ScienceDirect

Available online at www.sciencedirect.com

Procedia Computer Science 00 (2019) 000–000
ScienceDirect www.elsevier.com/locate/procedia
Available online at www.sciencedirect.com
Procedia Computer Science 00 (2019) 000–000
www.elsevier.com/locate/procedia
ScienceDirect
CENTERIS - International Conference
Procedia on164
Computer Science ENTERprise
(2019) 524–531 Information Systems / ProjMAN -
International Conference on Project MANagement / HCist - International Conference on Health
and Social Care Information Systems and Technologies
CENTERIS - International Conference on ENTERprise Information Systems / ProjMAN -
International Conference on Project MANagement / HCist - International Conference on Health
A Fast and
Healthcare Interoperability
Social Care Information Systems and Resources
Technologies(FHIR)
Implementation Integrating Complex Security Mechanisms
A Fast Healthcare Interoperability Resources (FHIR)
Marco Rosaa, Cristiano Fariab, Ana Madalena Barbosac, Hilma Caravaua, Ana Filipa
Implementation Integrating Complex Security Mechanisms
Rosaa, Nelson Pacheco Rochad,*
Marco Rosaa, Cristiano Faria , Ana Madalena
IEETA,bUniversitity
a
Barbosa
of Aveiro, 3010-193 , Hilma Caravaua, Ana Filipa
Aveiro,cPortugal
Kentratech, 4450-043
b
Matosinhos, Portugal
RosaDigitalwind,
a
, Nelson Pacheco
3010-193
c Rochad,*
Aveiro, Portugal
d
Department of Medical Sciences, IEETA, Universitity of Aveiro, 3810-498 Aveiro, Portugal
a
IEETA, Universitity of Aveiro, 3010-193 Aveiro, Portugal
b
Kentratech, 4450-043 Matosinhos, Portugal
c
Digitalwind, 3010-193 Aveiro, Portugal
d
Department of Medical Sciences, IEETA, Universitity of Aveiro, 3810-498 Aveiro, Portugal
Abstract

This paper reports an experimental study aiming to develop a platform of services, the Social Cooperation for Integrated Assisted
Living (SOCIAL) platform that integrates the Fast Healthcare Interoperability Resources (FHIR) with authentication, authorization,
Abstract
logging and auditing mechanisms. The integration of FHIR with security mechanisms is described and a performance evaluation
of thepaper
This respective
reportsimplementation
an experimentalis study
presented. The
aiming to results
developshow that theofimplementation
a platform is efficient
services, the Social in termsfor
Cooperation ofIntegrated
information access
Assisted
by the different user-application pairs.
Living (SOCIAL) platform that integrates the Fast Healthcare Interoperability Resources (FHIR) with authentication, authorization,
logging and auditing mechanisms. The integration of FHIR with security mechanisms is described and a performance evaluation
© the
of 2019 The Authors.
respective Published by
implementation Elsevier B.V.
is presented. The results show that the implementation is efficient in terms of information access
This is an open access article under
by the different user-application pairs. the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the CENTERIS - International Conference on ENTERprise
Information
© 2019
© 2019 The Systems
Authors. /Published
The Authors. ProjMANby
Published – International
by B.V.Conference on Project MANagement / HCist - International Conference on Health
Elsevier B.V.
Elsevier
This
and is an
Social open
Care access article
Information under
Systems the CC
and BY-NC-ND
Technologies
This is an open access article under the CC BY-NC-ND license license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
(http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the CENTERIS -International Conference on ENTERprise
Peer-review under responsibility of the scientific committee of the CENTERIS - International Conference on ENTERprise
Information Systems / ProjMAN - International Conference on Project MANagement / HCist - International Conference on
Information SystemsCare
Health and Social / ProjMAN – International
Information Conference
Systems and on Project MANagement / HCist - International Conference on Health
Technologies.
and Social Care Information Systems and Technologies

* Corresponding author. Tel.: +351234247292.

E-mail address: [email protected]

1877-0509 © 2019 The Authors. Published by Elsevier B.V.

