1.

Introduction

1.1 Overview

Hospital is a health care institution that provides patient treatment by specialized staffs and
equipment’s. As hospitals are a vital service for providing health care facilities, proper
management of file records and efficient synching of patient data are essential. In the current
scenario hospitals follows a procedure of storing and maintaining data’s manually. A hospital
staff today has to do huge amount of paper work from the time of a patient’s admission, his
treatment and medicines and its costs till his discharge. The procedure followed are not
efficient as it is not compact, indexing or searching patient’s details is cumbersome. Privacy
has become an increasingly significant apprehension in today’s rapidly changing economy
primarily for personal and sensitive user data. The levels of personal data violation are
increasing day by day however privacy-preserving frameworks are available. This paper
conducted an in-depth analysis of contemporary frameworks to identify the key mechanisms
to produce a sophisticated data privacy framework to reduce the rate of data breach
particularly for the Patient Record Management System (PRMS). There are several studies
available that stated healthcare data privacy, still, complete data protection solution with the
application of privacy by design towards patients’ health data by ensuring privacy in each
layer of the PRMS are quite limited, which is the focus of this study.

1.2 Motivation

This system motive for the people, who are Busy with their professional work. They can get
doctor suggestions through online and can share their problems with doctor. The self-
diagnosis features help the patient for taking medicine without consulting the doctor. It can
provide treatment up to some level that means rectifiable diseases without doctor suggestion
with some dosage of tablets. Other then this online patient treatment system is capable of
managing records and other reports. It refers to a number of efficient automated systems
designed for tracking patient information, diagnoses, prescriptions, interactions and
encounters within healthcare organizations like medical clinics or hospitals.
1.3 Problem Definition

In this busy world we don’t have the time to wait in infamously long hospital queues. The
problem is, queuing at hospital is often managed manually by administrative staff, then
take a token there and then wait for our turn then ask for the doctor and the most
frustrating thing - we went there by traveling a long distance and then we come to know
the doctor is on leave or the doctor can’t take appointments. HMS will help us overcome
all these problems because now patients can book their appointments at home, they can
check whether the doctor they want to meet is available or not. Doctors can also confirm
or decline appointments, this help both patient and the doctor because if the doctor
declines’ appointment then patient will know this in advance and patient will visit
hospital only when the doctor confirms’ the appointment this will save time and money of
the patient.

1.4 Research Challenges

PRM is essential for all healthcare establishments, be it hospitals, nursing homes, health
clinics, rehabilitation centres, dispensaries, or clinics. The main goal is to computerize all
the details regarding the patient and the hospital. The installation of this healthcare
software results in improvement in administrative functions and hence better patient care,
which is the prime focus of any healthcare unit. Research initiatives in the field of
healthcare data privacy with complete resolution towards the protection of personal and
sensitive data are rather scant, despite that, the section analysed some of the closely
related works to address the key aspects to design prolific privacy by design framework.
 2. Literature Survey

Bari and O’Neill [1] suggested that patients’ health records are collected by different
platforms such as social media, pregnancy and mental health apps, depression and smoking
cessation apps, wearable fitness trackers. All these platforms are joined to medical records
and can be shared with third parties for advertising and other purposes, often without any
consent from the individual using the applications. The range and volume of patient data that
are in digital form are rapidly growing.

[2]. The Health Insurance Portability and Accountability Act of 1996 is known as HIPAA
that outlines the legal use and disclosure of health information.

[3]. The European General Data Protection Regulation (GDPR) and the California Consumer
Privacy Act (CCPA) are two data protection laws that use a similar conceptual approach to
permit and prohibit the use of personal information and rights and obligations of access and
control.

[4]. HIPAA and GDPR contain similar patterns for patient and users consent for use or
disclosure and rules to be analysed to ensure that individuals are notified if any data breach
occurs.

[5]. This research recommended that modernizing HIPAA by comparing the models HIPAA
and GDPR. Moreover, their research extended and adapted the HIPAA framework and
suggested five areas to preserve the privacy of patients’ information by using new data-driven
tools to manage their healthcare. The areas are health data in scope, regulated entities,
permitted use of personal health data, security standards, breach notification requirements

[6]. The limits of HIPAA framework are almost a quarter century old. Public may not trust
the appearance of repeated scandals without clear guidelines. Therefore, the potentiality to
adopt HIPAA is challenging to ensure confidentiality for digital health data . Sahi et al.

