Blockchain Implementation Quality
Challenges: A Literature Review," in 6th Workshop on [46] L. Lopucki, "Algorithmic Entities," Washington U. Law
Software Quality, Analysis, Monitoring, Improvement, and Rev., vol. 95, no. 4, pp. 887-953, 2018.
Applications, 2017.
[47] Q. DuPont, "Experiments in Algorithmic Governance: A
[31] A. Anjum, et.al.,"Blockchain standards for compliance history and ethnography of ‘The DAO,’ a failed
and trust.," IEEE Cloud Computing, vol. 4, no. 4, pp. 84- Decentralized Autonomous Organization.," in Bitcoin and
90, 2017. Beyond: Cryptocurrencies, Blockchains and Global
Governance, Routledge, 2017.
[32] P.Zhang, et.al.,"Applying Software Patterns to Address
Interoperability in Blockchain-based Healthcare Apps," [48] D. Zetsche, et.al. "The distributed liability of distributed
arXiv preprint arXiv:1706.03700, 2017. ledgers: Legal risks of blockchain.," U. Ill. L. Rev., 2018.

[33] S.Porru, et.al., "Blockchain-oriented Software [49] M.Beberich, et.al., "Blockchain Technology and GDPR-
Engineering: Challenges and New Directions," in How to reconcile privacy and distributed ledgers.," Eur.
IEEE/ACM 39th Int’l Conf. on Software Engg., 2017 Data Prot. L. Rev., no. 2, p. 422, 2016

[34] G. DeStefanis, "Smart contracts vulnerabilities: a call for [50] B.Fiedler, "Challenges of New Technology: Securing
blockchain software engineering?," in IEEE Int’l Medical Devices and Their Software for HIPPA
Workshop on Blockchain Oriented Software Engg. , 2018. Compliance.," in Managing Medical Devices Within a
Regulatory Framework, Elsevier, 2017, pp. 315-329.
[35] D. McKnight, et.al.,"What is Trust? A Conceptual
Analysis and an Interdisciplinary Model," in AMCIS 2000 [51] World Health Organization, "Medical device regulations:
Proc., 2000. global overview and guiding principles," 2003.

[36] X.Li, et.al. "A Survey on the Security of Blockchain [52] K. Lauslahti, "Smart Contracts – How will Blockchain
Systems," in Future Gen. Computer Systems, 2017. Technology Affect Contractual Practices?," ETLA Reports
No 68, 2017.
[37] Q.Xia, et.al.,"MeDShare: Trust-Less Medical Data
Sharing Among Cloud Service Providers via Blockchain," [53] A. Savelyev, "Contract law 2.0:‘Smart’contracts as the
IEEE Access, vol. 5, pp. 14757-14767, 2017. beginning of the end of classic contract law," Information
& Communications Technology Law, vol. 26, no. 2, pp.
[38] Y. Chen, et.al.,"Blockchain-based medical records secure 116-134, 2017.
storage and medical service framework," J. of Medical
Systems , vol. 43, no. 1, 2019. [54] I. Grigg, "The Ricardian Contract," in Proc. 1st IEEE
Workshop on Electronic Contracting, 2004.
[39] K. Werbach, "Trust, but Verify: Why the Blockchain
Needs the Law," Berkeley Technology Law J., vol. 33, no. [55] M. Raskin, "The Law and Legality of Smart Contracts,"
2, pp. 487-550, 2018. Georgetown Law and Tech. Rev., vol. 1, no. 2, pp. 305-
341, 2017.
[40] L. Cuen, "UN Using Blockchain Technology to Help
Refugees, Fight World Hunger,," Int’l Bus. Times, 4 May [56] A. Wright, et.al., "Decentralized Blockchain Technology
2017. and the Rise of Lex Cryptographia," 2015. [Online].
Available: https://perma.cc/3YUP-PNM4.
[41] I. Karamitsos, et.al.,"Design of the Blockchain Smart
Contract: A Use Case for Real Estate," J. of Information [57] P. Morgan, "Decentralized Arbitration and Mediation
Security, vol. 9, pp. 177-190, 2018. Network (DAMN)," 23 May 2016. [Online]. Available:
https://github.com/thirdkey-
[42] P.Cuccuru, "Beyond bitcoin: an early overview on smart solutions/damn/blob/master/proposal.asciidoc
contracts.," Int’l J. of Law and Information Technology.,
vol. 25, pp. 179-195, 2017. [58] A. Koulu, "Blockchains and Online Dispute Resolution:
Smart Contracts as an Alternative to Enforcement,"
[43] J. Barlow, "A Declaration of the Independence of SCRIPTed - A J. of Law, Tech. & Soc., vol. 13, no. 1, pp.
Cyberspace," Electronic Frontier Foundation, [Online]. 40-69, 2016.
Available: https://perma.cc/SF3L-Y7PX.

– 180 –
ICT for Health: Networks, standards and innovation

[59] A. Kosba, et al. "Hawk: The blockchain model of [60] J. Scott, "Booz Allen Hamilton Helps FDA Test
cryptography and privacy-preserving smart contracts." Healthcare Blockchain Technology," Govcon Wire, 26
Symp. on Security and Privacy. IEEE, 2016. June 2018.

– 181 –
DESIGN OF A CREDIBLE BLOCKCHAIN-BASED E-HEALTH RECORDS (CB-EHRS)
PLATFORM

Lingyu Xu1; Antoine Bagula1; Omowunmi Isafiade1; Kun Ma1; Tapiwa Chiwewe2
1University of the Western Cape
2IBM Research Africa

ABSTRACT

With the rapid development of electronic health care, the


era of medical big data has already emerged. However,
in the global electronic health industry environment, one
of the significant challenges is that the various medical
institutions are independent of one another. Patients,
doctors and medical researchers have significant barriers
in accessing medical data. As an intervention strategy using
blockchain principle, this paper explores the characteristics
of blockchain which are applicable to the management
of electronic health records (EHRs), and presents
a credible blockchain-based electronic health records
(CB-EHRs) management platform. A CB-EHRs platform
is characterized by decentralization, data tamper-proof, Figure 1 – An assessment of the use of EHRs between 2012
collective maintenance mechanisms, security and credibility. and 2016 [5]
This platform cannot only realize data sharing between
medical institutions, but also ensures the privacy of users. inevitable for most, if not all, medical practitioners [4]. In a
This paper introduces the components of the CB-EHRs EHRs study conducted in 2016 [5], researchers examined
platform model and the implementation principle of its related 15,285 physicians in 28 different departments. Figure 1
functions. In addition, this paper also reviews and selects present an overview of the result of their study. The goal of
the delegated Byzantine Fault Tolerance (dBFT) consensus the research was to know the extent to which the EHRs system
mechanism as a viable option for the CB-EHRs platform. is utilized, score of EHRs system, satisfaction levels, impacts
Finally, by comparing with the Practical Byzantine Fault on doctors’ daily routines and doctor-patient communication.
Tolerance (PBFT) consensus mechanism and our research, Overall, the acceptance and use of the EHRs system have
we highlight the potential advantages of our proposed dramatically changed since 2012 as seen in Figure 1. More
CB-EHRs platform in the medical domain. than 91% respondents indicated that they are using EHRs,
compared with a 74% rate observed in 2012. In addition, 2%
Keywords - Blockchain, CB-EHRs, data sharing, electronic of the respondents said that they are in the process of installing
health records, privacy protection EHRs, and 3% plan to buy or use EHRs in the coming year.
This means that almost every medical practitioner will use
1. INTRODUCTION EHRs in the near future. Considering the outcome of this
study, it is clear that the shift from a paper-based structure to
In recent years, various electronic information technologies electronic-based records is rapidly evolving. In the current
have penetrated daily human life, such as cloud computing, age, only a few doctors can operate effectively and efficiently
Internet of things and internet technologies. Hence, the era without EHRs.
of globalized big data has emerged [1]. Furthermore, with
the rapid development of medical and health services, a large While it is widely recognized that an EHRs platform is an
amount of medical data is generated on a daily basis, which inevitable technology platform in the medical domain, there
confirms a necessity for electronic health records (EHRs) are still a number of challenges that need to be tackled
technology. EHRs is an electronic version of a patients in this domain, in order to promote its use in the near
medical history. So far, most EHRs are managed by an EHRs future. Such challenges include, but are not limited to:
platform belonging to an independent medical institution. (i) difficulty in data sharing; (ii) trust and (iii) privacy
Moreover, an EHRs platform also promotes data-driven concerns. Hence, as a way of intervention and by leveraging
decision support in healthcare, for example, through data the principles of blockchain technology, this paper presents
mining [2, 3]. While the spread and use of EHRs across the a credible blockchain-based electronic health records (CB-
globe have not been fully realized, EHRs is now becoming EHRs) management platform. CB-EHRs platforms are

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 183 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

designed to promote EHRs’ successful development and added to the Internet due to the growing popularity
sustainability across the globe. This paper revisits the issue of EHRs, medical genetic sequencing and wearable
of healthcare management to describe the design of a credible medical devices. Therefore, the protection of user
blockchain-based e-health records (CB-EHRs) platform and privacy and medical information security becomes more
its performance evaluation. The proposed platform can urgent and important.
be used to secure transactions through anonymity and
traceability of health data in cyber-healthcare systems, such 2.2 Blockchain-based EHRs related research
as those proposed in [6–10].
The rest of the paper is structured as follows: section 2 In order to address the aforementioned problems, many
presents related study on blockchain and a summary of researchers have proposed relevant solutions through strategy
challenges in the EHRs platform, highlighting the gaps and research, architectural frameworks and model designs [16–
opportunities that have been identified in the current system. 18]. For example, in 2011 Sebastian Haas [16] et
The key contribution of this paper is described in sections 3 al. proposed a privacy protection system based on data
and 4, detailing the components and related functions of the services and patient service models. Yarmand et al. [17]
proposed CB-EHRs. Section 5 details the performance of in 2013 proposed a behavior-based access control for a
the choice consensus algorithm. Finally, section 6 concludes distributed healthcare model to solve the user’s privacy
the paper and presents a possible extension to the CB-EHRs problem. Recently, with the development of blockchain
platform. technology, blockchain has not only been used in the
financial industry, but has also been adopted as a protective
2. BLOCKCHAIN-BASED RELATED WORK AND mechanism in the medical domain. In 2016, Drew lvan [18]
CHALLENGES OF EHRS PLATFORM proposed a blockchain approach to securely store patient
medical records. While the above-mentioned models used
This section presents an expository detail on blockchain, blockchain technology to facilitate data sharing and privacy
the challenges of EHRs, and related research on protection, the framework it adopted presents a large amount
blockchain-based EHRs. The section concludes by of network resource wastage or consumption. For users
highlighting the contribution of CB-EHRs platform proposed who need treatment, functionalities of these models are not
in this paper. complete and need to be improved. Hence, this research
presents a credible blockchain-based electronic health records
2.1 Challenges of EHRs platform (CB-EHRs) management platform, which is characterized by
decentralization, data tamper-proof, collective maintenance
The EHRs platform is widely recognized as an enabling mechanisms, security and credibility. This platform cannot
platform, which promotes telemedicine in the current only realize the capabilities of medical data sharing, but also
technology age [11]. However, despite its wide acceptance ensures the privacy of users.
and use, there are some challenges that remain pertinent to
the platform. Some of the known key challenges are:
3. BLOCKCHAIN TECHNOLOGY
• Difficulty in medical data sharing: In order to advance
medical research and facilitate patients, researchers 3.1 The concept of blockchain
are committed to the sharing of medical data. At
present, there are some trust issues among medical There are two basic definitions of blockchain [19, 20].
institutions around the world. Hence, the verification, In a narrow sense, blockchain is a non-tampered and
synchronization and storage of medical data are unforgeable distributed ledger that uses cryptographic
hindered. When medical institutions and patients share correlation algorithms. It is a chained data structure that
data, they need to spend a lot of time and resources links data blocks together in time order [19]. Broadly
on identity and data validation. This makes medical speaking, blockchain technology refers to a new distributed
data acquisition very difficult [12]. Moreover, data infrastructure and computing paradigm which is built on
transmission is not secure and data can be tampered with. a peer-to-peer network. It uses a chained data structure
All of these challenges seriously hinder the development to validate and store data, a distributed node consensus
of medical big data and electronic healthcare systems. algorithm to generate and update data, and a cryptography
mechanism to protect data transmission and access security
• Information security and privacy protection concerns: [20]. Alliance chain (adopted in this paper): In an alliance
Firstly, there is no complete scheme of medical privacy blockchain, the consensus process is controlled by preselected
protection in the electronic medical industry [13]. nodes. Only alliance members have permissions to read and
Secondly, big data mining technology has potential write the blockchain [21]. This type of blockchain can be
risks of linkage attacks, which attempt to re-identify seen as "partially decentralized".
individuals in an anonymized data set by merging
information from two or more datasets. Thirdly, the 3.2 PKI and digital signature
user does not fully participate in the access control
policy of the electronic health record [14,15]. However, The comprehensive technology required to provide
more and more personal health information is now being public-key encryption and digital signature services is known

