Electronic Health Record in Bolivia and ICT: A Perspective for Latin America

— The emergence of new technologies in society through its application to many areas and very diverse realities is a clear element in the time in which we live. The health sector has been unable to escape this reality and has been renovated many of its traditional structures with new options brought by the application of information technology and communication (ICT) in areas such as management and hospital administration. This paper focuses on analyzing from the point of view of medical diagnosis the importance of electronic medical records as a unifying element of the information essential for this type of diagnosis, and the use of artificial intelligence techniques in this field. To this end the current situation of electronic medical records is analyzed in a country like Bolivia exhaustively analyzing three of the most important health centers. Is used for this unstructured interview experts on the subject reflect the current status of electronic medical records from the point of view of protection of the right to privacy of individuals and will serve as a model for development, not only in Bolivia but also in other Latin American countries.

u sually, when we combine the concepts of computer science and medicine, identification leads us to think about the use of information and computer systems for hospital management and patient management, as well as of the possibilities offered by telemedicine. These elements, while remaining important, are not really more than instrumental realities constantly evolving to meet the needs of healthcare centers and patients. Today, we must find the value of what some have described as Biomedical Informatics not in this kind of realities, but in the new fields created by Information Technologies, such as information management and data protection, and through them the possibility to assist the medical professional in conducting diagnostic assessments and decision-making, primarily through artificial intelligence techniques.
Information thus becomes the central element of medical practice. Each case must be individually analyzed, taking into account the different parameters that can influence each patient and only in that way can we achieve a minimally correct diagnosis. What we must do is systematize all that information and allow access to the various agents of the healthcare chain in order to obtain a complete medical history of the patient and to make decision-making as effective as possible.
All this information should be collected in an instrument that goes beyond mere medical history on paper, and should take advantage of all the benefits of the digital format. This brings us to the Electronic Health Record (hereinafter EHR), which means incorporating Information and Communication Technologies (ICTs) in the core of the healthcare activity, and results in the medical record ceasing to be a record of the information generated in the relationship between a patient and a medical professional or healthcare center, to become part of an integrated healthcare information system.
The analysis performed in EHRs is done from the point of view of protecting the fundamental right to privacy of individuals by establishing the measures that have been implemented in order to protect this right in the field of security. To do this we proceeded to use the unstructured interview to qualified personnel from different fields, which has come to reflect the current status of electronic health records. The various interviews with experts on the protection of personal data, information technology and communications (ICT) and bioethics, seek to gather their views, their consensus, their differences and predictions on the matter.