* Corresponding author. Tel.: +351234247292.
ThisE-mail
is an open access
address: article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
[email protected]
Peer-review under responsibility of the scientific committee of the CENTERIS - International Conference on ENTERprise Information Systems /
ProjMAN – International Conference on Project MANagement / HCist - International Conference on Health and Social Care Information
1877-0509 © 2019 The Authors. Published by Elsevier B.V.
Systems and Technologies
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the CENTERIS - International Conference on ENTERprise Information Systems /
ProjMAN – International Conference on Project MANagement / HCist - International Conference on Health and Social Care Information
Systems and Technologies
1877-0509 © 2019 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the CENTERIS -International Conference on ENTERprise Information
Systems / ProjMAN - International Conference on Project MANagement / HCist - International Conference on Health and Social Care
Information Systems and Technologies.
10.1016/j.procs.2019.12.215
 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531 525
2 Author name / Procedia Computer Science 00 (2019) 000–000

Keywords: FHIR; Security mechanisms; Platform of services; older adults

1. Introduction

Nowadays, ehealth services are supported by multiple systems with overlapping functionalities. Therefore,
interoperability is a key area to ensure harmonized solutions [1].
Concerning interoperability standardization, Fast Healthcare Interoperability Resources (FHIR) [2] developed by
Health Level Seven International (HL7) presents improvements when compared to existing solutions, namely HL7
Clinical Document Architecture (CDA) or HL7 Reference Information Model (RIM). In fact, FHIR allows concise
and easy-to-understand specifications, as well as implementations based on well-established web standards (e.g.
Extensible Markup Language – XML, Java Script Object Notation – JSON, or Representational State Transfer –
REST). In this way, FHIR is suitable for a variety of contexts [3].
The present article reports a study with the objective of using FHIR to guarantee interoperability of a platform of
services, the Social Cooperation for Integrated Assisted Living (SOCIAL) platform, aiming to provide information
services to support integrated care and assistance of community-dwelling older adults [4]. Particularly, the integration
of FHIR with complex authentication, authorization, logging and auditing mechanisms is described and a performance
evaluation of the respective implementation is presented.

2. Related Work

During the last decades, the exponential rise in computing availability, cheaper digital storage and broadband
communications networking made possible the implementation of Electronic Health Records (EHR) across health care
organizations. This evolution promotes patient-centered health care provision, by allowing different services to share
clinical information [5].
Clinical information sharing is not seamless due to various technical difficulties, being information interoperability
one of the major technical challenges. Interoperability problems go beyond the interoperability of hospital information
systems because, as a consequence of the epidemiological transition towards non-communicable diseases, the remote
care provision of chronic patients in their homes assumes a paramount importance. In this context, concepts such as
“connected health” or “holistic health” [6, 7] promote patient-oriented and holistic solutions to manage mutual
awareness and shared objectives among care receivers and formal and informal caregivers [8]. These solutions require
an effective cooperation not only among health care and social care formal caregivers but also among formal and
informal caregivers, which is complex due to the lack of unified models, concepts and terminologies.
To ensure reusability of information models and consistent definition of content and validation rules, there are
different suitable models, such as CDA, Continuity of Care Record (CCR) or Continuity of Care Document (CCD).
CDA intends to specify both the structure and semantics of the patient’s data as a clinical document for exchange using
HL7 v2 or v3 messages. In turn, CCR allows the capture of the patient health summary (e.g. problems, medications,
allergies or care plans) together with current health status, and it is intended to improve continuity of patient care, by
reducing medical errors and assuring a minimum health information transportability when a patient is referred or
transferred [9]. Finally, CCD was developed by HL7 to combine the benefits of CCR and CDA [5].
Europe has also developed multiple health care standards, such as: Health informatics - Electronic Health Record
Communication (EN 13606) [10], which defines an information architecture for communicating part or all EHR with
other systems; Health Informatics - System of Concepts to Support Continuity of Care (EN 13940-1) to provide a
standard terminology for planning, delivering and following-up the activities that form the continuity of care processes
[11]; Health Informatics Service Architecture (HISA) [12], a standard based on service-oriented architecture (SOA)
to provide guidance on the development of modular open information systems; and openEHR [13], an EHR
specification and implementation based on the archetype concept.
During the last years, FHIR has been subject of an increasing interest because it is based on web technologies and
presents a focus on ease of implementation. These characteristics make development of models for clinical application
easier for developers compared to more specialized and comprehensive models such as RIM or openEHR [1]. In
addition, FHIR helps to bridge the gap to standard-based legacy systems by its ability to map to other HL7 standards,
526 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531
Author name / Procedia Computer Science 00 (2019) 000–000 3