– 184 –
ICT for Health: Networks, standards and innovation

as a public-key infrastructure (PKI) [22]. The basic idea of • Decentralization: The blockchain system is based on
applying PKI to the EHRs platform is to have the trusted a peer-to-peer distributed network, this feature makes
user digitally sign documents certifying that a particular it not to rely on a centralized management agency.
cryptographic key belongs to a particular user. The EHRs Therefore, the operation of the CB-EHRs platform is
platform in the Internet brings convenience to users, but it jointly accomplished and maintained by all medical
also increases the possibility of privacy leaks. Using the PKI institutions in the blockchain. If any medical institution
to generate a public key and identity identifier for him/her node is lost or damaged, the system can still function
during the user registration process. Users are active and effectively.
authenticated in the EHRs platform in this particular state.
This approach not only ensures the user’s legal identity but • Tamper-proof: The chained structure of the blockchain
also protects the user’s privacy. The purpose of PKI is to ensures the tamper resistance of the data in the
manage keys and certificates. blockchain system. If the information of a block is
Digital signature, also known as public key digital signature changed, the block header hash of the next block will
[23], usually defines two corresponding operations, one for also change. Therefore, if the attacking node wants
the signature (private key) and the other for the authentication to successfully change the transaction information, it
(public key). The process of signing is as follows. First, the only recalculates all subsequent blocks of the changed
sender uses the hash algorithm to obtain a digital abstract, block and catches up with the progress of the legal
and the signature private key encrypts the digital abstract to blockchain in the network. In the current state of
obtain a digital signature. The original text and the digital network technology development, such an attack is
signature will be sent to the recipient together. The receiver difficult to achieve [33]. Therefore, applying blockchain
then verifies the signature by decrypting the digital signature technology to the CB-EHRs platform makes EHRs data
with the sender’s public key to obtain a digital abstract. The more secure.
receiver will use the same hash algorithm to get a new digital • Anonymity: Transaction data on the blockchain is
abstract and compare the two abstracts. If the two match, the open and transparent. However, the owner’s identity
digitally-signed electronic file is successfully transmitted. corresponding to the transaction is anonymous. The
CB-EHRs platform can use blockchain encryption to
3.3 Consensus mechanism hash user identity information. The resulting hash value
Consensus refers to the process by which network nodes is used as the unique identifier for the user, similar
adhere to a common rule and achieves consistent results to the bitcoin’s wallet address. The user’s behavior
for certain problems through asynchronous interaction. The on the CB-EHRs platform is associated with the hash
consensus mechanism in the blockchain is mainly used to value obtained earlier, rather than with the user identity
make the network nodes agree on block generation and information. This separation of user identity and user
benefit distribution. The major difference between different data protects patient privacy.
blockchain networks comes from the difference in consensus
In what follows, we present the detail of the proposed
mechanisms. Therefore, the characteristics and performance
CB-EHRs, its associated features and potential benefits.
of different blockchain networks are also different, depending
on the choice of consensus mechanism.
4. DESIGN APPROACH OF CB-EHRS PLATFORM
Currently, Proof of Work (PoW) is used in the bitcoin
network [24]; Ethereum also uses PoW, and tend to gradually This section provides a detailed explanation of related
replace PoW with Proof of Stake (POS) [25]; Ripple uses features and functioning of the proposed credible blockchain
Ripple Proof of Consensus Algorithm (RPCA) [26]; Fabric electronic health records (CB-EHRs) platform.
uses Practical Byzantine Fault Tolerance (PBFT) [27]; in
addition, there are Delegated Proof of Stake (DPoS) [28] 4.1 Platform architecture
and Delegated Byzantine Fault Tolerance (dBFT) [29]. The
CB-EHRs platform uses the dBFT consensus mechanism. The proposed architecture of the CB-EHRs platform is
This consensus mechanism was proposed by NEO [30], which designed as a layered architecture. The entire platform
is an open source blockchain project driven by the community. is divided into three layers, which comprise: (i) the user
A comparison [31, 32] of the characteristics of several major interface layer, which is at the top; (ii) the business logic
consensus mechanisms is shown in Table 1. layer, which is in the middle; and (iii) the data access layer,
positioned at the bottom of the framework. Figure 2 presents
3.4 Blockchain and CB-EHRs platform an overview of the CB-EHRs architectural framework and
details of the architecture is presented hereafter.
• Openness: The blockchain system code is open source.
The system’s interface and data are also open to everyone 4.1.1 User Interface layer
[33]. Each node in the system is allowed to obtain the
complete copy of the database. Based on this feature, The user interface layer is used to display data and receive
the CB-EHRs platform enables medical data to be shared user’s input information. It provides users with a graphic
among medical institutions. interface that can interoperate with the entire blockchain

– 185 –
2019 ITU Kaleidoscope Academic Conference

Table 1 – Summary of the characteristics of major consensus mechanisms


Consensus Mechanism PoW PoS DPoS RPCA PBFT dBFT
Performance
Low Low High High High High
efficiency
Public Public chain Public chain Public Alliance Alliance
Scenes
chain [21] Alliance chain Alliance chain chain chain chain
Select
Accounting All All Static Dynamic
All nodes representative
nodes nodes nodes selection selection
nodes
Response About 1 <1 <1 <1 <1
time 10 minutes minute minute minute minute minute
Ideal state
>10
of Transaction 1000 1000
7 TPS 300 TPS 500 TPS thousand
Per Second TPS TPS
TPS
(TPS)
Fault
50% 50% 50% 20% 33% 33%
tolerance
Resource
high medium low low low low
consumption

medical records. The record query interface provides medical


staff with a rich EHRs database that facilitates the research
process for various diagnoses.

System Security Module includes four sub-modules. The


addition of the access control facilitates system management.
The module also controls user access. It can set up patients to
access individual EHRs while doctors access all EHRs. There
are many access control mechanisms that can be selected,
such as role-based access control [35]. Hash encryption
makes the data form a chain structure. The digital signature
generates a key pair for the registered user. dBFT consensus
acts on the P2P network and is responsible for running a
set of nodes that implement the consensus mechanism. The
dBFT consensus module works with these nodes to validate
transactions and maintain distributed ledgers.

In Other Functional Module, Chatroom is added to the


Figure 2 – The overall framework of the CB-EHRs platform CB-EHRs platform to facilitate communication between the
patient and the healthcare provider for remote diagnosis. Data
platform. The blockchain-based EHRs platform proposed statistics classifies data for medical researchers to facilitate
in this paper can be used on mobile devices, PCs and smart medical research.
wearable devices. On one hand, medical workers need to use
PCs to fill out electronic health records, and users are able to The business logic layer can encapsulate user data into virtual
access their own electronic health records. On the other hand, transactions and assets, then transfer these transactions and
users can also use their mobile phones and smart wearable assets to nodes in the blockchain network. Through the
devices to share electronic health records with doctors at any interaction of these modules with the previously mentioned
time and place, when they need to conduct remote diagnosis. interfaces, data exchange between users and the blockchain
Hence this promotes ubiquitous access. database can be smoothly realized.

4.1.2 Business logic layer


4.1.3 Data access layer
The business logic layer is used to provide data conversion
between actual users and the blockchain-based EHRs The data access layer contains a unique blockchain and a P2P
platform. It provides users with a unified data interface network that maintains and validates the blockchain. The P2P
and unified data standards [34]. This layer includes three network is used to maintain the operation of the CB-EHRs
modules: (i) Basic Function Module, (ii) System Security platform. It can receive transaction verification requests,
Module and (iii) Other Functional Module. generate blocks and vote on new blocks. The verification
Basic Function Module has four interfaces. The registration nodes in the network agree on the transaction sequence by
interface implements the registration function for new users. running the dBFT consensus mechanism. The platform
The record upload and record authorization interface provide can then generate blocks and update the local blockchain
users with services for uploading and signing their own database.

– 186 –
ICT for Health: Networks, standards and innovation

4.2 dBFT consensus mechanism in the platform

Unlike the current mainstream blockchain system, the


CB-EHRs platform uses the dBFT consensus mechanism.
dBFT is an improved Byzantine fault-tolerant protocol based
on PBFT. The protocol first selects the accounting node in
the network by voting, and after the process is simplified for
the PBFT, the accounting nodes have a consensus [29]. This
consensus mechanism simplifies the process and improves
efficiency compared to PBFT, but retains all the excellent
performance of PBFT.
The choice of consensus algorithm is motivated by the
application scenario. Based on the analysis and comparison Figure 3 – Blockchain EHRs distributed in the network
of Table 1, PoW and PoS are mainly applicable to the digital
currency system. They all need to consume a certain amount
of resources and are not suitable for commercial application
services. DPoS is suitable for blockchain systems that rely
on token operations, but has poor support for blockchain
systems that operate without tokens. RPCA is currently only
available in the currency or electronic asset clearing area and
has poor support for other applications. PBFT and dBFT are
widely available for commercial applications because they
do not have an underlying token mechanism. However, on
the one hand PBFT is currently unable to dynamically add
nodes and cannot be applied to applications with large node
sizes due to complex communication processes. On the other
hand, the more nodes that join PBFT consensus, the quicker
the performance drops, as the time complexity of the PBFT
is O(n2 ) [27]. For this reason, NEO proposes an algorithm
named dBFT, which combines the characteristics of dPoS. By
voting on the blockchain, it decides the name list of consensus
nodes for next round, namely authorizing a few nodes to Figure 4 – Process of user registration and identity
reach consensus [30]. Therefore, combined with the business information validation
characteristics of EHRs application, this paper applies the the blockchain-based EHRs platform need to convert the
core consensus process of dBFT to the construction of the actual operations into a one-off transaction and attach the
EHRs platform, and realizes a special mechanism which is user information to the storage of transaction at the same
efficient and scalable. time.