II. the electronIc health record
To reinforce the progressive development of these systems, the Institute of Medicine (IOM) published a new report focusing on nine core features that an EHR should have in order to improve patient safety, achieve effective service delivery, facilitate the management of chronic diseases and improve efficiency [1]. These features were determined as follows: • Health information management. An EHR should contain Health information management. An EHR should contain complete information about the patient's treatment history, any current diagnosis problems and their background, medications, allergies and any contacts with the healthcare provider. This includes clinical developments of patients' diagnoses in narrative text ̶ entered by physicians, nurses, technicians, or through structured templates.
• Results management. It refers to the representation of laboratory and other complementary test results, such as images, pathological anatomy tests and others. Quick access to information on additional tests by all clinicians involved in treating a patient saves time and money, avoids redundancy and improves coordination of healthcare.
• Medical order management. The entry of orders, whether laboratory test results or other ancillary services requested, or the entry of prescriptions through computerized entry systems, is the first link in the healthcare chain, where the EHR is no longer a passive system but plays an active role in the patient's health. The system should contain a knowledge base that allows for a more efficient management of information and one which interacts with professionals to collaborate with their decisions.
• Decision Support Systems. Initially, support systems were in direct relation to order handling systems, supporting diagnoses, treatment and care through the use of alerts or reminders about potential interactions or problems. Its usage has expanded and now it covers a wide variety of functions.
• Electronic communication and connectivity systems. In order to receive information from external auxiliary equipment and other systems, EHRs should allow communication via a standard messaging system as well as a common terminology.
• Patient support. Most EHRs provide output means for sending information to patients on health conditions, diagnostic tests or treatments. This information improves the doctor-patient relationship as well as the education of the latter.
• Administrative processes. Depending on the level of care provided, an EHR may be closely linked to administrative processes through the electronic scheduling of visits, the electronic submission of benefits, a verification of eligibility, the sending of automated messages of prescription renewal, the automatic registration of patients for research and artificial intelligence purposes.
• Reporting and public healthcare systems. New EHRs allow for automatic reporting to national databases. Other systems may allow for the enrollment of patients in clinical trials, providing the patient with information on how to follow a protocol.
• Issuing of medical reports, medical discharge and consultation reports. In addition to providing support for the management of medical orders and results, it should allow for multiple ways to display information and add data to various medical reports [2].
But in order to accomplish all these features an HER must comply with certain basic requirements, such as being complete, accessible, flexible, confidential and interoperable. In our view such an interoperability becomes a key factor in an EHR, as it must serve as a reliable tool for the exchange and use of the information entered, and able to assist the medical professional in the field of diagnosis. The EHR should not be understood therefore as an isolated entity. It requires information from other systems -in or outside the organization-so it needs to be developed taking into account the possibility of electronic data interchange. There are different levels of interoperability and ideally it is achieved through the use of standards [3].
From the point of view of health informatics, the Institute of Medicine of the National Academies (IOM) defines interoperability as "the ability of systems to work together, in general through the adoption of standards. Interoperability refers not only to the ability to exchange health information, but also to the need to understand the information that has been exchanged" [4].
One of the fundamental requirements for the implementation of e-Health systems is interoperability between systems, understood as the capacity of various systems or components to exchange information, understand such data and use them. Thus, information is shared and is accessible from any point of the health care network in which consultation is required and the consistency and quality of data across the system are guaranteed, with the consequent benefit for patient safety and the continuity of care. The centerpiece in the interoperability of systems is the use of «standards» that define the methods to carry out such information exchanges.
For the development of interoperability it is essential to consider the use of technology standards. In the development and implementation of EHRs there are many standards that can be used, among which we could cite those oriented to the exchange of data and electronic messaging, those oriented towards terminology, documents, the conceptual ones, and finally those that are architecture-oriented [5].
In general, an EHR system is a complex structure. EHR systems or services incorporate many elements of information, and today there are five main approaches that are competing to become the dominant platform for interoperability of an EHR: • OSI (Open Systems Interconnection).
• openEHR and the generic approach XML / Ontology.
Along with these requirements it may be necessary to overcome a critical obstacle in the idiosyncrasies of the medical community. Traditionally, physicians have considered ICTs unimportant both from a scientific and clinical point of view. Computerization programmes of medical records should take the peculiarities of clinical practice into account and facilitate the work of healthcare professionals without introducing new activities that are not essential; they should facilitate work, not complicate it; for example, a common mistake is to guide IT solutions towards data mining solutions aimed at managers rather than considering it a common instrument of clinical practice. Sometimes major projects with a large budget have failed due to not taking these issues into account [6].
On the basis of these considerations we can say that the process of decision making in the medical field is being closely scrutinized and solutions are emerging through the analysis and massive processing of data, or big data, and the application of artificial intelligence techniques of the Watson or IBM type. We are talking about an alternative utility to support decision making, which, when combined with proactive monitoring of the environment, ensures a better understanding of the problem context, which will increase the quality of decisions [7], in our case medical diagnoses. IBM's Watson cognitive system is more than mere big data. Its databases incorporate worldwide scientific literature, handbooks and physicians' desk references, and particular cases of patients included in their databases. These are cases where, if treatments have worked, they could serve as a precedent for similar instances, just as jurisprudence is applied in the judicial process; the system could provide oncologists with the assistance they need to make more informed decisions. The system understands the natural language used in the medical history and physicians' annotations. It will record all the variables included in the reports, and also has the ability to learn, and physicians may incorporate new variables.
From there, when an oncologist queries Watson for the most appropriate treatment, the system will offer several options recommended and others less recommended, so that the doctor will have the last word. Beside each treatment option, professionals can see why the system recommends such treatment 1 .
In this connection, we could go a step further and record the knowledge and emotions that arise in the communication between patient and physician.