such as the CDA and, as it is built to be supported by REST architectures and Hypertext Transfer Protocol (HTTP), it
is especially suitable for mobile applications [1]. Moreover, FHIR is an optimal standard for intermediate
communication in terms of the complete communication chain from the personal health device up to complex ehealth
infrastructures like hospital information systems or EHR systems [14]. Both are putting intense efforts in the
integration of FHIR in their specifications for data exchange between personal health devices and health information
systems.
The basic building block of a FHIR document is a resource. Resources have a wide range of uses, from clinical
content, such as care plans or diagnostics. Not fully compatible resources can be adapted to the desired context using
FHIR extensions, which grants the ability to readjust the existent structure to one that fits specific requirements [1]. In
turn, FHIR documents are built from a set of resources that, either by themselves or combined, satisfy the majority of
common use cases.
If interoperability standards allow the transfer and share of clinical information, it should also be kept in mind the
need to consider authentication, authorization, logging and auditing mechanisms to ensure privacy, integrity and
confidentiality of personal information. In this aspect, control mechanisms such as Attribute-based Access Control
(ABAC) or Role-based Access Control (RBAC), and technologies such as blockchain [15] or eXtensible Access
Control Markup Language (XACML) [16] have been applied to avoid unauthorized accesses of EHR [17, 18].
Therefore, the present study aimed to evaluate the performance of the information transfer mechanisms that were
implemented for the SOCIAL platform, which has an FHIR gateway with suitable security mechanism to provide
interoperable care receiver’s information.

3. Proposed Solution

Different types of services are required for the care networks of community-dwelling older adults, from complex
health care or social care services to simple specialized assistance services such as, for example, housekeeping. For
that, several interacting organizational structures may co-exist, including formal care networks (e.g. health or social
organizations and caregivers), regulated by collaboration contracts or agreements, a wide range of public and private
services and assistant providers (e.g. transport services, namely personal transportation and delivery of goods at home,
or assistance providers addressing less tangible values such as participation, including social, religious, civic and
political participation of older adults), informal care providers resulting from a diversity of community-oriented
structures (e.g. relatives, friends, voluntary groups or non-governmental organizations), and authorities and supporters
dealing with socio-economical and legal context of care provision, including legislative and public welfare
organizations, financial bodies or supporting organizations.
For the development of the SOCIAL platform the following functional requirements were considered [4, 19]:

• Support of the caregiving cycle of community-dwelling older adults, from maintaining healthy lifestyles to
institutionalization.
• Integration, when required, of health and social care information records.
• Empowerment of assisted persons and their informal caregivers by providing them the information they need.
• Access by formal care providers to relevant care receiver’s information.
• Information sharing and exchange between multidisciplinary teams.
• Improved communication between care organizations and local authorities.
• Comprehensive repository of health and social care information to allow analytical processing in order to obtain
evidence on the effectiveness of actions and policies being developed and the respective impact in terms of
quality of life of the citizens.