4.3 Network structure


4.4.1 User registration operation
The network structure of the platform draws on the underlying
A medical institution has a large number of new patients
core code of bitcoin technology, the P2P network [21].
each year, and each patient needs an electronic medical
According to the characteristics of the P2P network, we
record. On one hand, if medical institutions are required
design a special electronic medical P2P network. In the
to collect patients’ public key information, the workload will
special structure of the designed P2P network, each node
be heavy, and easy to make mistakes. If medical institutions
in the network has the complete EHRs data replication.
are required to generate and distribute patient key pairs, the
According to the rules of the alliance chain, the nodes in
workload will also be enormous. On the other hand, if the
the blockchain network are composed of various medical
key pair comes from a medical institution, the private key of
institutions throughout the country. The user’s device does
the patient may be controlled by the medical institution. This
not need to store a huge electronic health record. Each
situation also does not meet the actual requirements from the
medical institution has equal status in the network, they have
perspective of security.
the same rights and need to assume the same obligations, as
can be seen in the overview presented in Figure 3. In user registration operation, firstly, the user need to submit
his or her personal information, then the EHRs platform will
4.4 Platform workflow generate a set of key pairs that represent his or her identity
and generate the hash value as the user’s unique identifier.
While blockchain is essentially a decentralized distributed Figure 4 shows the process of user registration and identity
database, all its data exists in the form of transactions. If users information validation.
want to store electronic health record data on the blockchain, In our proposed blockchain-based EHRs platform, the

– 187 –
2019 ITU Kaleidoscope Academic Conference

Figure 6 – Comparison result of 1000 transactions between


dBFT and PBFT
block), which is generated when the platform creates the
first medical record, the header part of each block includes
Figure 5 – Process of health record upload operation previous hash, current hash, timestamp and nonce. The
block body records a health record for a particular time.
medical institution represents an accounting node in the This structure is beneficial to researchers in tracking patients’
network. User’s key pairs and unique identifier will be chronic diseases and analyzing disease data.
generated when a patient joins the CB-EHRs platform as
a user. According to the setting of the CB-EHRs framework 5. TESTING AND EVALUATION
in this paper, a transaction is first initiated by the user, then the
user transfers the virtual asset USER_INFO with his or her 5.1 dBFT consensus test
own identity information (public key and unique identifier)
to the medical institution. In this way, the medical institution Based on the realization of the dBFT consensus, the paper
can obtain the user’s public key and unique identifier to verify compared the consensus performance of dBFT and PBFT
subsequent actions that may come from this user. under the same network conditions. This paper uses Docker
[36] virtualization technology to test the blockchain network.
Before the test, the researchers built a test environment
4.4.2 Health record upload operation
with four verification nodes in the Docker application based
According to the characteristics of digital signature on the CB-EHRs platform structure. The communication,
technology, each user in the platform is solely in charge consensus, block generation and verification of the nodes
of his or her private key. This means that each user in the block generation process are completed by the four
participates in the platform and manages his or her own verification nodes. The testing process is as follows:
health records. Whether the user performs telemedicine or First, enabled dBFT in the EHRs alliance chain with four
face-to-face consultation, the doctor needs to obtain the user’s authentication nodes. Then send 1000 and 2000 transactions
authorization (user private key encryption) before uploading to the blockchain network node in turn. Finally, after
the completed record to the database. In the CB-EHRs the network has agreed, executed and finally generated the
platform, unauthorized EHRs are separately stored in the data block, the transaction per second (TPS) of the network was
table. When an EHR is authorized by the user, the user node calculated. Each of the above transactions was repeated 50
will encrypt the EHR with the private key. The data processed times to obtain a relatively stable processing capability of
by the private key encryption is a transaction containing user the network. In the same way, the PBFT consensus module
identity information. It will be sent randomly to a medical was enabled in the EHRs alliance chain, and the transaction
facility node to start consensus. When medical institutions processing capability test was performed in the same way.
receive a transaction with user identity information, they need After collecting the test data, this paper uses a line chart to
to decrypt the encrypted transaction with the user’s public compare and analyze the two sets of test results. As shown
key. If the decrypted content can be successfully matched, in Figure 6 and Figure 7.
the transaction content is encapsulated into a new block and According to the above experimental comparison, in addition
added to the user’s blockchain in the local database. The flow to the large difference in the value of individual groups
chart of the health record upload operation is shown in Figure due to network fluctuations and transaction randomness, we
5. can conclude that the transaction processing performance of
dBFT is higher than PBFT in the two groups of experiments.
4.5 Platform database This paper used the same test method to get more data in
different networks which has a different number of the nodes.
In the database of CB-EHRs, one blockchain contains records The average value of TPS in the above experimental data is
for all users. Each block is divided into two parts: a block obtained as a stable value of network consensus performance
header and a block body. Apart from the first block (Genesis and grouped and summarized. The final result is shown in

– 188 –
ICT for Health: Networks, standards and innovation

to address some challenges faced in the EHRs platform,


the framework they adopt results in a large amount of
network resources wastage. As an intervention and an
attempt to introduce and implement blockchain technology
in electronic health records, this paper only considers some
key technologies. This research is still at its stage of
exploration and development in this domain of interest, hence
a complete system development of the proposed CB-EHRs
is still underway. The idea presented in this paper has paved
the way for future implementation targets that will promote
the utilization of EHRs across different domains, and even
beyond health care.
Figure 7 – Comparison result of 2000 transactions between
REFERENCES
dBFT and PBFT
Table 2 – Performance comparison between dBFT and PBFT [1] Avgerou C. Discourses on ICT and development[J].
Information Technologies & International
Number Development, 2010, 6(3): pp. 1-18.
dBFT / TPS PBFT / TPS
of nodes
1000 2000 1000 2000 [2] Onashoga S., Sodiya A., Akinwale A.T., Falola O.E.
4 Nodes 158.7006085 157.701429 145.9727725 145.7940789 Mining of Prevalent Ailments in a Health Database
6 Nodes 149.0378482 148.5736732 138.0394872 137.2839271 using Fp-Growth Algorithm. in International Journal
8 Nodes 133.3748567 131.4758392 121.7384793 121.1923744 of Data Engineering (IJDE). 2010, 2(2): 75-83.

Table 2. [3] Raghupathi W, Raghupathi V. Big data analytics


in healthcare: promise and potential[J]. Health
By analyzing figures 6 and 7, and Table 2, on the one hand, we
information science and systems, 2014, 2(1): 3.
conclude that the transaction processing efficiency of dBFT
is about 9% higher than that of PBFT under the same network [4] Howe J L, Adams K T, Hettinger A Z, et al. Electronic
conditions. On the other hand, as the number of nodes health record usability issues and potential contribution
increases, the performance of the two consensus mechanisms to patient harm[J]. Jama, 2018, 319(12): 1276-1278.
decreases significantly. However, the dBFT consensus used in
[5] Peckham C, Kane L, Rosensteel S. Medscape EHR
this paper uses a representative mechanism to select relevant
Report 2016: physicians rate top EHRs[J]. Medscape.
nodes. Therefore, even if there are more network nodes,
August, 2016, 25.
dBFT will select a few nodes to participate in the consensus,
in order to ensure a better performance of the consensus [6] A. Bagula, M. Mandava and H. Bagula. A Framework
mechanism. In summary, the EHRs platform designed in this for Supporting Healthcare in Rural and Isolated Areas
paper improves the performance of the consensus mechanism in Elsevier Journal of Network and Communication
to a reasonable extent by using dBFT, which is consistent with Applications, 2018.
the theoretical analysis results.
[7] M. Mandava, C. Lubamba, A. Ismail, H. Bagula and
A. Bagula, Cyber- Healthcare for Public Healthcare in
6. SUMMARY AND CONCLUSION the Developing World, in proceedings of the 2016 IEEE
Symposium on Computers and Communication (ISCC),
Blockchain technology is a new concept and theory which 27-30 June 2016, Messina-Italy, Pages 14-19, 2016.
emerged from bitcoin applications using public chain. While
various theoretical research on blockchain technology are [8] A. Bagula, C. Lubamba, M. Mandava, H. Bagula, M.
still at their stage of exploratory and development, it is Zennaro and E. Pietrosemoli “, Cloud Based Patient
undeniable that blockchain will transform the global Internet Prioritization as Service in Public Health Care, in
infrastructure and has a promising prospect. This paper Proceedings of the ITU Kaleidoscope 2016, Bangkok,
leverages blockchain technology in the electronic medical Thailand, 14-16 November, 2016.
industry, and designs a credible electronic health records
[9] M. Bagula, H. Bagula, M. Mandava, C. Kakoko and
platform based on blockchain (CB-EHRs). Our proposed
A Bagula, Cyber-healthcare Kiosks for Healthcare
CB-EHRs platform is able to address some of the problems
Support in Developing Countries, in proceedings of
which are prevalent in the traditional electronic health records
the Africomm 2018, Dakar-Senegal, November 29-30,
platform. It can help medical institutions transform their data
2018.
centers and meet the needs of user privacy protection, safe
storage and sharing of medical data. CB-EHRs also serves [10] Claude Lubamba & A. Bagula, Cyber-Healthcare
to promote telemedicine which is an inevitable requirement Cloud Computing Interoperability Using the HL7-CDA
in the current technology age. It is important to note that Standard in Proceedings of the ISCC 2017,
while existing research attempts have proposed some ways Heraklion/Crete, Grece, 03-06 July 2017.

– 189 –
2019 ITU Kaleidoscope Academic Conference

[11] Dimitrov D V. Medical internet of things and big data [25] Bartoletti M, Lande S, Podda A S. A
in healthcare[J]. Healthcare informatics research, 2016, Proof-of-Stake protocol for consensus on Bitcoin
22(3): 156-163. subchains[C]//International Conference on Financial
Cryptography and Data Security. Springer, Cham,
[12] Lo’ai A T, Mehmood R, Benkhlifa E, et al. Mobile cloud 2017: 568-584.
computing model and big data analysis for healthcare
applications[J]. IEEE Access, 2016, 4: 6171-6180. [26] Schwartz D, Youngs N, Britto A. The ripple protocol
consensus algorithm[J]. Ripple Labs Inc White Paper,
[13] Chen M, Qian Y, Chen J, et al. Privacy protection 2014, 5.
and intrusion avoidance for cloudlet-based medical data
sharing[J]. IEEE transactions on Cloud computing, [27] Castro M, Liskov B. Practical Byzantine fault
2016. tolerance[C]//OSDI. 1999, 99: 173-186.
[14] Reti S R, Feldman H J, Ross S E, et al. [28] ThePiachu’s Bitcoin Blog. Thoughts on Delegated Proof
Improving personal health records for patient-centered of Stake and Bitshares[OL].2014. http://tpbit.blogspot.
care[J]. Journal of the American Medical Informatics com/2014/08/thoughts-on-delegated-proof-of-stake.
Association, 2010, 17(2): 192-195. html
[15] Papoutsi C, Reed J E, Marston C, et al. Patient and [29] Crain T, Gramoli V, Larrea M, et al. DBFT: Efficient
public views about the security and privacy of Electronic Leaderless Byzantine Consensus and its Application
Health Records (EHRs) in the UK: results from a to Blockchains[C]//2018 IEEE 17th International
mixed methods study[J]. BMC medical informatics and Symposium on Network Computing and Applications
decision making, 2015, 15(1): 86. (NCA). IEEE, 2018: 1-8.
[16] Haas S, Wohlgemuth S, Echizen I, et al. Aspects of [30] NEO - An Open Network For Smart
privacy for electronic health records[J]. International Economy[OL].2014. https://neo.org/
journal of medical informatics, 2011, 80(2): e26-e31.
[31] Xia Q, Zhang F J, Zuo C. Review for consensus
[17] Yarmand M H, Sartipi K, Down D G. Behavior-based mechanism of cryptocurrency system[J]. Computer
access control for distributed healthcare systems[J]. Systems & Applications, 2017.
Journal of Computer Security, 2013, 21(1): 1-39.
[32] Viriyasitavat W, Hoonsopon D. Blockchain
[18] Ivan D. Moving toward a blockchain-based method for characteristics and consensus in modern business
the secure storage of patient records[C]//ONC/NIST processes[J]. Journal of Industrial Information
Use of Blockchain for Healthcare and Research Integration, 2019, 13: 32-39.
Workshop. Gaithersburg, Maryland, United States:
ONC/NIST. 2016. [33] Tasca P, Tessone C J. Taxonomy of blockchain
technologies. Principles of identification and
[19] Iansiti M, Lakhani K R. The truth about blockchain[J]. classification[J]. arXiv preprint arXiv:1708.04872,
Harvard Business Review, 2017, 95(1): 118-127. 2017.
[20] Crosby M, Pattanayak P, Verma S, et al. Blockchain [34] Gonzalez A. Unified application, user interface and
technology: Beyond bitcoin[J]. Applied Innovation, data linking: U.S. Patent Application 10/796,422[P].
2016, 2(6-10): 71. 2005-9-8.
[21] Casino F, Dasaklis T K, Patsakis C. A systematic [35] Sandhu R S, Coyne E J, Feinstein H L, et al. Role-based
literature review of blockchain-based applications: access control models[J]. Computer, 1996, 29(2):
current status, classification and open issues[J]. 38-47.
Telematics and Informatics, 2018.
[36] Anderson C. Docker [software engineering][J]. IEEE
[22] Vacca J R. Public key infrastructure: building Software, 2015, 32(3): 102-c3.
trusted applications and Web services[M]. Auerbach
Publications, 2004.
[23] Kaur R, Kaur A. Digital signature[C]//2012
International Conference on Computing Sciences.
IEEE, 2012: 295-301.
[24] Gervais A, Karame G O, Wüst K, et al.
On the security and performance of proof of
work blockchains[C]//Proceedings of the 2016 ACM
SIGSAC conference on computer and communications
security. ACM, 2016: 3-16.

