851

The LATIS Pervasive Patient Subsystem: Towards a

Pervasive Healthcare System
Chakib TadjI, Manolo Dulva Hinal 2, Amar Ramdane-CheriP, Ghislain Ngantchahal
I LATIS Laboratory, Universite du Quebec, Ecole de technologie superieure
1100, rue Notre-Dame Ouest, Montreal, Quebec H3C 1K3, Canada
2 PRISM Laboratory, Universite de Versailles-Saint-Quentin-en-Yvelines
45, avenue des Etats-Unis, 78035 Versailles Cedex, France

Abstract. The cost of maintaining a universal publicly- smart spaces, invisibility, localized scalability, masking
funded healthcare system has always been astronomical. Our uneven conditioning, context-awareness, natural interface
collaborative effort is aimed at applying information and more.
technology into the healthcare system with the goal of making A MAS [2] is composed of multiple interacting
the delivery of medical services more effective and more
efficient and, also to contribute to the reduction in the cost of computing elements, known as agents.
such delivery. A pervasive healthcare system is aimed at This project enables us researchers to invoke and apply
providing complete healthcare services - that of the various concepts in information technology that are outright
diagnostics, medical prescriptions, and the pervasive tracking visible in this project, such as (1) agency and MAS, (2)
of a patient. The last component provides medical service to a wired and wireless computing, (3) database and dynamic
patient whether he is in or out of the hospital or medical clinic. file structures and, (4) profiles - user, environment and user
This paper is aimed at presenting the last subsystem only. The context profiles. This research work requires the application
architecture, along with its components, is presented, analyzed of concepts in information technology for implementation in
and simulated under different scenarios. Other aspects of a social setting that we all cherish - the hospital.
artificial intelligence such as the application of multi-agent
system and pervasive computing are also applied in the system.
II. RELATED WORK
I. INTRODUCTION Pervasive healthcare is the application of PC, proactive
The overall objective of our goal in building a pervasive computing and ambient intelligence onto the domain of
healthcare system (PHS) is to alleviate the pressure that medical application and administration with the purpose of
confronts our healthcare system. We are proposing making the delivery of medical services more efficient [3].
improvements in some medical services through We believe that the wide-scale deployment of wireless
automation. Its intended effect is to improve the efficiency networks will improve communication among healthcare
in the delivery of some medical services. With improved workers, the delivery of medical services, as well as a more
efficiency of medical practitioners lessens the demand to reliable delivery of medical information between medical
hire more hospital personnel. This would mean savings to practitioners themselves or between a medical practitioner
the coffers of the government. Other benefits include easy and a patient, thus reducing errors. Important works include
availability of patients' medical records due to doing away that of Varshney's concept of pervasive healthcare [4],
with paper record keeping, and the application of the MedNet by Narasimhan et al [5], and the application of
developments in information technology to actual use in a context-aware computing in hospital work [6].
setting that has significant relevance to the society. Varshney [4] discussed the use of mobile devices,
In this paper, we propose a research work leading to a wireless networks, and middleware to provide healthcare
pervasive computing (PC) infrastructure for the delivery of services. His system intervenes in case of emergencies, and
medical services. This system is generic and can be adapted allows faster access to patient's medical data on various
easily to meet some specific needs of one hospital or clinic. portable devices. The MedNet system described by
The system is composed of three subsystems, namely: (1) A Narasimhan et al [5] is a mobile healthcare system. The
pervasive patients system (2) A subsystem for automated system is designed to provide an integrated pervasive
diagnostics and administration of patient's medication, and healthcare environment, enhancing hospital care by using
the patient's context information, and making healthcare
(3) an automated prescription subsystem. information and services available by using the network.
All the above subsystems are integrated to form one In [6], Bardram discussed his vision of applying context-
global system called the LATIS PHS. The integration of the aware computing for medical works in a hospital. A couple
three subsystems into one compact PHS requires that some of scenarios have been designed and some prototypes
areas of artificial intelligence such as the PC and multi- implementing these scenarios have been developed.
agent system (MAS) should be present in this work. Although medical services are universal, still our work
A PC [1] environment is composed of some computing differs from others in three fronts. First, ours makes use of
and communicating technologies which are so integrated caller phone number and GPS system to locate the patient's
with users that they become "invisible". PC encompasses