[7] suggested that e-healthcare provides benefits to the patients’ and healthcare providers,
however, the services are not fully developed and has lacked widely implemented obligatory
facilities such as confidentiality, integrity, privacy and user trust. The quality of healthcare
services and patient trust are the primary features of any healthcare operation. Trusts of the
patients are dependent on the issues of confidentiality, authenticity and data management.
Ensuring privacy is one of the biggest obstacles to achieving the success of the healthcare
solution in winning the trust of the patients

[8]. Privacy requirements are compounded by the fact that the healthcare data managing is
extremely personal and private in nature, consequently, the misconduct either intentionally or
by mistake can seriously affect the

[9] Patient as well as the organizational prospects. Privacy concerns are identified in this
research that focuses on certain failure parts of the healthcare organization to address all the
aspects of privacy. Their research gradually alters the e-healthcare enterprise controls from an
organizational level to the level of patients while doing the implementation. In this way,
patients have more control over decision making to protect their healthcare information.
Their investigation requires more efforts to do this assessment for altering to patients’ level
control from the e-health enterprise control. Moreover, their existing research is divided
based on techniques used such as anonymization/pseudonymization and access control for the
privacy of stored data that supports the privacy requirements (accountability, integrity,
identity management)

[10]. Their research mainly reviews existing related studies to find out if their proposals have
any possibilities to the privacy requirements and concerns of the patients.

3.Software and hardware requirements

 Software requirement
 Operating System - Windows 7/8/10
 Front End - Android
 Android SDK

 Hardware Requirement
 Processor - Intel i5/i7
 RAM - 4GB(min)
 Hard Disk - 40 GB
 Key Board - Standard Windows Keyboard
 Android Mobile
4 System Design

4.1 System Architecture

Fig. System Architecture

4.2 Algorithm

Geofencing Algorithm

• Proximity-based marketing: When a user is near a store, they could receive special

offers, win back campaigns, rewards, reminders, or shopping tips. The user’s previous
purchase data could be used to send a message about relevant in-store items or a
possible sale on their favorite brand.

• Location-based services: When a user is near a service point and their car is up for
service, send a message to remind them of the upcoming service or provide an
incentive offer to come in.

• Asset tracking: When an asset that has a GPS enabled device attached to it is

entering/exiting a specific geofence.

• Track a child or pet: When a child or pet is exiting the home or safe place and enters
into an unfamiliar place, a device can send parents an alert message. Angel Sense and 
Tracker are existing wearable solution for kids and pets, respectively. These products
support the geofencing feature
 Fig. Geofencing Algorithm

4.3 UML Diagram

4.4 Implementation steps

4.5 Existing System And Need For system

It has been observed that to receive medical treatment in most of our hospitals, the patients
queue up for several hours from one unit of the hospital to another starting from obtaining a
new hospital folder, or retrieving an old one before consulting a doctor, to the laboratory unit
for lab test then to the pharmacy to get the prescribed drugs and so on. With the manual
processes involved in handling the patient most of them waste the whole day in the hospital.
This system helpful for the people, who are Busy with their professional work. They can get
doctor suggestions through online and can share their problems with doctor. The self-
diagnosis features help the patient for taking medicine without consulting the doctor. It can
provide treatment up to some level that means rectifiable diseases without doctor suggestion
with some dosage of tablets. Other then this online patient treatment system is capable of
managing records and other reports. It refers to a number of efficient automated systems
designed for tracking patient information, diagnoses, prescriptions, interactions and
encounters within healthcare organizations like medical clinics or hospitals. In the current
context, getting statistical information about the record of a patient need extra effort and only
helps the hospital management and is not useful to the patient out of the hospital or remote
areas. This system provides a solution to this problem by providing automatically generated
statistical information in many aspects and created the computerized hospital environment .

5 Analysis Module

5.1 Planning and Requirement Analysis

The waterfall model is a sequential design process, used in software development processes,
in which progress is seen as flowing steadily downwards (like a waterfall) through the phases
of conception, initiation, analysis, design, construction, testing, production/Implementation
and maintenance. Waterfall approach was first SDLC Model to be used widely in Software
Engineering to ensure success of the project. In the waterfall approach, the whole process of
software development is divided into separate phases. In Waterfall model, typically, the
outcome of one phase acts as the input for the next phase sequentially. Following is a
diagrammatic representation of different phases of waterfall model.

1. Requirement Gathering and analysis: All possible requirements of the system to be

developed are captured in this phase and documented in a requirement specification doc.

5.2. System Design: The requirement specifications from first phase are studied in this phase
and system design is prepared. System Design helps in specifying hardware and system
requirements and also helps in defining overall system architecture.
 Figure : Waterfall Model

5.2 Coding And Development

3. Implementation: With inputs from system design, the system is first developed in small
programs called units, which are integrated in the next phase. Each unit is developed and
tested for its functionality which is referred to as Unit Testing.

4. Integration and Testing: All the units developed in the implementation phase are
integrated into a system after testing of each unit. Post integration the entire system is tested
for any faults and failures.

5. Deployment of system: Once the functional and non-functional testing is done, the
product is deployed in the customer environment or released into the market.