– 190 –
THE GDPR TRANSFER REGIME AND MODERN TECHNOLOGIES

Melania Tudorica; Trix Mulder

Rijksuniversiteit Groningen, the Netherlands

ABSTRACT doctors and empower people by putting them in control of


their own health, in particular in low income and difficult to
Health data comes within a person’s most intimate sphere reach areas, the downside is that these technologies
[1]. It is therefore considered to be sensitive data due to the generate massive amounts of health data. Considering that
great impact it could have on a person’s life if this data health data comes within a person’s most intimate sphere, it
were freely available. Unauthorized disclosure may lead to could have a great impact on a person’s life if this data was
various forms of discrimination and violation of freely available. Risks include discrimination and violation
fundamental rights. Rapid modern technological of fundamental rights.
developments bring enormous benefits to society. However,
with this digitization, large amounts of health data are There have been many reports over the past couple of years
generated. This makes our health data vulnerable, or so of data breaches and companies (routinely) sharing
especially when transferred across borders. The new EU data. The 2018 Strava and Polar incidents immediately
General Data Protection Regulation (GDPR) legal come to mind, but also Ovia (a pregnancy tracking app)
framework provides for rights for users of modern sharing intimate information with employers and insurers
technologies (data subjects) and obligations for companies [6], Facebook having access to sensitive information [7]
(controllers and processors) with regard to the processing and many more examples of health data being
of personal data. Chapter V of the GDPR protects personal compromised by the use of modern technologies [8]. Our
data that are transferred to third countries, outside the EU. health data is particularly vulnerable if it is processed
The term ‘transfer’ itself, however, is not defined by the outside the protected sphere of a medical environment
GDPR. This paper examines whether transfer within the where health data is processed by professionals who are
meaning of the GDPR applies to health data processed by under the obligation of medical confidentiality. The health
modern technologies and if the complexity of the GDPR data that is processed by these modern technologies is, most
legal framework as such sufficiently reflects reality and of the time, processed by commercial companies who are
protects health data that moves across borders, in generally unclear about their processing activities and with
particular to jurisdictions outside the EU. whom they share the collected data [9].

Keywords – Data protection, health data, transfer, transit Legally a lot can be said about modern technologies, their
use, privacy risks, infringements of rights, etc. This paper
1. INTRODUCTION focusses specifically on transfer and modern technologies.
Inherent to the nature of these technologies is that data is
In our rapidly evolving digital world, people use various not bound by borders. Users of modern technologies may
modern technologies to track and measure their health and be located anywhere in the world and data may move
fitness. Modern technologies such as mobile applications across the globe while being processed by companies
and wearables (including watches, bracelets and smart established anywhere in the world. One of the main
fashion) are used to get into shape, keep fit, lose weight, challenges of the borderless nature of data processing is that
reduce stress, manage mental health disorders, test and it is difficult to track the data and as a consequence difficult
diagnose for specific diseases such as malaria, help with to determine jurisdiction, which may lead to difficulties in
family planning and ovulation tracking, etc. The data subjects exercising rights in cases of infringements.
technologies enable people to monitor their own health and
fitness by entering personal health data and using (pressure) Within the European Union (EU) data is protected by the
sensing technologies which measure vital signs (such as General Data Protection Regulation (GDPR) [10]. The
heartrate) and track progress (such as counting steps) [2]. GDPR protects data, among other things, when it is
New health technologies are a key area of 21 st century transferred across borders. This research aims to answer
knowledge societies and economies, offering potential for how the GDPR transfer regime applies to data processing
growth and economic development [3]. It is one of the by modern technologies, if at all, and whether the GDPR
largest growing global markets. According to a recent legal framework as such offers sufficient protection. When
article, there are more than 300 000 health related mobile using modern technologies, the data is collected by a device
device applications [4]. While the use of these technologies (such as a smartphone or wearable) by using applications
may bring benefits to society as they reduce the burden on developed by commercial companies. The applications

978-92-61-28401-5/CFP1968P-ART @ ITU 2019 – 191 – Kaleidoscope


2019 ITU Kaleidoscope Academic Conference

‘send’ the data to the servers of the company which owns European Commission, the Article 29 Working Party (now
the app and which then processes the data. What exactly the European Data Protection Board [16]) clarified the
happens technically behind the scenes is unclear. It is scope of the definition of data concerning health in relation
therefore unclear whether ‘sending’ data between the to lifestyle and wellbeing apps and provides criteria to
device and the server of a company can be seen as a determine when data processed by such apps and devices is
transfer within the meaning of the GDPR and whether the health data [17]. According to the Article 29 Working Party,
GDPR transfer regime applies to processing by modern personal data is health data when (1) the data is clearly
technologies. medical data, (2) the data is raw sensor data that can be
used in itself or in combination with other data to draw a
This research argues that the complexity of the GDPR legal conclusion about the actual health status or health risk of a
framework does not offer sufficient protection against person or (3) conclusions are drawn about a person’s health
processing by modern technologies. By taking a technical, status or health risk [18]. This means that, in general, data
behind the scenes perspective and looking at whether the is health data when it is used or can be used to draw
(technical) process of ‘sending’ data from a user’s device to conclusions about a person’s health. However, the Article
the server of a company can be seen as a transfer within the 29 Working Party also acknowledges that in some cases the
meaning of the GDPR, we argue that this process is a mere raw data itself is considered to be health data. It also
transit of data where the device functions only as a tool for acknowledges that presumably simple facts about
the companies to collect data [11]. In coming to this individuals, such as IQ, wearing glasses or lenses, smoking
conclusion, this article first needs to establish what the legal and drinking habits, membership of patient support groups,
basis for processing health data by modern technologies is. etc. are considered to be health data. In our view, the mere
We then look at the technical process used by modern fact that a person uses an app, for example to help quit
technologies and whether the GDPR transfer regime applies smoking or to count calories already says a lot about a
to this process in order to conclude whether the legal basis person. Whether or not true, the conclusion can be drawn
and the GDPR legal framework offer sufficient protection that the person is a smoker or may be obese and that he or
to processing by modern technologies. she may have health issues (such as lung or heart problems)
because of this. The mere fact that a person uses a health
2. LEGAL BASIS FOR PROCESSING HEALTH app already can say a lot about their health, and even more
DATA BY MODERN TECHNOLOGIES so when the data is combined with other health information
about a person. For example, an employer or insurer buying
The GDPR provides rules for the protection of personal health data and combining it with the information already
data and free movement of such data in order to protect the on record not only violates privacy but can also
fundamental rights and freedoms of persons. It applies to discriminate against their employee or the insured. This
the processing of personal data of data subjects who are in could lead to increases in insurance fees, rejection of
the EU, regardless of where the controller or processor are insurance and perhaps even in unemployment. Data
established [12]. This means that the GDPR applies to any generated by modern technologies which can conclude
company around the globe processing data of data subjects something about a person’s health in the broadest sense can
who are in the EU if the processing activities relate to therefore generally be seen as health data.
offering goods or services to data subjects or monitoring the
behavior of data subjects. As such, the GDPR aims at Health data has had a long history of being seen as a special
offering a similar level of protection for EU citizens category of data, also referred to as sensitive data, that
regardless of where the data is being processed [13]. This is requires additional protection. As such, Article 9 of the
particularly important when health data is being processed GDPR prohibits the processing of health data unless there is
by commercial companies who are not under any obligation a legal basis to do so. If there is no legal basis for
of professional secrecy. In previous research we have processing, the processing is considered to be unlawful.
established that many companies deny or at least do not According to the GDPR, explicit consent given by the data
mention the fact that they process health data while in fact subject is the legal basis for processing health data by
they are [14]. modern technologies [20, 21]. The GDPR thus allows
processing of personal health data by companies when a
While we use the more overarching term health data, data subject explicitly consents. Consent of the data subject
Article 4 (15) of the General Data Protection Regulation within the meaning of the GDPR means a clear affirmative
(GDPR) refers to it as ‘data concerning health’ and defines act establishing at least the freely given, informed
it as: indication that the data subject agrees to the processing of
his or her personal data [22]. Consent can also be given by
Personal data related to the physical or mental health of a electronic means, for example by ticking a box when
natural person, including the provision of healthcare visiting a website, choosing certain technical settings or any
services which reveal information about health status [15]. other statement or conduct which clearly indicates in this
context the data subject’s acceptance of the proposed
This is a very broad definition: any information which can processing. Pre-ticked boxes or inactivity by the data
reveal something about a person’s (mental) health is subject do not constitute consent [23]. The request for
considered to be health data. In the annex to its letter to the consent has to be clear, concise, not unnecessarily

– 192 –
ICT for Health: Networks, standards and innovation

disruptive and needs to be presented in a clearly These modern technologies, such as mobile applications
distinguishable form, meaning that it may not be buried and wearables process large amounts of personal (health)
within the fine print of a privacy policy or contract [24]. data. The technologies make it possible to continuously
monitor the user. Most people carry their mobile phone
While at first sight it looks as if the GDPR offers sufficient with them during the day and wearables made tracking even
protection against the processing of health data, the easier. A smart watch or smart glasses for example allow
practical reality is quite different. Previous research has users to track their health and fitness with objects which are
shown that companies offering health apps are by no means easy to carry. While making life and health easy for users,
transparent about their processing activities and whom they large amounts of health data become available to
share the data with [25]. While data subjects to some degree commercial companies who are by no means under any
consent to data processing, some health apps do not even obligation of professional secrecy and what happens behind
recognize the fact that they process health data, resulting in the scenes of these technologies is unknown to many. When
a lack of legal basis. As a result of this, risks of violation of unravelling what happens, behind the scenes, to the data we
rights and freedoms remain, as well as physical and stumbled upon 2 major ways that the technologies function
practical challenges related to the use of modern that are relevant for this article. Many health apps and
technologies to process health data, such as jurisdiction and wearables by default:
exercise of rights.
1. collect data via an app and store it on the device
3. BEHIND THE SCENES OF MODERN itself until the user actively choses to send the data
TECHNOLOGIES to a cloud or server;
2. collect data via an app and store it on a (cloud)
Processing personal data according to the GDPR includes server. In this case the data exists outside of the
‘collection, recording, organization, structuring, storage, app and is accessible to the developer, i.e. the
adaptation or alteration, retrieval, consultation, use, device is used as a tool to collect data, the data can
disclosure by transmission, dissemination or otherwise be seen separately from the app considering that it
making available, alignment or combination, restriction, exists even if the app is deleted.
erasure or destruction’ of data [26]. This very broad
definition means that basically any action performed on If we picture a user in the first situation and we take the
personal data is processing. The one word that is missing example of an app that counts how many steps someone
from the definition is transfer of data. What is however takes during the day, the app counts the steps and stores the
mentioned by the definition in Article 4 (2) GDPR is that data on the device itself by default. The data is stored on the
processing also includes disclosing the data by transmission device for as long as the user does not delete the data or
and dissemination or otherwise making it available. While chooses to store the data somewhere else, for example
it is interesting that transfer is not included in the definition when the storage space of the device is full. In other words,
for processing, disclosing and making data available can be the collected data remain on the user’s device until the user
seen as transfer of data. actively decides to store the data elsewhere, outside of the
app or wearable.
Transfer has an important role in the GDPR. While the free
flow of information has always been promoted by data More importantly for this research is however the second
protection legal frameworks, the major concern was that situation, where data is collected by an app or wearable
data protection legislation could be circumvented by which does not intend to store it on the device. Instead, by
moving processing operations to countries with no or less default, the data is sent to and stored on the (cloud) server
strict data protection laws [27]. European data protection of the app company. Sending the data requires an active
legal frameworks have therefore always been cautious connection between the device and the (cloud) server. If
about transferring data to third countries who are not part of this connection is unavailable, the data is most likely stored
the legal regime. In order to prevent data from being on the device until the connection is available.
transferred to ‘data havens’, the principle of equivalent
protection was introduced, meaning that there should be no There is a significant legal difference between the two
restrictions on transborder data flows to states with legal situations. In the first situation the app is closely related to
regimes which ensure data protection equivalent to data the data and therefore to the user, it is merely a means to an
protection offered by the GDPR. Chapter V of the GDPR is end. In the second situation, the purpose of the app or
dedicated to transfers of personal data to third countries or wearable is mainly to generate data. The device is not used
international organisations. Modern technologies process for storage or not meant to be used for storage. As soon as
data electronically, making it easy to transfer data across an active connection is available, the data is sent to the
the globe. The data can be sent from one actor to another or designated (cloud) server. In this regard, we can make an
made accessible to more than one actor in a blink of an eye. analogy with streaming data. The user might have the app
Modern technologies thus impact the way that personal on their mobile phone or wearable, but the data exists
health data can be collected. separately, outside this app. For example, when watching a
YouTube video, the app is solely used to stream the data
available on the YouTube server. While health apps and