0-7803-9740-X/06/$20.00 c 2006 IEEE FIC-2 ISCIT 2006

 ~ Prescipton
852
residence and the positions of different ambulances, and * Context-Awareness Manager (CAA) - it manages the
based on the distances, we can determine the ambulance that user's context. The user context is important in deciding the
is nearest to the patient's residence. Second, the user's services that the system could offer to the user.
context information is used in the way the medical services *Activity Manager (AM) - is responsible for all activities
would be delivered. It considers the patient's devices, in the healthcare system. Basically, a user could be in one
including his telephone, and the medical practitioner closest medical activity at a time; hence, it does select one of the
to his location. The effect, therefore, is a more efficient three given activities based on the user's context and profile.
delivery of services. *Activity Discovery Manager (ADM) - this agent
Finally, our work invokes the transfer of task from one discovers the possible user activity based upon how it
user to another, making it possible for medical practitioner senses the user's environment.
to continuously working on a medical task. Also, a transfer * Context Information Manager (CIM) - it receives
of task from one machine to another makes PC more user's context based on the data supplied by context sensors.
flexible and adaptable to the mobility of the medical
practitioner. * Profile Manager (PM) - it is responsible for the
PC would not have been made possible without the management of the user profile.
mechanism that supports wired and wireless computing. * Security and Privacy Manager (SPM) - responsible for
Related works include that of Satyanarayanan's work in safeguarding the system's security and the user's privacy.
mobile information access [7], the fundamental challenges
in mobile computing [8], and the evolution of Coda [9]. The PHS delivers three major types of computing-
A MAS has been used in some ambitious software assisted medical services which are described below:
engineering projects because the traditional techniques 1. The automated prescription subsystem: This
based on functional analysis and data flow, or on object- subsystem enables a physician to prescribe medication to a
oriented modeling are, in many cases, insufficient to capture patient via a pervasive network. A pharmacist could access
the needed dynamism and flexibility of the current this prescription; hence, he could prepare for this
development tasks. Shi et al have worked on MAGE, an prescription order without being told. A nurse could equally
agent-oriented software engineering environment [10] that access this information; hence, he/she could directly go to
can be used for e-business and parallel web spider the hospital's pharmacy and retrieve the prescribed
application. Ramdane-Cherif et al have used agent medication to the patient who is under his/her supervision.
technologies for PC and communications [11] and applied
them to client-server architecture. In this paper, the p ataiase te s e s e
application domain is different yet the concept of MAS is user profile c
appropriate.
fromapatien a sensors data
user context a
III. THE PERVASIVE HEALTHCARE SYSTEM , Incun
themselves. teot Activaty iscovereud activities
In this section, we present the architectural framework of Ma geragre
£
the paradigm of LATIS PHS and explain the protocols of diagnosis Fig Srity For adionist LAI
1. The arcietrlfaeoko ono ae PHS. a tient's
the data and control transfers among different components Communication t s t t Rey i
Manager g enstoea atien a s ctivity Manager d
of the system. The details of each of these components are
Login
discussed in the succeeding subsections. X~~~~~~~~~~~~~~~Prai
DiagUnostic