Additionally, a range of non-functional requirement was considered. This include ethical and regulatory, quality,
interoperability, conformance and use or deployment requirements. Following the applicable regulations (e.g. EU
Directive 2016/679 on the protection of individuals that entered into force in May 2018) regarding the processing of
personal data and the movement of such data, several principles were considered to guarantee the privacy of the
individuals, namely openness, transparency, inviolability of the information being managed, and individual
participation. User experience, availability, accessibility, integrity, performance, reliability, security, and regulatory
 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531 527
4 Author name / Procedia Computer Science 00 (2019) 000–000

compliance were considered in terms of quality related requirements. In particular, it was considered the need of
customized and personalized user interfaces with consistent look-and-feel interaction and navigation across all the
applications. Moreover, the integration of information from public and private institutions with different professional,
organizational and jurisdictional nature requires reliable interoperability mechanisms, which means that both the
technologies being used, and the understanding of the collected information, processes, activities and policies must be
in compliance with internationally available standards. Finally, since a primary goal of the SOCIAL platform is to be
technically feasible and economically viable, it was considered characteristics such as extensibility, reusability,
configurability, flexibility, and maintainability.
Without common and shared software architectural standards, data formats, storage systems, modules and
information resources, development and integration is difficult. Not integrated software components often promote
replicated data in diverse data formats and storage systems. Also, different systems, although with similar
architectures, might be supported in own software modules with proprietary data formats. Moreover, although
standards might be used to guarantee interoperability between different data formats the complexity of the integration
made development slow and expensive, which difficult the implementation of the desired functions. To overcome
these difficulties the development of the SOCIAL platform was based on a SOA approach, which presents several
advantages, since it can optimize flexibility and interoperability of the components over the longer term. Furthermore,
the use of an n-tier SOA allows the separation of business rules from the applications and the technologies that interpret
them, which maximizes flexibility and minimizes the cost of accommodating changes in business rules, and, therefore,
allows the development of specific applications without significant development effort.
The generic system architecture of the SOCIAL platform was divided into three layers. The application layer
comprises a set of applications to fulfil the needs of the SOCIAL platform stakeholders, including web and mobile
applications that are responsible for the information exchange between the platform and its users. The business layer
is responsible for all logic related to the interactions between the different applications and the data persisted in the
SOCIAL platform. The data layer ensures the persistence of all information used in the remaining layers and it is
divided into a set of databases, each housing specific data about a given goal.

Figure 1. Services of the business layer.

In order to be possible the development of different applications, the business layer exposes a set of services that
allow communication with the applications, namely a FHIR gateway (i.e. validation, storage, reconstitution and search
of information directly related to the care receivers) that interacts with authentication, authorization, logging and
auditing mechanisms (Fig. 1).
528 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531
Author name / Procedia Computer Science 00 (2019) 000–000 5