– 193 –
2019 ITU Kaleidoscope Academic Conference

wearables are more of a two-way-street considering that information. Unfortunately, there is not a lot of case law in
they can also generate data, the basic concept and this regard to help further clarify the matter. If one of the
comparison to YouTube streaming is the same. factors determining what transfer is includes the technical
nature by which it takes place, the question that arises is
Processing health data in a way where data is collected by what technical circumstances can facilitate transfer. Council
an app or wearable and sent to a (cloud) server for (further) of Europe Convention 108 for the protection of individuals
processing still leaves the question whether sending the with regard to automatic processing of personal data [31]
data can be seen as a transfer within the meaning of the provides some insight in this regard.
GDPR and is as such protected or whether the device
functions merely as a tool for the companies to collect data Convention 108 includes a chapter on transborder data
where sending the data can be seen as a mere transit of data flows and determines that the provisions apply to the
[28]. The concept of ‘transfer’ will therefore be discussed transfer across national borders by whatever medium [32].
in the next paragraph. It is aimed at the free flow of information, regardless of
frontiers, taking into account the wide variety of factors
4. THE NOTION OF TRANSFER determining the way in which data is transferred. These
factors include: the mode of representation of the data, their
The GDPR aims at offering a similar level of data storage medium, way of transport, interface, the circuit
protection, regardless of where in the world data of data followed and the relations between the sender and recipient
subjects who are in the EU is being processed. Therefore, [33]. According to the explanatory memorandum the way of
Chapter V of the GDPR includes provisions on transfers of transport includes physical transport, mail, and circuit-
personal data to third countries. This section provides rules switched or packet-switched telecommunications links. The
in order to ensure data protection equivalent to the GDPR, interface, i.e. the point where two systems interact, can be,
meaning that data may only be transferred to third countries among other things, computer to terminal, computer to
outside the EU if the conditions of the GDPR are met. In computer, and manual to computer. The circuit followed
short, this means that there needs to be: 1) an adequacy can be direct from the country of origin to the country of
decision (such as the EU-U.S. Privacy Shield) or 2) destination or via one or more countries of transit [34]. The
appropriate safeguards or 3) that the data subject has given explanatory report to the Modernized Convention provides
explicit consent for data processing in the third country. some more clarity in determining that transborder data
With emerging modern technologies, where data may be transfers occur when personal data is disclosed or made
processed anywhere in the world, it is of the utmost available to a recipient subject to the jurisdiction of another
importance to protect the data, in particular health data. In state or international organization. According to Article 2 (e)
order to establish whether sending data, from the app or of the Convention a recipient is ‘a natural or legal person,
wearable onto the (cloud) server of a company for the public authority, service, agency or any other body to
purpose of being processed by that company, can be seen as whom data are disclosed or made available. The GDPR
a transfer within the meaning of the GDPR, it is important definition of recipient is almost the same, determining that
to establish what transfer exactly is in order to determine recipient means a natural or legal person, public authority,
whether or not it falls under Chapter V GDPR and agency or another body, to which the personal data are
consequently whether or not health data in this regard is disclosed, whether a third party or not’ [35]. The recipient
sufficiently protected. In literature transfer is described as thus receives the data or is given access to the data and can
to occur as a part of networked series of processes made to be a controller or a processor [36].
deliver a business result [29].
When it comes to moving data, there are two main ways to
The GDPR is, however, unclear about what transfer is and technically do this, namely by exchanging or sharing data.
does not provide a definition. What is clear is that it is a According to Doan et al. data exchange is the process of
process where data moves between different actors. taking data that is structured within the source database
According to the European Data Protection Supervisor system and transforming it into data structured under a
(EDPS) in its position paper on transfer to third countries target database system [37]. In other words, the data is
and international organizations by EU institutions and transformed so that it becomes compatible with other
bodies, the lack of a definition leads to the assumption that systems which receive an accurate representation of the
the term needs to be used in its natural meaning. As such source data. Exchange thus allows data to be shared
transfer means that data ‘moves’ between different users. between systems and programs. The introductory report for
However, as the EDPS also concludes, this is not always updating Recommendation No. R (97) 5 defines exchange
straight forward. According to the Court of Justice of the as the communication of information to (a) clearly
European Union (CJEU) in the Lindqvist case, it is identified recipient(s) by a known transmitter (such as
necessary to take account of both the technical nature of the secured e-mailing) [38]. When health data is exchanged,
operations carried out and of the purpose and structure of the data is sent from A to B using a transmitter. This can be
the provisions on transfer in EU legislation [30]. Taking an e-mail or other way of sending the data so that it can be
into account the technical nature of processing operations, read and used by B. Figure 1 below shows this process. In
transfer, as such entails, among other things, the this case, A is the original controller of the health data and
automatically or intentionally sending or accessing of

– 194 –
ICT for Health: Networks, standards and innovation

B becomes the new controller of the data and will build on • Transfer has a natural meaning, i.e. data moves
the received data for their own purpose. between users.
• Transfer may be the exchange or sharing of data.
• Data movement takes place by whatever medium.
• Data is disclosed or made available to a recipient.
Exchange

5. TRANSFER OR TRANSIT?

A B When applying the notion of transfer to our case, where


health data is being processed by commercial companies by
modern technologies and the data is sent from the user’s
Via transmitter
device to the (cloud) server of the company, sending this
data can be seen as movement, even as an exchange of data
Figure 1 – Exchange between the user and the company, which takes place
automatically and electronically. However, the GDPR
Data sharing on the other hand is making data available to applies to the processing of personal data of data subjects
others through a variety of mechanisms [39]. According to who are in the EU by a controller or processor regardless of
the introductory report for updating Recommendation No. whether the controller or processor is established in the EU.
R (97) 5 sharing is making information accessible to third The actors in this case are the data subject who is the user
parties not necessarily identified at the time of the pooling of the app or wearable and the controller which is the
and according to a principle of permissions (such as shared company processing the data by modern technologies. The
electronic medical records) [40]. Figure 2 below shows data subject does not determine the purpose and means and
how, in a sharing system, various recipients (A – H) can cannot be the controller of the data. Taking into account
access the data for the purpose processing it. A – H are not that the data exists separately from, i.e. outside the app, it is
necessarily known at the time of pooling and need not the data subject who (actively) transfers the data to the
permission to access the data. company. The company as the controller cannot be both the
controller of the data and the recipient to whom the data is
Sharing disclosed. While sending the data may be seen as
A movement of data which can be a transfer of data, it
remains difficult to classify processing by modern
H B technologies as transfer of data. Consequentially, two
questions arise. The first question is: if it is not a transfer of
data, what is it then?

The Article 29 Working Party in its 2010 opinion on


G Data C
applicable law [41] mentions transit through EU territory,
for example by way of telecommunication networks or
postal services which ensure that communications are
reached in third countries. While the context is slightly
F D different, in our view the analogy can be made with modern
technologies. When data is processed by modern
E
technologies, the processing may take place anywhere in
the world. For the data to reach the (cloud) server, a transit
Figure 2 – Sharing from the device to the server is necessary. Like an envelope
containing data sent by post to a company outside the EU
Both sharing and exchange of data are thus commanded by where it will undergo processing, a transit is required for
interoperable data processing systems and by common the data to reach its destination. The data is simply being
reference frameworks [40]. This allows health data to be passed on and not being processed along the way [42]. In
moved or to be made accessible to a variety of actors. this case sending the data from the user’s device to the
Considering that transfer can be automatically or (cloud) server of a company where it will undergo
intentionally sending information or making it accessible to processing can be seen as a mere transit of data and cannot
a recipient by whatever medium, transfer can be both be classified as transfer within the meaning of the GDPR.
exchange and sharing of data. While exchange and sharing The device on which the app is installed is a mere tool for
describe different ways of moving health data, both ways companies to collect the data, which does not exist on the
are a transfer of data. Taking the above-mentioned into device, but on a (cloud) server owned by the company,
account, the following conclusions can be drawn about which can be located anywhere in the world.
transfer:
The second question is: if it is not transfer and the GDPR
• Transfer does not have a legal meaning. rules on transfer do not apply, is processing of health data
by modern technologies sufficiently protected? Previous

– 195 –
2019 ITU Kaleidoscope Academic Conference

research [43] has shown that there is a gap between the And even if they were to read them, they might not
GDPR and practical reality. There is a general lack of understand the meaning or the risks involved. As such,
transparency from commercial companies about their people do not know what they are consenting to. Therefore,
processing activities, their purposes for processing, the combining the fact that commercial companies are
quantity of health data processed, the location of storage generally not transparent enough about their processing
and recipients the data is shared with. In particular, the activities with the fact that users generally do not know
sharing of data is of a great concern as the data is collected what they are consenting to, results in a weak legal basis.
and shared with actors who are by no means under any As a consequence, violations take place more frequently
obligation of professional secrecy and who sell the data to than we would wish.
the highest bidder which may lead to various forms of
discrimination, violation of fundamental rights and As such, the complexity of the GDPR legal framework does
difficulties with exercising rights in case of infringements. not offer sufficient protection against data processing by
This is even more concerning considering that people modern technologies and commercial companies are not
generally do not inform themselves before giving away taking sufficient responsibility when processing health data.
their data and/ or choose convenience over privacy. It is the Perhaps the solution lies in prohibiting the use of health
responsibility of companies to protect their users’ privacy; data in certain situations as suggested by Frank Pasquale
however, unfortunately they often fail to do so. Consent as [44]. A stricter approach, i.e. prohibiting the use of health
a legal basis for processing health data by modern data in certain situations, would at least be an incentive for
technologies is therefore not enough. As a result of this, the companies not to violate the privacy of a person’s most
complexity of the GDPR legal framework does not offer intimate sphere. This approach will require further research
sufficient protection for processing of health data by on how to limit processing health data by modern
modern technologies. technologies. The situations where it might be limited or
prohibited would have to be defined. It is, however, our
6. CONCLUSION opinion that we need another way of looking at health data
processed by modern technologies that would be beneficial
The multitude of modern technologies that are available to all parties and still protects rights and freedoms.
today process large amounts of health data. When
processing data, controllers and processors need to abide by REFERENCES
the GDPR, which requires that there needs to be a legal
basis for processing. Commercial companies therefore need [1] Council of Europe, Explanatory memorandum to
to request the users of their modern technologies for Recommendation No. R (81) 1 of the Committee of
consent before being allowed to process health data. On Ministers to member states on regulations for
many occasions, these companies collect data via an app automated medical data banks [1981], para. 6.
and store it on a (cloud) server where it is being processed.
The device is used as a tool to collect data and the data can [2] B. Millington, ‘Smartphone Apps and the Mobile
be seen separately from the app considering that it exists Privatization of Health and Fitness’, Critical Studies
outside of the app (even if the app is deleted) where it is in Media Communication, v31 n5, December 2014,
accessible to the company. Taking into consideration that p. 479-493.
the data exists outside the app and that the data subject
cannot be the controller of his or her own data, the transfer [3] M. L. Flear et al., European Law and New Health
regime of the GDPR does not apply when the data is being Technologies, Oxford: University Press, 2013, p. 1.
sent from the device to the (cloud) server. This process is a
mere transit of data. [4] Editorial, An app a day is only a framework away,
Elsevier, The Lancet Digital Health, Volume 1,
Considering that the GDPR transfer regime does not apply, Issue 2, June 2019, Page e45, available at
the question is whether consent as a legal basis is enough. https://www.sciencedirect.com/science/article/pii/S2
While the GDPR applies to the processing of the data of 589750019300317.
data subjects who are in the EU, regardless of where the
controller or processor is established, the reality remains [5] See for example:
that it is more difficult to track data processed by modern https://www.theguardian.com/world/2018/jan/28/fitn
technologies, i.e. where it is stored and with whom is it ess-tracking-app-gives-away-location-of-secret-us-
shared, which may result in discrimination and violation of army-bases and https://decorrespondent.nl/8480/this-
rights. There is a general lack in transparency from fitness-app-lets-anyone-find-names-and-addresses-
companies as regards to their processing operations. for-thousands-of-soldiers-and-secret-
Furthermore, informing people via privacy policies of agents/260810880-cc840165.
modern technologies does not offer sufficient protection
considering that most people do not actually read them [45].