A The LATIS PHS 's Architectural Framework

The architectural framework of our PHS, known as
LATIS Healthcare System as it is conceived in LATIS
Fig. 1. The architectural framework of LATIS PHS.
(LAboratoire de Traitement des Informations et Signaux)
Laboratory, is shown in Fig. 1. Due to the fact that the 2. The automated diagnostics and administration of
system is intended for healthcare purposes, then a typical
system user would be a health practitioner (e.g. physician, patient's medication: If a test (e.g. blood test, urine test, etc.)
is necessary then a nurse, after viewing the physician's
nurse, pharmacist, lab technician, radiologist, etc.) or a order from the system, could take some specimen samples
patient. In the diagram shown In Fig. 1, we do provide the from a patient and then deliver them to the laboratory. The
global view of an overall LATIS healthcare system.
The major components of the system, along with their laboratory technicians could also enter the test results
themselves. In no time, the physician could arrive at a
functionalities, are as follows:
*Communication Manager (CM) - it is responsible for diagnosis right away. For administration of a patient' s
medication, the system would allow medical staff to key in
managing the user's profile, in ensuring the system security, the medicines given to a patient, and some related data such
and in guarding the user's privacy. as when and how the medications were administered.
 853
3. The pervasive patient subsystem: This subsystem rest of the system is authenticated. The communication
facilitates the supervision and administration of medication between two or more entities passes through a security
to a patient whether he is in or out of a hospital. When filter. Basically, this means secure connections between
inside the hospital, the system not only allows prescription devices and explicit logs for every user. For security
and administration of his medication but also supervises his purposes, private medical records cannot be viewed outside
whereabouts. This is important for patients with special of the hospital area. The system deduces it by determining if
needs (e.g. patients with Alzheimer illness, amnesia, etc.). the device is within the locality/jurisdiction of the hospital.
When outside of the hospital, the system keeps track of the The security and privacy policy is not only adapted on the
patient's medical system via a universal patient medical pervasive LATIS patient subsystem, but also on the entire
history card (more on this later). LATIS healthcare system.
Indeed, it is our goal to present all these subsystems piece C Logical Architecture
by piece, one piece at a time. In this paper, the third
subsystem - the pervasive patient subsystem - is analyzed, In order to achieve the functionalities described in sub-
and its system design is presented in details. section B, the Pervasive Patient Subsystem (PPS) (see Fig.
2) deploys a logical server and a set of Access Devices
B The LA TIS Pervasive Patient Subsystem (AD). At deployment time, the system components residing
The LATIS Pervasive Patient Subsystem is composed of on a logical server can be deployed onto different physical
the following elements or functionalities: servers, reducing system administration and complexity. As
1. Mobile Access Devices: These devices refer to the of the time this paper is written, these components,
set of mobile devices that the users could use in getting however, reside on a single server. An AD could stand for a
connected to the pervasive healthcare network. Using these PDA, a laptop, a desktop computer, or any computing
devices, a user can move around, connect to and disconnect device that can be used to access pervasive services.
from different networks. Some examples of mobile access C. Access Devices Settings
devices are wireless laptops, PDA's, and other small
computing units. The following components usually reside or are deployed
2. Multiple Devices and Users: The system permits onto a typical access device:
the transfer of a task from one device to another, and also * EPR Viewer - it is used to browse the Patient Medical

from one user to another. This functionality is especially Record (PMR).

useful when one needs to continue working on an * Context Agent -transacts with Context Manager to obtain

interrupted task. We envision that the system is designed so context information concerning the user and his device.
that it automatically adapts itself to the new user's device * Notification Agent - it manages notification message
and profile. For example, in scenario 1 (see section D), transfer to and from the logged user
when the ambulance man confirms his observations * Session Agent- manages user activities during the session.
concerning a patient to a physician, he transfers the patient * Services Agent - it manages the components needed to
record to the doctor's portable unit. A portable unit could be provide services to the logged user.
a PDA. The ambulance has no access to the complete
patient's local record due to privacy restrictions. However, Legend Access Devices (AD)
the physician, in contrast, can see the entire record since his |
r Database/ aD~~~~~ervices
profile and context permits him to do so. |Process
repository Adaptery cache
Services
3. Discovery of Resources: In a pervasive system, | omunication
Application
AD Viewer AD controller appcation L Agent
User

resources refer to all entities that are involved in the process task

physical or computational environment. An autonomous |t-

\- - - -
' System
boundary
EPR
Viewer
Context
Agent
Notification
Agent
Session
Agent
entity such as the user or a computing device could discover 11 Data flOW
his or its own resources. Software agents are allowed to
look up and discover available resources in the vicinity of servervai
Another Pervasive
paint server
|patient '
System patient
Pervasive Patient Server
context Notice task
Users
an autonomous entity and the relationship of each resource l M EPR CA
Session
Profile
anager patientdata EP'R Conte !xt Notific tion
with the others. In order to activate medical record transfer Manager Manager Manager Manager pr fle-
or to allow such transfer from one access device to another,
1==l 0
Servces
overall context
protection measureepsitr
Data: EPR Sensors Information
Infr ai |~tdO epostor
the user is required to first locate the intended destination
l~~~~~~~~~~~~~s r

Data
____ ________, t Manager Security and
device, or at least know its identification. rivacy Manager