Different technologies (e.g. Java, Maven, REST, Spring Boot, Spring Data or MongoDB) were used to develop the
FHIR gateway, which provide a service for sending and receiving assisted persons’ information. The FHIR gateway
supports the Create, Read, Delete and Update (CRUD) data operations. Besides these operations, an advanced search
is also allowed, with specific search parameters associated to each resource, in order to reduce search area and obtain
more specific information.
In each request a valid JSON Web Token (JWT) that follows the standard RFC 7519 [20] is required (Fig. 2). Every
time that a request arrives, the JWT is validated in order to be possible the access to the requested information [21].
The previous procedure is one of the security measures in order to confine the data to undue requests. Moreover, the
requests are all submitted to the authorization service so the information can be retrieved according to permissions
associated to a specific role. Once again, the JWT is used to get the role and other information that is sent to
authorization service that applies the access control rules and decides if the information can or cannot be achieved.
According to the response of this service, the FHIR gateway is responsible for sending, as response to the initial
request, the requested information that can be accessed. Considering a Read request, some fields can be omitted
according to user’s permissions. The other operations (i.e. Create, Update or Delete) can be permitted or denied.
The authentication component is supported by the REST architecture and allows the registration of specific users
in the SOCIAL platform, the assignment of the respective roles and the verification of their identities. If a user's
authentication is successfully validated, the service returns a JWT. The JWT enables the secure exchange of
information between parties and has the required attributes for the verification of the user's identity so that they can be
authorized to access specific applications or information (Fig. 2). In particular, one of the available JWT attributes is
the role that identifies the profile with which the user is currently operating. The role acts as a permission aggregator
that is managed by the authorization component. A JWT should be present in all the communications between the
various components of the SOCIAL platform, so each one of these components holds an encrypted private key to
verify veracity and validity of the JWT they received.
The FHIR resources may have security labels for three different purposes: to indicate the permissions related to
information operations, such as Create or Read, to indicate what resources can be returned, and to indicate how specific
information should be dealt with. Requests can also add their own security labels (e.g. break-the-glass protocol to
allow a physician dealing with an emergency to access information of patient even when has not access permissions).
The security labels can have different categorizations, such as confidentiality, sensitivity, compartment, integrity or
handling. Integrating ABAC mechanisms with this standard is possible, since the FHIR resources are also defined by
their attributes.
The main purpose of the authorization service is to provide general mechanisms to control the access to the SOCIAL
platform, which is an environment composed by a significant number of dispersed resources that can be accessed by
a broad range of users that are distributed, both in geographical terms and in the administrative terms. The requirements
initially established stated that authorization should be robust to ensure privacy, integrity and confidentiality of the
information, allow the access to remote information in a friendly and transparent way, be easy to maintain and present
a strong granularity in terms of the definition of different authorization levels.
The XACML [16] is a standard that allows handling requests, regarding data access, using an ABAC policy
language. These requests related to the access of specific resources are analyzed through a set of rules, so that a decision
can be achieved. By using XACML, pre-established rules can be divided into different categories. The decision for
the access request is obtained after comparing all the values of the attributes of the respective categories, between the
request and the previously defined rules. Depending on how a specific decision rule was defined, a request result could
be a denial or a permit (Fig. 2). Furthermore, policies and their respective rules can have different levels of detail,
according to the different number of attributes needed before reaching a decision. This feature makes this standard a
perfect fit for systems that handle great quantities of information, with different types of data.
Finally, the logging and auditing component, as the remainder components, is based on a REST architecture,
allowing the communication of the different services and applications of the SOCIAL platform via HTTP (Fig. 2). A
cryptographic secure blockchain was adopted, which stores the events and the blocks (of the blockchain) in a special
purpose database. Moreover, audit processes will access the stored events and blocks to determine the relevant data.
For that three separate processes were considered: log insertion, log consensus and log audit.
Log audit is done by direct observation of the event stream stored in the database. Existing tools such as Kibana
can be used and the integrity of the data observed can be assured. The integrity of the chain can be verified anytime to
 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531 529
6 Author name / Procedia Computer Science 00 (2019) 000–000

check for any inconsistencies. Since every block of the chain has a clear identification, with fingerprints of the log
data, as well as time stamps of the first and last event during that time period, the hash of all the events occurred
between two checkpoints can be recalculated to check if it matches the one stored in the block. The next and previous
hash fields on every block can also be used to verify if the block itself has not been tampered.

Figure 2. Required flow to access information from the FHIR gateway.

4. Results

The first application scenario to be considered within the deployment of the SOCIAL is related to the social support
provided by local authorities to community-dwelling older adults. In fact, the assistance and social care services
provided by local authorities assume a paramount importance, since they are one of the resources for the first contact
with the population and are involved in organizing and planning activities or providing financial support and direct
assistance when needed [22, 23].
The two city councils that have been cooperating in the study reported by this article have in common program
offices, which intend to offer programs and activities. Programs are initiatives composed by different types of
activities, such as physical activity (e.g. swimming or trekking) or sociocultural activities (e.g. theatre or dance),
aiming to promote the quality of life of older adults living independently.
In a simple way, the following actors and respective uses cases were considered for the program offices [24]: i)
assisted persons and their informal caregivers (i.e. information access, applying, registration, withdrawal, or provision
530 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531
Author name / Procedia Computer Science 00 (2019) 000–000 7