– 196 –
ICT for Health: Networks, standards and innovation

[6] See for example: [17] Article 29 Data Protection Working Party, Letter to
https://www.washingtonpost.com/technology/2019/0 Mr. Timmens and Annex – health data in apps and
4/10/tracking-your-pregnancy-an-app-may-be-more- devices, 2015, available at:
public-than-you- https://ec.europa.eu/justice/article-
think/?noredirect=on&utm_term=.7f91beb5e812. 29/documentation/other-
document/files/2015/20150205_letter_art29wp_ec_h
[7] See for example: https://www.wsj.com/articles/you- ealth_data_after_plenary_en.pdf and
give-apps-sensitive-personal-information-then-they- https://ec.europa.eu/justice/article-
tell-facebook-11550851636?mod=e2tw and 29/documentation/other-
https://www.theguardian.com/technology/2017/may/ document/files/2015/20150205_letter_art29wp_ec_h
01/facebook-advertising-data-insecure-teens>. ealth_data_after_plenary_annex_en.pdf.

[8] See: https://theoutline.com/post/7039/there-is-a- [18] Article 29 Working Party (A29WP), Annex by letter
reason-apps-make-it-so-fun-to-track-your-health. – health data in apps and device, 2015 p. 5.

[9] T. Mulder, M. Tudorica, Privacy policies, cross- [19] According to Article 5 (1, a) GDPR.
border health data and the GDPR, Information &
Communications Technology Law (2019) 28,3. [20] Article 9 (2,a) GDPR.

[10] Regulation (EU) 2016/679 of the European [21] Article 6 (a) GDPR.
Parliament and of the Council of 27 April 2016 on
the protection of natural persons with regard to the [22] Article 4 (11) GDPR.
processing of personal data and on the free
movement of such data, and repealing Directive [23] Recital 32 GDPR. See also L. Golba, ‘Consent for
95/46/EC (General Data Protection Regulation) Personal Data Processing in Digital Environment
[2016] OJ L 119/1. According to GDPR’, Annuals of the Administration
and Law, no. 17 (2), p. 253-265.
[11] See for example: The concept of ‘transfer’ of data
under European data protection law – in the context [24] Article 7 (1) GDPR.
of transborder data flows, Faculty of Law –
University of Oslo, 01-12-2015, available at: [25] See for example:
https://www.duo.uio.no/bitstream/handle/10852/497 https://www.theguardian.com/technology/appsblog/
22/8026_The-concept-of-transfer-of-data-under- 2013/sep/03/fitness-health-apps-sharing-data-
European-data-protection-law---In-the-context-of- insurance; T. Mulder, ‘Health Apps, their Privacy
transborder-data- Policies and the GDPR’, European Journal of Law
flows.pdf?sequence=1&isAllowed=y. and Technology, (10) 1 (2019).

[12] Articles 2 and 3 GDPR. [26] Article 4 (2) GDPR.

[13] N. Dasko, ‘The General Data Protection Regulation [27] Council of Europe, “Explanatory report to the
(GDPR) – A Revolution Coming of European Data Convention for the protection of individuals with
Protection Laws in 2018. What’s New for Ordinary regard to automatic processing of personal data”
Citizens?’, Comparative Law Review, p. 128, (ETS No 108), para. 9.
available at:
http:h//tdtpx:./d/odix.o.drgo/i.1o0rg.g1/21707.152/7 [28] See for example: The concept of ‘transfer’ of data
C77L7R5./2C0L1R7.2.00156. under European data protection law – in the context
of transborder data flows, Faculty of Law –
[14] T. Mulder, M. Tudorica, Privacy policies, cross- University of Oslo, 01-12-2015, available at:
border health data and the GDPR, Information & https://www.duo.uio.no/bitstream/handle/10852/497
Communications Technology Law (2019) 28,3. 22/8026_The-concept-of-transfer-of-data-under-
European-data-protection-law---In-the-context-of-
[15] Article 4 (15) GDRP. transborder-data-
flows.pdf?sequence=1&isAllowed=y.
[16] The EDPB is the independent European advisory
body on data protection. [29] P.M. Schwartz, ‘Managing Global Data Privacy’
(2009) Privacy Projects, p. 4.

– 197 –
2019 ITU Kaleidoscope Academic Conference

[30] Case C-101/01 Criminal proceedings against Bodil [39] C. Cava et al., Bioinformatics clouds for high-
Lindqvist [2015] ECLI:EU:C:2003:596. In the throughput technologies, in: Handbook of research
Lindqvist case one of the question was whether there on cloud infrastructures for big data analytics, 2014,
was ‘transfer of data’ when personal data is loaded p. 489 – 507.
onto an Internet page which is stored on an Internet
site on which the page can be consulted, thereby [40] J. Bossi Malafosse et. al., Introductory report for
making the data accessible to anyone who connects updating recommendation R (97) 5 of the Council of
to the Internet, including people in a third country. Europe on the protection of medical data, 2015, T-
As regards the technical nature of the operations, the PD (2015)07, available at
Court concluded that the Internet pages in question https://rm.coe.int/introductory-report-for-updating-
did not contain the technical means to send recommendation-r-97-5-of-the-council-
information automatically to people who did not /168073510c.
intentionally seek access to those pages. Internet
users would have to connect to the Internet and [41] Article 29 Data Protection Working Party, Opinion
personally carry out the necessary actions to consult 8/2010 on applicable law, WP179, p. 23, available
those pages. As such, the data was not directly at: https://ec.europa.eu/justice/article-
transferred between the person uploading the 29/documentation/opinion-
information to the website and persons entering the recommendation/files/2010/wp179_en.pdf.
website. The CJEU refers to the provisions on
transfer in Chapter IV of Directive 95/46/EC, which [42] The concept of ‘transfer’ of data under European
has been replaced by Chapter V of the GDPR. data protection law – in the context of transborder
data flows, Faculty of Law – University of Oslo, 01-
[31] Convention for the protection of individuals with 12-2015, available at:
regard to automatic processing of personal data https://www.duo.uio.no/bitstream/handle/10852/497
[1981] ETS No. 108. 22/8026_The-concept-of-transfer-of-data-under-
European-data-protection-law---In-the-context-of-
[32] Convention for the protection of individuals with transborder-data-
regard to automatic processing of personal data flows.pdf?sequence=1&isAllowed=y.
[1981] ETS No. 108, Article 12.
[43] T. Mulder, M. Tudorica, Privacy policies, cross-
[33] Council of Europe, “Explanatory report to the border health data and the GDPR, Information &
Convention for the protection of individuals with Communications Technology Law (2019) 28,3.
regard to automatic processing of personal data”
(ETS No 108), para. 62, 63. [44] F. Pasquale, ‘Redescribing Health Privacy: the
Importance of Information Policy’ (2014) 103
[34] Council of Europe, “Explanatory report to the HJHLP 127.
Convention for the protection of individuals with
regard to automatic processing of personal data” [45] See for example: A M McDonald and L F Cranor,
(ETS No 108), para. 63. ‘The Cost of Reading Privacy Policies’ (2008) 4 A
Journal of Law and Policy for the Information
[35] Article 4 (9) GDPR. Society 543; F Schaub and os, ‘Designing Effective
Privacy Notices and Controls’ (2017) 99 IEEE
[36] Council of Europe, “Explanatory report to the Internet Computing 70.
Protocol amending the Convention for the protection
of individuals with regard to automatic processing of
personal data” (ETS No 223), para. 23.

[37] Doan, A., Halevy, A, Ives, Z., Principles of data


integration, Elsevier: Morgan Kaufman, 2012, p.
276.

[38] J. Bossi Malafosse et. al., Introductory report for


updating recommendation R (97) 5 of the Council of
Europe on the protection of medical data, 2015, T-
PD(2015)07, available at:
https://rm.coe.int/introductory-report-for-updating-
recommendation-r-97-5-of-the-council-
/168073510c.

– 198 –
ABSTRACTS
Session 1: ICT infrastructure for healthcare1
S1.1 5G-enabled health systems: Solutions, challenges and future research trends
Di Zhang and Teng Zhang, Zhengzhou University, China; Yunkai Zhai, Zhengzhou University
and National Engineering Laboratory for Internet Medical Systems and Applications, China;
Joel J.P.C. Rodrigues, Federal University of Piauí, Brazil and Instituto de Telecomunicações,
Portugal; Dalong Zhang, Zhengzhou University, China; Zheng Wen, Keping Yu and Takuro
Sato, Waseda University, Japan

In the literature, Information communication technology (ICT)-assisted health systems have


been intensively discussed. However, it has seldom become a reality. This is mainly due to the
current wireless technologies’ limited transmission rate, few connected devices and high
latency. On the contrary, the fifth generation (5G) wireless communications can connect more
devices, provide faster transmission rates and a lower latency. In this article, we first introduce
the 5G-enabled health systems and our specific implementation in the first affiliated hospital of
Zhengzhou University (FAHZZU). Afterwards, the potential challenges and future research
trends on demonstrating the 5G-enabled health systems are discussed.
S1.2 Community healthcare mesh network engineering in white space frequencies
Hope Mauwa, University of Mpumalanga, South Africa; Antoine Bagula and Emmanuel
Tuyishimire, University of the Western Cape, South Africa; and Tembisa Ngqondi, University
of Mpumalanga, South Africa

The transition from analog to digital television has availed new spectrum called white space,
which can be used to boost the capacity of wireless networks on an opportunistic basis. One
sector in which there is a need to use white space frequencies is the healthcare sector because
of existent protocols which are using it and the white space frequency is not as crowded as Wi-
Fi. However, design simulations of wireless communication networks in white space
frequencies have revealed dense network topology because of better signal propagation and
penetration properties of white space frequencies. Consequently, communication networks
designed in white space frequencies will require topology reduction for better communication
and routing. Therefore, this paper proposes a link-based topology reduction algorithm to reduce
a dense mesh network topology designed in white space frequencies into a sparse mesh
network topology. The paper also proposes a network optimization function to introduce a
hierarchical backbone-based network topology from the sparse network topology for better
scalability. Performance evaluation on the proposed designs show that the designs can guide
network engineers to select the most relevant performance metrics during a network feasibility
study in white space frequencies, aimed at guiding the implementation process.

1
Papers marked with an “*” were nominated for the three best paper awards.

– 201 –
S1.3 Exploration of the non-intrusive optical intervention therapy based on the indoor smart lighting
facility
Jian Song, Xiaofei Wang, Hongming Zhang and Changyong Pan, Tsinghua University, China
Light, originally the natural light, is one of the important contributing factors to the creation of
life on earth, the evolution of human beings and the development of civilization. With the
emergence of electric light sources, more specifically the LED lighting lamps which are now
being utilized all over the world, the concept of Internet of light (IoL) using the existing LED
illumination network with the combination of ICT technologies was created. It has become
popular recently and is now widely believed to have a long-lasting impact. IoL not only
improves the lighting efficiency, indoor lighting comfort level and other value-added services,
but also provides the possibilities for regulating human physiological rhythm, especially for the
alleviation of degenerative neurological diseases, even for the treatment and service of healthy
lighting in a non-intrusive way. This paper first introduces the concept and the system structure
of IoL, and then gives the preliminary results and considerations on how this integrated
platform can be utilized to carry the life sciences research and potentially the future
applications for the wellness of senior people. More work could be conducted and it would be
quite necessary to take into consideration standardization from the perspectives of
communication, Internet of things applications, and non-intrusive optical intervention therapy.
S1.4 Access technologies for medical IoT systems
Junaid Ahmed Siddiquee, Ericsson, India

ICT technologies are evolving and advances in the technologies hold promise for applications
in diverse domains such as healthcare. Along with the development of access technologies,
rapid advances are also taking place in related areas, machine learning, artificial intelligence,
cloud computing, and big data. Availing healthcare in the developing countries is costly, time-
consuming and, for populations located in remote areas, it also means adding in the cost of
travel to nearby towns and cities where expert healthcare facilities are normally available.
Leveraging ICT technologies, IoT systems for healthcare can bring affordable and quality
healthcare to the population through e-health and m-health applications. The role of ICT
technologies is paramount to the success of IoT applications for healthcare. Two such ICT
access standards are the 3GPP-based 5G technology and IEEE-based Wi-Fi 6. However,
challenges exist in the ecosystem that inhibit the realization of the full potential of these
technologies. Based on current and future requirements, the paper proposes a model
incorporating key factors impacting an IoT communication system and comes up with a set of
recommendations to harness the Internet of things for healthcare.