4. Context-Awareness: The system permits every

autonomous entity (i.e. user, computing device) to know its
own contextual information. For example, a device could Fig. 2. LATIS Pervasive Patient Subsystem Architecture.
know its location as well as the identity of other entities
detected by the system within the vicinity. These components are described below.
5. Security and privacy: The system supports security, The Session Agent (SeSA) manages a set of viewers and
and safeguards the privacy of medical information. The controllers that makes up a consistent configuration for
transaction of any computing device that interacts with the handling a given session in the given AD. Viewers are input
 854
and output devices that serve as means to interact with the C. 2 Components on a Pervasive Patient Server
user. Controllers, on the other hand, link the viewers with The following components are operating/residing on the
the services. They are made of adapters specific to the LATIS pervasive patient subsystem:
access device in use. Adapters serve to provide translation * EPR Manager - it manages the centralization of the
between services and views. Viewers, controller and patients' medical records; the records themselves are
adapters together with available services are designed to stored in an EPR database.
cooperate according to the model-view-controller pattern * Context Manager - manages the context information
[12]. To accomplish its task, the SeSA cooperates with the provided by the Sensors Information Manager.
Service Agent (SeVA) which is responsible in obtaining the * Session Manager - it manages users' profiles and services
right services (viewers and controllers in consistent repository.
configurations) from the Services Repository for the services * Notification Manager - receives notifications, and
that are needed in the ongoing session. The SeSA configures distributes them to the appropriate notification agent in
these services according to the current setup specified by the the network.
Context Agent. A session on a device starts when a user * Security and Privacy Manager - protects the privacy of
logs in, and starts working with the device. At such time, the patients' information and prevents unauthorized access.
Session Agent is instantiated; it will assist the user until the The Notification Manager (NoMa) keeps track of
session ends. notifications submitted or those that are about to be
If a user transfers his tasks to another device, the SeSA distributed. NoMa is used for establishing asynchronous
moves onto that device, unless otherwise the user task is sessions. It cooperates closely with the Context Manager in
transferred to another user. In the latter case, a task is order to find out who is to be notified, where he is, and on
transferred under the supervision of the session agent of the which device. The Context Manager will assess the user
new device, which adapts the presentation of the task context and decide if it is the appropriate time to deliver the
according to the new context and profile. If, for example, notification. Every notification is assigned a priority. An
there is an attempt to transfer a patient medical record urgent notification will be delivered as soon as the user
(PMR) to a device located outside of the hospital's accesses the system area or logs in onto the system. The
jurisdiction, the local session agent will react by detecting Context Manager also helps choose the right device to
the change in the context and blocking the access to the deliver the notification.
private section of the PMR. The Security and Privacy Manager (SPM) prevents non-
The Service Agent (SeVA) manages service elements authorized access by using a security policy defined for the
that are downloaded on the AD during a session. These whole system. The privacy manager ensures that the user
elements are stored in the services cache for future use. accessing private information has the right to do so. The
When a service (e.g. reading a medical record) is requested, SPM is built according to the rule-based access model [13].
a reference to the service request element is transmitted to Each user is assigned a set of roles which give him some
the SeVA which then decides whether to use the data from rights and limitations. These rights change depending on his
the cache or download it from the repository, depending on context. A doctor is therefore authorized to access to the
the availability of the components and other attributes such medical record of a patient locally. He cannot access this
as the expiration of the service timestamp. information while he is out of the hospital area.
The EPR Viewer is a software component that can read The Context Manager is a NIAS responsible for the
the content of the LifeSmart card (see section E) and management of context information for the whole pervasive
remotely access patients' medical records. To read the system. This information is transferred upon request to the
content of a card, a security code is needed and it is Context Agent in the access device. Context information on
provided by the owner or his designated representative. To every entity of the system is maintained within a context
protect the information stored in the LifeSmart card, only a data store. Before accessing information or carrying a task
medical doctor, logged on the pervasive system, can write that needs context validation, the Context Agent requests for
new data onto it. The nature of information transmitted to context information update from its registered manager. To
the EPR viewer also depends on the location of the user. keep each access device aware of its context, the Context
The EPR Viewer gets information to display or to convey to Manager sends on a regular (configurable) basis the context
the user from the EPR Manager from the Pervasive Patient information to each context agent.
Server. EPR Viewers and the EPR Manager communicate in
a client-server mode, each EPR viewer being a client. The D Emergency call Scenario
EPR viewer and EPR manager provide functionality Each number denoting an activity indicated in this
operations related to patient medical record: adding a new scenario matches that given in Figures 3 and 4.
patient, adding a new record of patient treatment, computing Imagine that the emergency service of Pierre-Boucher
the patient's bill, listing patients in a given room, etc. Each Hospital (PBH) receives a call from Mr. Smith's residence
functionality operation is given a role, defined by the SPM, (01). His child fainted but he does not know what to do.
and is also associated to a certain context condition. The Using the GPS system, (02a and 02b), the pervasive system
EPR viewer then adapts the presentation accordingly. contacts an available ambulance closest to Mr. Smith's
 855
residence (03). While the ambulance is on its way, using the Patient's informations are private. Only the patient or
phone number obtained from the caller ID, the pervasive his/her competent representative/relative could access them.
system automatically transfers useful medical information to Indeed, we would like to address this issue by proposing a
the ambulance cache system (04). This information is drawn pervasive patient monitoring subsystem. In this subsystem,
from PBH's records of individuals with the same phone the patient' s medical data would be present wherever he is.
number who made the call, or who lives at the address In addition with the classic computing infrastructure
specified during the call. The information transferred from available in the medical center environment, the following
PHB to the ambulance caregiver includes known data such components are part of the pervasive patient subsystem:
as the patient's allergies, pre-existent conditions, and other
useful data. At Mr. Smith's home, the ambulance man uses
his PDA to access the patient's medical record that is
available in the ambulance's cache (05).
05: Read Patient Medical
a X l Information (Bluetooth)
06: Transfers Observaions 02a Ambulance Localisation(GPS)
. and Recommendationsv