of feedback about programs and activities); ii) operational assistants (i.e. provision of information of certain activities
to potential participants, enrolment and registration of participants, provision of feedback about the progress of
programs and activities, and access to plans and notifications); iii) technicians of the city council (i.e. creation,
allocation of human, material and economic resources, calculations of the costs, monitoring and submission of
programs and activities, and access to notifications); and iv) members of the city council (i.e. approval of programs
and activities, evaluation of ongoing programs and activities, and access to notifications).
As a consequence of the requirements’ analysis of the programs and activities scenario, three different applications
were considered: i) MySocial, a mobile and web application targeting assisted persons and their informal caregivers,
aiming to provide a comprehensive but configurable set of functions; ii) SocialOperationManagement, a web
application targeting care providers; and iii) SocialPlanning, a web application focused on the secondary use of
information.
These applications manage different types of information, such as, for example, demographic information (e.g.
name, date of birth, gender, marital status, profession, schooling, household, nationality, identification document,
address, telephone or email), personal factors (e.g. physical conditions, lifestyles, habits, facing problems skills, social
background, or past and present life events), or data that characterize specific programs, activities, situations or events.
To validate the proposed solution a test scenario was created consisting of a random number of users (between 100
and 200 users) that for 60 minutes randomly accessed three concurrent applications (i.e. MySocial,
SocialOperationManagement and SocialPlanning). This test scenario was created to answer the following questions:

• For each user profile, what is the average delay time between a platform access with a token and the reception of
the indication of all the operations that the specific profile can perform?
• What is the average delay time between a request to access a specific packet of information stored in the FHIR
gateway and the complete reception of all the information by the requesting application?

Table 1 present the average delay time obtained for each profile when performing a platform access with a token
(i.e. to execute the flow from ‘platform access with token’ until ‘show authorized menus’ tabs’ as presented in Fig. 2).
As it can be seen the average time varied from 111.2 ms (i.e. assisted persons) to 120.4 ms (i.e. members of the city
council), due to the different number and type of operations that each profile can perform.
In turn, in what concerns the second question, the delay time for accessing a 368 kb packet containing a list of
available programs (i.e. the flow from ‘CRUD operation’ until ‘show results’ as presented in Fig. 2) varied from 257.2
ms and 600.7 ms and assumed an average value of 458.9 ms.
The results show that even with large quantities of events in short periods of time, the SOCIAL platform can
successful manage the access of the different user-application pairs. Therefore, the proposed solution is efficient in
terms of information accessing, which means that it can support an application ecosystem.

Table 1. Average delay time obtained for each profile.

Profile Average time (ms)

Assisted persons 111.2
Informal caregiver 112.9
Operational assistants 113.9
Technicians of the city council 114.3
Members of the city council 120.4

5. Conclusion

The authors developed a platform of services, the SOCIAL platform, which provides repositories of assisted
persons’ information compatible with FHIR specifications.
Although FHIR is a specification for communication and interoperability, the use of the respective resources
presents several advantages, namely compliance with established international standards, and information modelling
using entities that are already mature and prepared to guarantee interoperability between applications. Moreover, the
 Marco Rosa et al. / Procedia Computer Science 164 (2019) 524–531 531
8 Author name / Procedia Computer Science 00 (2019) 000–000

FHIR specification provides a simplified abstraction of information records with normalized elements that the
applications developers can understand.
However, the real use of FHIR also means the need to guarantee privacy, integrity and confidentiality of the assisted
persons’ information. In this respect, the present study shows that it is possible to integrate FHIR implementations
with complex authentication, authorization, logging and auditing mechanisms and, simultaneously, to guarantee
efficiency in terms of information access by the different user-application pairs.

Acknowledgments

This work was partially supported by COMPETE - Programa Operacional Competitividade e Internacionalização
(COMPETE 2020), Sistema de Incentivos à Investigação e Desenvolvimento Tecnológico (SI I&DT), under the
project Social Cooperation for Integrated Assisted Living (SOCIAL).