III. applIcatIon to the BolIvIan case
Let us now analyze the situation of certain healthcare centers in Bolivia from the viewpoint of the implementation of EHR systems. We will focus on the most advanced companies in this field, such as the Health Insurance Fund of the Private Banking (Caja de Salud de la Banca Privada, C.S.B.P), the Military Social Insurance Corporation (Corporación de Salud Militar), and Arco Iris Hospital.
It should be noted that a general deficiency that occurs in Bolivia is the difficulty of access to information since it is not available from official websites and some institutions in the public or private sector do not have annual institutional memories to access information. In order to know the state-of-the-art of managing and archiving Medical Records on paper, the projects integrating Electronic Health Records and the implementation of Information and Communication Technologies in the medical field, we proceeded to perform the open unstructured interviews cited above. In addition to the experts interviewed in the above-mentioned health centers and in order to provide a much more accurate picture of the situation, among the current ICT government actors we conducted interviews with the Agency for the Development of the Information Society in Bolivia (Agencia para el Desarrollo de la Sociedad de la Información en Bolivia, ADSIB) in order to collect information on the certificate and digital signature service as well as the activities being carried out for the implementation of the Electronic Government, the National Telecommunications Company (Empresa The most interesting issues arising from these interviews on the matter at hand are reflected in the following lines. It is worth mentioning that not all of them have been included here due to lack of space, but the total number of participants who provided information has nevertheless been incorporated and these are shown in the table below, along with the issue dealt with and the dates thereof, in order to get an overview of the healthcare industry in Bolivia, in general, and in the city of La Paz, in particular.

A. Caja de Salud de la Banca Privada (CSBP)
With over 16 years of experience −since 1988−, and presence throughout Bolivia −except for the Department of Pando− , it is widely acknowledged as the best company in providing medical and welfare assistance in the country, intelligently developing products and services that allow us to view the future with optimism, and with good growth projections in the region, managing to maintain their privileged position as the institution with the highest level of excellence in the provision of medical services in Bolivia.
It maintains a national central bureau located in the city of La Paz, with the main functions of planning, regulating, assessing, operating and monitoring policies, strategies, plans and healthcare programs, which are then to be implemented and managed from Regional offices.
The CSBP has computerized medical records of eight regional departments in Bolivia, except for the department of Pando.
Electronic health records in the CSBP are implemented vertically, that is, from top to bottom, and training plans are made. Physicians are trained first, but they are the professionals that spend less time training for their job. At the beginning there are complaints by the patient because the doctor is more concerned with filling the medical record than listening to the patient, so very often there is also a computer professional next to the doctor to solve questions of the physician about software management. Subsequently nurses and administrative staff are trained.
The implementation of electronic health records has been positive for the CSBP, it forces the physician to fill all the boxes that require information before closing the medical record. In the medical history on paper we often see problems such as being unsigned, unstamped, badly presented, the physician's handwriting is not understood, among others.
With electronic health records we have all the information of the insured population -i.e. Name, National Identity card, Organization, Rights enforcement at national level, and medical history of the patient.
The cost of Software 9000 was US $ 150,000; it was acquired in 2002 from a Peruvian development company specialized in the healthcare area. From 2002 to 2004 we worked remotely with the Peruvian company; basically we had an outsourcing contract in place, which eventually proved costly for the CSBP due to its training, maintenance, new product development, implementation, and validation costs of approximately US $ 40,000 per year.
In 2005, the CSBP management assumed the development of a functional prototype, based on the experience of Software 9000 acquired from the Peruvian company. This new prototype is tailored to the particular needs of the CSBP; to this effect, Alfa testing was performed in order to validate the information, and finally Beta testing was conducted and the product was fully operational and running smoothly with all the information of the insured [8].

B. Arco Iris Hospital (HAI)
The first plans to build a clinic were born in 1997 at Arco Iris There are access profiles available for the use of SICE. The procedure for obtaining a medical history consists of retrieving a record from the system, printing it, and handling it over to the Archiving unit which seeks for the patient's medical record on paper and takes it to the Nursing Unit, who provide the different doctors' offices with the medical records. The process of recording entries and exits in the medical history is manual.

C. Military Social Insurance Corporation (COSSMIL)
This organization has had bad experiences with the implementation of health information systems; in fact, in 2004 a Bolivian company developed the Hospital Management System (SIGEH), including software, equipment, and structured cabling; the system included twenty one modules, but it encountered problems, therefore the staff of Since 2014 they have developed the Integrated Information System Control and Monitoring Hospital System (SISHAP), Sistema de Información Integrado de Control y Seguimiento Hospitalario; it currently has twelve modules, including the Outpatient module, which allows physicians access to the various electronic health records; physicians access their profile through user name and password; a menu option allows them to filter some diseases such as HIV-AIDS; for safety reasons the physician cannot change the information in the electronic health record until the scheduled appointment time has completed; if any changes are needed, these should be included in the comments field. The SISHAP has also been implemented in the cities of Sucre and Puerto Suarez.
With regard to information security, they have a CIO; a weakness is observed in regional healthcare centers, as some non-commissioned officers seen in the office are not computer professionals; there is also great staff mobility; they have redundant servers; backups are performed on a weekly basis; they use proprietary software, they pay for software licenses and antiviruses; the development of SISHAP modules is done in the form of consultancy per product; training in the use of SISHAP modules is performed by the IT Department and is provided both generally and specifically to doctors.
As a result of the interviews conducted little coordination is perceived among the IT Department, the Unit of Clinical Archiving, the Medical Audit and other COSSMIL units for the development of SISHAP modules, particularly with regard to electronic health records. The Clinical Archiving and Medical Audit units consider that for the moment the SISHAP does not preserve the confidentiality, privacy and security of health records on paper; they expect a change in the Technical Standard for the management of Medical History to recognize the probative value of electronic health records and electronic signatures.