.~
Ambulance Man
Tablet

08 Transfer patient 02b: Ambulance Localisation (GPS)

_ t2
o te hospital , = 03: Emergency task assignment (Phone)
04: Meianomaintase
07a Forward Observations
I . ,_ . E
Fig. 3. Real lifeoutdoor
1! > 5 j 07b
ar
ecetons
~~~~Confirm Observations (hn

down his observations and recommendations usng hi

iiir Mr Smithv X
(06). Th aside lnce c f t t t h
Handathhospital (_a

Fig. 3. Real life outdoor scenario.

Mr. Smith's son has a heart failure and must undergo a
surgical operation immediately. The ambulance man writes
down his observations and recommendations using his PDA
(06). Tha transe the pa forward them to the hospital Fig. 4. Components involved in the realization of a real-life outdoor
scenario.
system through the Wireless WAN connecting ambulances
and the hospital (07a). 1. A bracelet unit
Once this information is received by the hospital, This electronic device would replace the hospital
preparations for the surgery are started. The ambulance patient's medical bracelet; it is used to identify the patient.
takes the child, accompanied by his father, to the hospital. In some cases, with the consent of his competent
The ambulance man confirms his observations by phone representative or family, it is used to monitor the patient's
(07a) and transfers the patient' s medical record to the whereabouts within the hospital. The latter is very important
physician's portable medical unit (PMU) (07b). After such especially if the patient is suffering from Alzheimer' s
data transfer, the data in the ambulance cache is erased. illness, amnesia, and the likes where patient monitoring is
The diagram in Fig. 4 illustrates the elements involved in imperative.
this outdoor scenario, and the connectivity among these 2. A SmartLife card
elements. The ambulance communicates with the hospital The SmartLife card keeps trace of the patient medical
using his phone, or his PDA via Bluetooth connection historical data. It is a card that contains both public and
between the ambulance cache server and the wireless WAN. private data. Public data includes the patient's blood type,
Rhesus factor, some existing medical condition (e.g.
E Pervasive Hardware smoker, diabetic, known allergies, etc.) that every medical
A patient's historical medical data is important in the practitioner must be aware of before any medical
decision making of medical staff, especially for the administration is to be made onto the patient. Public data is
physician in order to provide correct services to the patient. accessible from the card via a card reader. Private data
However, the medical history of a patient that is kept by the includes previous historical diagnosis and prescriptions
hospital is based only on the medical transactions this from various clinics, and hospitals. Private data is protected
patient had in that specific hospital. All other medical by user's password. Hence, a physician must request the
transactions the patient had in the past with other hospital, patient's (or in case of emergency, his competent
medical clinic, or medical institutions are missing because representative's) authorization before he can access such
the hospital has no access to them. data. Only a physician or an authorized medical practitioner
could add extra diagnosis onto this card. Although the card
 856
is a patient's private property, there is no way he can delete authorized persons. Such system is on its way for
or modify his medical historical data. implementation by the provincial government of Quebec, in
3. A portable medical unit Canada. However, based on the citizens reactions, it seems
This is intended for patients undergoing long term care at that it will take a little longer for people to allow the
home or in a nursing home. A physician would usually store government to have their medical records stored in a
onto it some reminders concerning patient's medication. At centralized system where private companies with vested
a patient's home or in a nursing home, a patient could store interests could probably access.
on it some of his medical data. Upon visit to a physician, In this paper, we have proposed a new paradigm. It
this recorded information would be downloaded so that the consists of storing historical medical records on a card.