References

1. Gøeg, Kirstine Rosenbeck, et al. (2018) "A future-proof architecture for telemedicine using loose-coupled modules and HL7 FHIR." Computer
methods and programs in biomedicine 160: 95-101.
2. HL7. (2012). “Introducing HL7 FHIR.” [Online]. Available: http://www.hl7.org/implement/standards/fhir/summary.html (visited on
2019/04/24).
3. Yamaguti, Verena Hokino, et al. (2018) "Estudo e Projeto de um Servidor de Terminologia HL7 FHIR." Journal of Health Informatics 10.1.
4. Sousa, Manuel, et al. (2018) "SOCIAL platform." In World Conference on Information Systems and Technologies. Springer, Cham.
5. Saripalle, Rishi Kanth. (2019) "Fast Health Interoperability Resources (FHIR): Current Status in the Healthcare System." International Journal
of E-Health and Medical Communications 10(1): 76-93.
6. Kvedar, Joseph, Molly Joel Coye, and Wendy Everett. (2014) "Connected health: a review of technologies and strategies to improve patient
care with telemedicine and telehealth." Health Affairs 33(2): 194-199.
7. Mori, Angelo Rossi, et al. (2013) "Holistic health: predicting our data future (from inter-operability among systems to co-operability among
people)." International journal of medical informatics 82(4): e14-e28.
8. Santana, Silvina, et al. (2007) “The Domiciliary Support Service in Portugal and the change of paradigm in care provision.” International
Journal of Integrated Care 7(1).
9. Ferranti, Jeffrey M., et al. (2006) "The clinical document architecture and the continuity of care record: a critical analysis." Journal of the
American Medical Informatics Association 13(3): 245-252.
10. ISO. (2018) “Health informatics - Electronic health record communication - Part 1: Reference model.” International Organization for
Standardization.
11. CEN TC251. (2015) “ISO 13940:2015 Health Informatics - System of Concepts to Support Continuity of Care.” European Committee for
Standardization.
12. ISO (2009) “ISO 12967-1:2009 Health informatics -- Service architecture -- Part 1: Enterprise viewpoint.” International Organization for
Standardization.
13. Beale, T. et al. (2007). “OpenEHR. Archetype Definitions and Principles”. openEHR Foundation.
14. Rocha, Nelson Pacheco, et al. (2019) "The Social Platform: Profiling FHIR to Support Community-Dwelling Older Adults." Journal of
medical systems 43(4): 86.
15. Aniello, Leonardo, et al. (2017) "A prototype evaluation of a tamper-resistant high performance blockchain-based transaction log for a
distributed database." In 13th European Dependable Computing Conference (EDCC). IEEE.
16. OASIS. (2013) “XACML.” [Online]. Available: http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html (visited on
2019/04/24).
17. Magyar, Gábor. (2017) "Blockchain: Solving the privacy and research availability tradeoff for EHR data: A new disruptive technology in
health data management." In 2017 IEEE 30th Neumann Colloquium (NC). IEEE.
18. Zhang, Peng, et al. (2018) "Fhirchain: applying blockchain to securely and scalably share clinical data." Computational and structural
biotechnology journal 16: 267-278.
19. Sousa, Manuel, et al. (2018) "A Platform to Support the Care and Assistance of Community-Dwelling Older Adults." Procedia computer
science 138: 197-202.
20. Internet Engineering Task Force (IETF). (2015) “JSON-based open standard (RFC 7519).” IETF Request for Comments: 7519.
21. Rosa, Marco, et al. (2019) "Logging Integrity with Blockchain Structures." In World Conference on Information Systems and Technologies.
Springer, Cham.
22. Segurança Social. (2016) “Segurança Social: Redes Locais de Intervenção Social (RLIS).” Segurança Social, Lisbon.
23. Waverijn, Geeke, Peter P. Groenewegen, and Mirjam de Klerk. (2017) "Social capital, collective efficacy and the provision of social support
services and amenities by municipalities in the Netherlands." Health & social care in the community 25(2): 414-423.
24. Martins, Ana Isabel, et al. (2019) "Applications to Help Local Authorities to Support Community-Dwelling Older Adults." In International
Conference on Information Technology & Systems. Springer, Cham.