Session 2: Medical ICT


S2.1 Module structure for foot prosthetic and interface standardization*
Yoshitoshi Murata, Iwate Prefectural University, Japan; and Tomoki Yamato, DOCOMO
Technology, Inc., Japan

Several million people around the world live with limb loss. Prosthetics are useful to improve
their quality of life, and some powered prosthetics enable them to walk naturally. However, most
are too expensive for most amputees to afford. We propose a module structure for a foot
prosthetic and standardized interfaces between modules to lower the price of powered ones. The
prosthetic is battery-powered and controlled by data from sensors built into the heel of a shoe for
a healthy foot. Some modules can be applied to people with walking disabilities. Such
standardization can lower the price of such modules, and many amputees and people with
walking disabilities, such as hemiplegia, can easily afford them, which can help improve their
quality of life.

– 202 –
S2.2 Development of hearing technology with personalized safe listening features
Shayan Gupta, Carnegie Mellon University & Audition Technology, LLC, United States; Xuan
Xu, Hongfu Liu, Jacqueline Zhang; Joshua N Bas and Shawn K. Kelly, Carnegie Mellon
University, United States
Noise induced hearing loss (NIHL) is a growing public health concern in the US and globally
due to the emergence of lifestyle preferences and environmental exposures to sound levels
exceeding safe listening limits for extended periods of time. Issuance of the ITU guidelines for
safe listening devices/systems (ITU-T H.870) leading to the 2019 WHO-ITU standard, along
with existing US federal and military standards, provide a framework for developing an
accessible tool for promoting safe listening. Our proposed Hearing Health app, is being
developed for an aggregated assessment of a user's daily sound exposure, through the audio
system and the environment (occupation and beyond) by integrating WHO-ITU and US safe
listening standards, providing real-time alerts, user-centric recommendations and education that
can be integrated into user lifestyles, representing a wide demographic including young adult,
adult, civilian and military populations. The overall goal of the app will be to increase NIHL
awareness and facilitate improvement of user's listening behaviors.

Session 3: Medical IoT


S3.1 Facilitating healthcare IoT standardization with open source: A case study on OCF and IoTivity
Hongki Cha, Younghwan Choi and Kangchan Lee, Electronics and Telecommunications
Research Institute, Korea (Rep.of)
Healthcare Internet of things (IoT) opens up seamless opportunities by unleashing possibilities to
implement better healthcare services. Increased interest in this led to active standardization in
various standards development organizations (SDOs). However, the proliferation of different
international healthcare standards has not brought about full deployment of healthcare IoT
services and business opportunities in the healthcare domain. Nevertheless, there have been
some efforts to take advantage of open-source projects as an enabler to facilitate better
deployment of healthcare IoT standards. In this paper, the authors develop a case study of their
efforts to standardize healthcare IoT with IoTivity, with the Open Connectivity Foundation
(OCF). Then they discuss the benefits of IoTivity and how it has led to the enhancement of
standardization efficiency and acceleration in healthcare IoT. The authors conclude by
recommending ITU-T to continue their efforts to seek the roles of open-source implementation
for faster adoption of not only healthcare IoT standards but also their overall Recommendations.
S3.2 Empirical study of medical IoT for patients with intractable diseases at home
Kentaro Yoshikawa, Shinshu University and Nagano Prefectural Kiso Hospital, Japan; Masaomi
Takizawa, Central Corridor Communications 21, Japan; Akinori Nakamura, Shinshu University,
Japan; and Masahiro Kuroda, Goleta Networks Co., Ltd., Japan
Telemedicine for chronic disease management is extending to the home through the use of
medical devices and ICT technologies. Patients with intractable diseases, such as amyotrophic
lateral sclerosis (ALS) and lethal neurodegenerative diseases, have been returning to their homes
rather than remaining hospitalized. Reliable alarms for condition changes of patients and burden
reduction of their families are taking root as foundations of telemedicine for patients with
intractable diseases. This paper discusses reliable alarm delivery and expected medical IoT
features for those patients. A patient’s family has difficulty in setting optimal parameters of life-
support medical devices following patient condition changes. Also, caregivers and patients’
families expect reliable alarms and false alarm reduction from tele-alarm systems used at home.
We need to provide both anxiety relief for patients’ families and patient safety by reliably
monitoring the patients. We designed and implemented an alarm delivery system for patients
with intractable diseases, and here we propose a prototype false-alarm reduction mechanism for
highly-controlled medical device systems including an artificial ventilator. We investigated
alarms of a patient for one year, cooperating with the patient’s family. We need both hardware
standard interfaces and consistent alarm functions between artificial ventilators. We conclude
with our further work for patients with different types of intractable diseases and for
standardization of medical IoT networks integrating false-alarm reduction systems.

– 203 –
Session 4: Digital health strategies
S4.1 Invited paper - Towards international standards for the evaluation of artificial intelligence for
health
Markus A. Wenzel, Fraunhofer Heinrich Hertz Institute, Germany; and Thomas Wiegand,
Fraunhofer Heinrich Hertz Institute and Technische Universität Berlin, Germany
Healthcare can benefit considerably from advanced information processing technologies, in
particular from machine learning (ML) and artificial intelligence (AI). However, the health
domain only hesitantly adopts these powerful but complex innovations so far, because any
technical fault can affect people’s health, privacy, and consequently their entire lives. In this
paper, we substantiate that international standards are required for thoroughly validating AI
solutions for health, by benchmarking their performance. These standards might ultimately
create well-founded trust in those AI solutions that have provided conclusive evidence to be
accurate, effective and reliable. We give reasons that standardized benchmarking of AI solutions
for health is a necessary complement of established assessment procedures. In particular, we
demonstrate that it is beneficial to tackle this topic on a global scale and summarize the
achievements of the first year of the ITU/WHO focus group on “AI for Health” that has tasked
itself to work towards creating these evaluation standards.

S4.2 Redesigning a basic laboratory information system for the global south*
Jung Wook Park, Aditi Shah, Rosa I. Arriaga and Santosh Vempala, Georgia Institute of
Technology, United States
Laboratory information systems (LIS) optimize information storage and processing for clinics
and hospitals. In the recent past, developers of LIS for the global south have worked under the
assumption that computing environments will be very limited. However, the computing
resources in the area have been rapidly enriched. This has also changed the expectations that
users have about the LIS interface and functionality. In this paper, we provide a case study of
C4G BLIS that has been in operation for nearly a decade in seven African countries. In two
studies that included 51 participants from three African countries, we redesigned the LIS to
better suit the changing technical landscape and user needs and evaluated the new design. The
study procedure, usability metrics and lessons learned from our evaluation provide a model that
other researchers can use. The findings provide empirical insights that can benefit designers and
developers of LIS in the global south. The results also highlight the need for adding usability
specifications for international standard organizations.
S4.3 #RingingTheAlarm: Chronic "Pilotitis" stunts digital health in Nepal*
Ichhya Pant, George Washington University School of Public Health, United States; and
Anubhuti Poudyal, George Washington University School of Medicine and Health Sciences,
United States
Nepal Health Sector Strategy (NHSS) 2015-2020 aspires to leverage digital health to improve
health outcomes for Nepalese citizens. At present, there is a paucity in evidence on digital health
projects that have been implemented in Nepal. This study aims to map past and extant digital
health projects using Arksey and O'Malley's scoping design framework and assess projects using
the World Health Organization (WHO) building blocks of a health systems framework. Our
findings shed light on the current actors in the digital health space, the spectrum of health
services offered, along with opportunities and challenges to move beyond "pilotitis". In total, 20
digital health solutions were identified through our review that were implemented between 1993
to 2017. The momentum for digital health projects in Nepal is sporadic but continuous. Overall,
digital health solutions in Nepal are limited in scope, focus areas, target audiences and
sustainability potential. At the national level, implementation of digital health projects is frayed,
issue and organization-centric, and primarily driven by donor or non-governmental
organizations. Engaging the private sector, especially telecommunications companies, is an
underutilized strategy to move beyond "pilotitis". Existing pioneers in the space must engage in
strategic collaborative partnerships with the private sector or incentivize independent
commercial health technology ventures.

– 204 –
S4.4 Designing national health stack for public health: Role of ICT-based knowledge management
system
Charru Malhotra, Indian Institute of Public Administration, India; Vinod Kotwal, Department of
Telecommunication, India; and Aniket Basu, Indian Institute of Public Administration, India

Public health (PH), as a domain, requires astute amalgamation of the workings of different
disciplines, because its eventual aim is to ‘prevent’ and not just ‘cure’ the health concerns of the
entire community/population under consideration. Public health goals can be achieved more
meaningfully by the application of information communication technology (ICT) that helps in
overcoming the bottlenecks of brick-and-mortar healthcare models. Online consultations, cloud-
based health management solutions, smart service-supported diagnoses are some such examples.
The present study attempts to explore the design and implementation of ICT-based holistic
knowledge management systems (KMS) to address public health concerns at the national level.
At any point in time, different management information systems (MIS) are being used by various
public authorities that directly or indirectly impact PH. However, the data being generated by
these MIS is “stove piped” into standalone, heterogeneous databases. Non-standardized data
formats, incompatible IT systems, an aggravated sense of ownership by the agency that collects
the data are some of the factors that further worsen the problem. To overcome these issues, based
on the study of best practices and literature review, the review paper proposes a conceptual
model, referred to as national health stack (NHS). NHS is a multilayered KMS designed to
support evidence-based decisions of public health and would pave the way towards “Good
Health and well being” (UN SDG 3) for All.

Session 5: Smart technologies for caregivers


S5.1 Elderly health monitoring system with fall detection using multi-feature based person tracking*
Dhananjay Kumar, Aswin Kumar Ravikumar and Vivekanandan Dharmalingham, Anna
University, India; and Ved P. Kafle, National Institute of Information and Communications
Technology, Japan

The need for personalized surveillance systems for elderly health care has risen drastically.
However, recent methods involving the usage of wearable devices for activity monitoring offer
limited solutions. To address this issue, we have proposed a system that incorporates a vision-
based deep learning solution for elderly surveillance. This system primarily consists of a novel
multi-feature-based person tracker (MFPT), supported by an efficient vision-based person fall
detector (VPFD). The MFPT encompasses a combination of appearance and motion similarity in
order to perform effective target association for object tracking. The similarity computations are
carried out through Siamese convolutional neural networks (CNNs) and long-short term memory
(LSTM). The VPFD employs histogram-of-oriented-gradients (HoGs) for feature extraction,
followed by the LSTM network for fall classification. The cloud-based storage and retrieval of
objects is employed allowing the two models to work in a distributed manner. The proposed
system meets the objectives of ITU Focus Group on AI for Health (FG-AI4H) under the
category, "falls among the elderly". The system also complies with ITU-T F.743.1 standard, and
it has been evaluated over benchmarked object tracking and fall detection datasets. The
evaluation results show that our system achieves the tracking precision of 94.67% and the
accuracy of 98.01% in fall detection, making it practical for health care system use. The HoG
feature-based LSTM model is a promising item to be standardized in ITU for fall detection in
elderly healthcare management under the requirements and service description provided by ITU-
T F.743.1.