physician could analyze the patient's status and prescribe Citizens seem to have peace of mind when they are the one
further medication, if needed. managing their personal information. We have proposed
4. Distributed medical data server very limited patients' activity on the card in order to protect
We propose that every clinic or hospital would have a the veracity and integrity of the information.
server that would form part of the distributed medical data
centre (DMDC). Hence, a pervasive patient could visit a ACKNOWLEDGMENT
specific clinic or hospital with his ubiquitous medical data
following him. Hence, diagnosis and medical prescription This work has been made possible by the funding
would be consistent with the patient's medical data all the awarded by the Natural Sciences and Engineering Research
time. Council of Canada (NSERC).
The hardware we described above is integrated with the
architecture we presented in Fig. 1 and Fig. 2. The EPR REFERENCES
Viewer is deployed on devices used by healthcare workers [1] M. Satyanarayanan, "Pervasive computing: Vision and
to access patients' medical records. When the card reader is challenges," IEEE Pers. Comm., vol. 8,pp. 10-17, 2001.
available on a device, the EPR Viewer also contains a [2] M. Wooldridge, An Introduction to Multiagents
specific algorithm to decrypt the content of the card. Other Systems: John Wiley & Sons, Ltd, 2002.
AD components are installed when needed, either using the [3] I. Korhonen and J. E. Bardram, "Introduction to the
Java Network Launch Protocol (JNLP) or simply by a web special section on pervasive healthcare," IEEE Trans.
access. In the current design, the Pervasive Patient Server is on Inf Tech. in Biomedicine, vol. 8, pp. 229-234, 2004.
to be deployed on the Distributed Medical Data Server [4] U. Varshney, "Pervasive healthcare," Computer, vol.
except for the Security and Privacy Manager which will be 36, pp. 138-40, 2003.
on a different server just to ease security management and [5] V. L. Narasimhan et al, "MedNet: a pervasive patient
separate it from health specific activities. information network with decision support," 6h Int.
Workshop on Enterprise Networking and Comp. in
IV. CONCLUSION Healthcare Industry, Odawara, Japan, pp. 96-101, 2004.
We believe that pervasive healthcare will help in [6] J.E. Bardram, "Applications of context-aware computing
in hospital work - Examples and design principles,"
improving caregivers' productivity and could lead to more
efficient delivery of medical services when the mobile Symp. on Applied Comp. Nicosia, pp. 1574-1579, 2004.
technologies and the context-aware system such as the [7] M. Satyanarayanan, "Mobile information access," IEEE
Personal Communications, vol. 3, pp. 26-33, 1996.
pervasive patient subsystem we described in this paper are [8] M. Satyanarayanan, "Fundamental challenges in mobile
adapted. For instance, by reducing the intervention time, the computing," Philadelphia, PA, USA, 1996.
ambulance localization system could make a difference, and
avoid a scenario where a patient would succumb while [9] M. Satyanarayanan, "The evolution of Coda," ACM
Trans. on Computer Systems, vol. 20, pp. 85-124, 2002.
waiting for help. Our research work in pervasive healthcare [10] S. Zhongzhi et al, "MAGE: multi-agent environment,"
is aimed at (i) making access to patient's health history Int. Conf. on Computer Networks and Mobile
become much faster, (ii) avoiding administrative procedures Computing, Shanghai, China, 2003.
and red tape, (iii) reduce wrong diagnosis, and (iv) reduce [11]A. Ramdane-Cherif et al, "Agent technologies for
(if not completely prevent) incorrect medical prescription pervasive computing and communications," 3rd Inter.
and administration. Conf. on Cogn. Inform., Victoria, BC, Canada, 2004.
Comparing how we manage the patients' historical [12] F. Buschmann et al, "Pattern-oriented software
medical records with the existing pervasive systems, we architecture: A system ofpatterns", John Wiley, 1996.
noticed that some issues concerning security and privacy no [13]D. F. Ferraiolo, D. R. Kuhn, and R. Chandramouli,
longer exist. The PHS proposed by Varshney [4] is about Role-Based Access Control: Artech House, 2003.
storing patients medical records on a centralised system to
make them available every time and everywhere to