Iv. conclusIons
In this study, we proceeded to evaluate the state of the art of electronic health records within the healthcare facilities of the National Health System in Bolivia and, in particular, in the city of La Paz. To that end, twenty unstructured interviews were conducted with key informants from the public sector, i.e. officials from the Ministry of Health (MoH), the National Health Information System (SNIS); the social security subsector, i.e. the Health Fund of Private Banking (CSBP), and the Military Social Insurance Corporation (COSSMIL); as well as with informants from the private non-profit subsector, i.e. Arco Iris Hospital. Since it is beyond our scope at this stage to propose solutions for the problems identified, we only aim at highlighting them, drawing attention to them, and finding new ways to develop and better manage electronic health records through the use of ICTs.
The Health Fund of Private Banking, Caja de Salud de la Banca Privada (CSBP) has been serving its insured patient population for 17 years. Since 2005, the CSBP professionals have developed their own Medical Software and Medical Management System (SAMI), which is currently being applied and used by outpatient services in the Policlinic, and also for Hospitalization nationwide. The SAMI has a configurable system of users and passwords with different access levels for each CSBP professional -i.e. physician, nurse, office clerk, pharmacy, laboratory, etc.-, so confidentiality, privacy and information security are ensured for each single patient; patient data cannot be modified or disclosed to any third parties whatsoever. This medical system easily integrates the areas of medical agendas and electronic health records.
An Electronic Health Record, i.e. Historia Clínica Electrónica, of the SAMI contains all of a patient's medical history organized in chronological order, with the date and time of care given, and it allows to sort data according to Insurance Scheme and Healthcare Programme; it can issue laboratory requests, auxiliary tests, medical prescriptions, referral orders, sick leaves, prenatal certificates, among many other documents. It can also get medical reports, comprehensive evaluation reports from medical teams, comparative studies among a wide range of variables available at the SAMI, and it can monitor the quality of the information recorded. Furthermore, SAMI can perform a variety of statistical analyses, medical research tasks, it can detect common risk factors and prevalent diseases among the insured population, and issue all kinds of reports which can be used to develop plans of action for the promotion of health and prevention of disease from the perspective of a Healthcare system that is much more efficient as long as it prevents the occurrence of disease rather than having a healing and remedial approach.
With regard to information security, the CSBP has a National Medical Officer and a National Director of Software Telematics, as well as redundant servers −i.e. mirrors− that perform backup copies; regional agencies submit their daily reports to the National Office, which centralizes all the information; They have an Intranet, and doctors, nurses and administrative staff they all have access to the Internet (except for some specific social networks, such as Facebook, Twitter, etc.); they use proprietary software, they pay for their antivirus software license; they do not perform any computer audits; and the Security Plan is pending final approval.
The Arco Iris Hospital (HAI) is a non-profit, private hospital, founded fourteen years ago, which implemented the so-called openHAI system two years ago, containing electronic health records (EHRs) of hospitalization, intensive care unit (ICU), emergency and outpatient (since September 2015); this system is a proprietary development by the HAI that had the collaboration of an Italian consultant.
Among the advantages offered by the openHAI we find the auto recording capability when the doctor fills in an EHR; being able to access the EHR from any device with Internet access -i.e. smartphone, tablet, laptop or computer SmartTV; It also features a Radiological Imaging Storage System (RIS) and the PACS, two systems where resonances, CT scans, X-rays and other radiological images are stored, and the ease of printing of the EHR since it is configured to use a printer server.
Among the disadvantages we could mention the backing-up of information from the EHR, which includes sensitive data, on external servers to the HAI Data Center, such as any cloud-based service, notably if it is a free service where the actual location of the EHR data is unknown; thus, accessing EHR data from any device with Internet access can go against the confidentiality of patient data contained in the EHR, as these can be easily seen by any third party other than the treating physician or medical personnel of the HAI. Finally, another disadvantage is the printing of electronic health records, where the physician must place his or her name, signature and stamp, because digital signatures have not yet been implemented on the openHAI.