– 205 –
S5.2 A healthcare cost calculator for older patients over the first year after renal transplantation
Rui Fu, Nicholas Mitsakakis and Peter C. Coyte, University of Toronto, Canada

Forecasting tools that accurately predict post-transplantation healthcare use of older end-stage
renal disease (ESRD) patients are needed at the time of transplantation in order to ensure smooth
care delivery in the post-transplant period. We addressed this need by developing a machine-
learning-based calculator that predicts the cost of healthcare for older recipients of a deceased-
donor kidney over the first year following transplantation. Regression tree and regularized linear
regression methods, including ridge regression, lasso regression and elastic net regression were
explored on all cases of deceased-donor renal transplants performed for patients aged over 60 in
Ontario, Canada between March 31, 2002 and April 31, 2013 (N=1328), The optimal model
(lasso) identified age, membership of one of 14 regionalized Local Health Integration Networks,
blood type, sensitization, having diabetes as the primary case of ESRD, total healthcare costs in
the 12-month pre-workup period and the 6-month workup period to be inputs to the cost
calculator. This cost calculator, in conjunction with clinical outcome information, will aid health
system planning and performance to ensure better management of recipients of scarce kidneys.

S5.3 Automatic plan generating system for geriatric care based on mapping similarity and global
optimization
Fei Ma, Chengliang Wang and Zhuo Zeng, Chongqing University, China

The smart home is an effective means of providing geriatric care to increase the ability of the
elderly to live independently and ensure their health in daily life. However, the smart home is not
widely used because it is arduous to obtain a sensing devices selection plan. In this paper, the
accuracy of service selection and cost savings assumes enormous importance. Therefore, we
propose an automatically plan generating system for the elderly based on semantic similarity,
intuitionistic fuzzy theory, and global optimization algorithm, aiming at searching for an
optimized plan. Experiment results indicate that our approach can satisfy care demands and
provide an optimized plan of sensing devices selection.

Session 6: Data and artificial intelligence era


S6.1 Invited paper - Preparing for the AI era under the digital health framework
Shan Xu, Chunxia Hu and Dong Min, China Academy of Information and Communication
Technology (CAICT), China

Information and communication technology (ICT) for health has shown great potential to
improve healthcare efficiency, especially artificial intelligence (AI). To better understand the
influence of ICT technology on health, a framework of the digital health industry has been
proposed in this paper. Factors from the health industry and the ICT part are extracted to study
the interaction between two groups of component factors. Health factors include service and
management; and ICT factors include sensors, networks, data resources, platforms, applications
and solutions. The interaction between ICT and health can be traced through the development
history, from the stage of institutional informationization to regional informationization, and
finally to service intelligentization. Following such a developmental roadmap, AI was chosen as
one of the most powerful technologies to study the penetration effect and key development
trends from the perspectives of data, computing power and algorithms. The health industry will
be much improved or redefined in the coming AI era. To better understand the strengths,
weaknesses and limitations of AI for health, exogenous factors are discussed at the end of the
paper; preparations on collaboration mechanism; standardization and regulation have been
proposed for the sustainable development of digital health in the AI era.

– 206 –
S6.2 Operationalizing data justice in health informatics*
Mamello Thinyane, United Nations University, Macao SAR, China

There is a growing awareness of the need and increasing demands for technology to embed, be
sensitive to, be informed by, and to be a conduit of societal values and ethical principles. Besides
the normative frameworks, such as the Human Rights principles, being used to inform
technology developments, numerous stakeholders are also developing ethical guidelines and
principles to inform their technology solutions across various domains, particularly around the
use of frontier technologies such as artificial intelligence, machine learning, Internet of things,
robotics and big data. Digital health is one of the domains where the convergence of technology
and health stands to have a significant impact on advancing sustainable development
imperatives, specifically around health and wellbeing (i.e. SDG3). As far as digital health is
concerned, what values and ethical principles should inform solutions in this domain, and more
significantly, how should these be translated and embedded into specific technology solutions?
This paper explores the notion of data justice in the context of health informatics and outlines the
key considerations for data collection, processing, use, sharing and exchange towards health
outcomes and impact. Further, the paper explores the operationalization of Mortier et al.'s
Human-Data Interaction principles of legibility, agency and negotiability through a health
informatics system architecture.

Session 7: Safety and security in healthcare


S7.1 Thought-based authenticated key exchange*
Phillip H. Griffin, Griffin Information Security, United States

Identity authentication techniques based on password-authenticated key exchange (PAKE)


protocols rely on weak secrets shared between users and host systems. In PAKE, a symmetric
key is derived from the shared secret, used to mutually authenticate communicating parties, and
then used to establish a secure channel for subsequent communications. A common source of
PAKE weak secrets are password and passphrase strings. Though easily recalled by a user, these
inputs typically require keyboard entry, limiting their utility in achieving universal access. This
paper describes authentication techniques based on weak secrets derived from knowledge
extracted from biometric sensors and brain-actuated control systems. The derived secrets are
converted into a format suitable for use by a PAKE protocol. When combined with other
authentication factors, PAKE protocols can be extended to provide strong, two-factor identity
authentication that is easy to use by persons living in assistive environments.

S7.2 Cyber-safety in healthcare IoT


Duncan Sparrell, sFractal Consulting, United States

Healthcare is becoming more connected. Risks to patient and public safety are increasing due to
cybersecurity attacks. To best thwart cyberattacks, the Internet of health things (IoHT) must
respond at machine speed. Cybersecurity standards being developed today will enable future
IoHT systems to automatically adapt to cybersecurity threats in real time, based on a quantitative
analysis of reasonable mitigations performing triage to economically optimize the overall
healthcare outcome. This paper will discuss cybersecurity threats, risk, health impact, and how
future IoHT cybersecurity systems will adapt to threats in real time.

– 207 –
Session 8: Data protection and privacy in healthcare
S8.1 Technical and legal challenges for healthcare blockchains and smart contracts
Steven A. Wright, Georgia State University, United States

The paper considers the technical and legal challenges impacting recent proposals for healthcare
applications of blockchain and smart contracts. Healthcare blockchain data and actors are rather
different to cryptocurrency data and actors, resulting in a different emphasis on blockchain
features. Technical issues with healthcare blockchain implementation and trust are considered, as
well as a variety of potential legal issues. Conclusions and recommendations are proposed for
open source and standardization efforts to reduce technical and legal risks for healthcare
blockchains and smart contracts.

S8.2 Design of a credible blockchain-based e-health records (CB-EHRs) platform


Lingyu Xu, Antoine Bagula, Omowunmi Isafiade and Kun Ma, University of the Western Cape,
South Africa; and Tapiwa Chiwewe, IBM Research Africa, South Africa

With the rapid development of electronic health care, the era of medical big data has already
emerged. However, in the global electronic health industry environment, one of the significant
challenges is that the various medical institutions are independent of one another. Patients,
doctors and medical researchers have significant barriers in accessing medical data. As an
intervention strategy using blockchain principle, this paper explores the characteristics of
blockchain which are applicable to the management of electronic health records (EHRs), and
presents a credible blockchain-based electronic health records (CB-EHRs) management
platform. A CB-EHRs platform is characterized by decentralization, data tamper-proof,
collective maintenance mechanisms, security and credibility. This platform cannot only realize
data sharing between medical institutions, but also ensures the privacy of users. This paper
introduces the components of the CB-EHRs platformmodel and the implementation principle of
its related functions. In addition, this paper also reviews and selects the delegated Byzantine
Fault Tolerance (dBFT) consensus mechanism as a viable option for the CB-EHRs platform.
Finally, by comparing with the Practical Byzantine Fault Tolerance (PBFT) consensus
mechanism and our research, we highlight the potential advantages of our proposed CB-EHRs
platform in the medical domain.

S8.3 The GDPR transfer regime and modern technologies


Melania Tudorica and Trix Mulder, University of Groningen, The Netherlands

Health data comes within a person's most intimate sphere. It is therefore considered to be
sensitive data due to the great impact it could have on a person's life if this data were freely
available. Unauthorized disclosure may lead to various forms of discrimination and violation of
fundamental rights. Rapid modern technological developments bring enormous benefits to
society. However, with this digitization, large amounts of health data are generated. This makes
our health data vulnerable, especially when transferred across borders. The new EU General
Data Protection Regulation (GDPR) legal framework provides for rights for users of modern
technologies (data subjects) and obligations for companies (controllers and processors) with
regard to the processing of personal data. Chapter V of the GDPR protects personal data that are
transferred to third countries, outside the EU. The term 'transfer' itself, however, is not defined
by the GDPR. This paper examines whether transfer within the meaning of the GDPR applies to
health data processed by modern technologies and if the complexity of the GDPR legal
framework as such sufficiently reflects reality and protects health data that moves across borders,
in particular to jurisdictions outside the EU.

– 208 –
INDEX OF AUTHORS
Malhotra, Charru................................................ 95
Index of Authors
Mauwa, Hope....................................................... 9
Min, Dong ........................................................ 135
Arriaga, Rosa I. .................................................77
Mitsakakis, Nicholas........................................ 115
Mulder, Trix..................................................... 191
Bagula, Antoine .......................................... 9, 183 Murata, Yoshitoshi ............................................ 33
Bas, Joshua N. .................................................... 39
Basu, Aniket ....................................................... 95
Nakamura, Akinori .......................................... 59
Ngqondi, Tembisa................................................ 9
Cha, Hongki......................................................49
Chiwewe, Tapiwa ............................................. 183
Pan, Changyong ............................................... 17
Choi, Younghwan ............................................... 49
Pant, Ichhya ....................................................... 85
Coyte, Peter C................................................... 115
Park, Jung Wook................................................ 77
Poudyal, Anubhuti ............................................. 85
Dharmalingham, Vivekanandan .....................105
Ravikumar, Aswin Kumar ............................. 105
Fu, Rui ...........................................................115 Rodrigues, Joel J. P. C. ........................................ 1

Griffin, Phillip H. ...........................................155 Sato, Takuro ....................................................... 1


Gupta, Shayan..................................................... 39 Shah, Aditi ......................................................... 77
Siddiquee, Junaid Ahmed .................................. 23
Song, Jian........................................................... 17
Hu, Chunxia ...................................................135
Sparrell, Duncan .............................................. 163
Isafiade, Omowunmi .......................................183
Takizawa, Masaomi ......................................... 59
Kafle, Ved P. ..................................................105 Thinyane, Mamello .......................................... 145
Kelly, Shawn K. ................................................. 39 Tudorica, Melania ............................................ 191
Kotwal, Vinod .................................................... 95 Tuyishimire, Emmanuel ...................................... 9
Kumar, Dhananjay............................................ 105
Kuroda, Masahiro ............................................... 59
Vempala, Santosh ............................................ 77
Lee, Kangchan ..................................................49
Liu, Hongfu ........................................................ 39
Wang, Chengliang......................................... 125
Wang, Xiaofei .................................................... 17
Wen, Zheng.......................................................... 1
Ma, Fei ...........................................................125 Wenzel, Markus A. ............................................ 67
Ma, Kun ............................................................ 183 Wiegand, Thomas .............................................. 67

– 211 –
Wright, Steven A. ............................................. 173
Zeng, Zhuo ..................................................... 125
Zhai, Yunkai ........................................................ 1
Xu, Lingyu ......................................................183 Zhang, Dalong ..................................................... 1
Xu, Shan ........................................................... 135 Zhang, Di ..............................................................1
Xu, Xuan............................................................. 39 Zhang, Hongming ...............................................17
Zhang, Jacqueline ...............................................39
Zhang, Teng ..........................................................1
Yamato, Tomoki ...............................................33
Yoshikawa, Kentaro ........................................... 59
Yu, Keping ........................................................... 1

– 212 –
11TH ITU ACADEMIC CONFERENCE

ITUKALEIDOSCOPE
ATLANTA 2019
ICT for Health:
Networks, standards and innovation
4-6 December

ITUKALEIDOSCOPE ICT for Health: Networks, standards and innovation


Atlanta, Georgia, USA

International
Telecommunication
Union
Telecommunication
Standardization Bureau
Place des Nations
CH-1211 Geneva 20
Switzerland

ISBN 978-92-61-24301-2
ISBN: 978-92-61-28401-5

99 77 88 99 22 6 1 2 84 43 0 1 25 Hosted by Technically co-sponsored by In collaboration with Organized by


Published in Switzerland
Geneva, 2019

Atlanta Global Studies Center


Center for Computing and Society
Center for Health and Humanitarian Systems
Center for International Strategy, Technology, and Policy
Center for Serve-Learn-Sustain
Georgia Tech Research Institute
Institute for People and Technology

You might also like