6. Maintenance: There are some issues which come up in the client environment. To fix
those issues patches are released. Also to enhance the product some better versions are
released. Maintenance is done to deliver these changes in the customer environment.

All these phases are cascaded to each other in which progress is seen as flowing steadily
downwards (like a waterfall) through the phases. The next phase is started only after the
defined set of goals are achieved for previous phase and it is signed off, so the name
“Waterfall Model”. In this model phases do not overlap.

5.5 Unit Testing

Prerequisite – Types of Software Testing Unit Testing is a software testing technique by

means of which individual units of software i.e. group of computer program modules, usage
procedures, and operating procedures are tested to determine whether they are suitable for use
or not. It is a testing method using which every independent module is tested to determine if
there is an issue by the developer himself. It is correlated with the functional correctness of
the independent modules. Unit Testing is defined as a type of software testing where
individual components of a software are tested. Unit Testing of the software product is
carried out during the development of an application. An individual component may be either
an individual function or a procedure. Unit Testing is typically performed by the developer.
In SDLC or V Model, Unit testing is the first level of testing done before integration testing.
Unit testing is such a type of testing technique that is usually performed by developers.
Although due to the reluctance of developers to test, quality assurance engineers also do unit
testing.

Objective of Unit Testing:

To isolate a section of code.

To verify the correctness of the code.

To test every function and procedure.

To fix bugs early in the development cycle and to save costs.

To help the developers to understand the code base and enable them to make changes
quickly.

To help with code reuse.

5.5 Acceptance Testing

User Acceptance Testing (UAT) is a type of testing performed by the end user or the client
to verify/accept the software system before moving the software application to the production
environment. UAT is done in the final phase of testing after functional, integration and
system testing is done.

The main Purpose of UAT is to validate end to end business flow. It does not focus on
cosmetic errors, spelling mistakes or system testing. User Acceptance Testing is carried out
in a separate testing environment with production-like data setup. It is kind of black box
testing where two or more end-users will be involved.

UAT is performed by –

 Client
 End users

5.6 System Implementation Plan

Activity I II III IV V VI VII VIII IX

week week week week Wee week week week wee

k k

July July July Aug Sept Sept Sept Sept Sept

15 23 30 25 1 8 15 22 29

Initiate the project

Communication

Literature survey

Define scope

Develop SRS
 Plan the project

Design mathematical
model

Feasibility Analysis

Develop work
breakdown structure

Planning project
schedule

Design UML and

other diagrams

Design test plan

Design risk
management plan

Activity XI XII XIII XIV XV XV XV XVI XIX XX XXI XXII

I II II
week week week wee wee wee wee Wee week
k k We wee wee k k k
ek k k

Jan Ja Ja Ja Fe Fe Fe Feb Ma Ma Mar April

5 n n n b2 b9 b 23 r2 r9 16 25
15 19 26 16

Execute the
project

Build and test

basic functional
unit

Build and test

database with
login and session
maintenance
facility

Build and test

Bluetooth mode

Build and test

security features

6 Other Specifications

6.1 Advantages

Enabling quick access to patient records for more coordinated, efficient care. Securely
sharing electronic information with patients and other clinicians. study was to assess PRM
data types and functionalities through a review of the literature to inform the health care
informatics community, and to provide recommendations for PRM design, research, and
practice.

6.2 Applications and limitations

 Provide an online treatment platform

 Medical record

 Timely patient care

  List of specialized doctors

 Immediate information storage

 Automate the Updating process

 Preparation of accurate and prompt reports

 Makes it easy to check records.

Limitations

Cybersecurity Issues

While digital storage can be safer than carrying physical papers around, data breaches are
becoming much more widespread. Most certified PRM systems have security measures in
place, but the staff of a physician’s business must be trained in basic digital security to ensure
they do not leave their stations vulnerable to unauthorized access. Having your patient’s data
fall into the wrong hands is not acceptable.

Frequent Updating Required

Since other healthcare professionals partnered with you, such as personal trainers and
pharmacists, may be using the same electronic health record system as you, it is essential that
you keep patient records updated after every appointment or consultation.

7 Conclusion and future scope

Based on the findings, the following conclusions were reached. The implementation of a
patient record maintain android app for a hospital will be a big relief for medical doctors
when operational. The system can be a tremendous help to hospital management. It will also
serve as a tool for quick operational decision making of the patient, thus enabling them to
reach the solutions of their problem more quickly and more accurately than human being.
Thus the overall effect of the use of computer in medical system is that patients acquire
competence, accuracy, and effectiveness within the shortest time in their operations and can
break into new ground with certainty.

Future Scope

In our future endeavour, we intend to propose a PRMS by employing the proposed

framework where patients’ health data will be managed with maximum privacy assurance.
The privacy by design framework produced an analysis of the core mechanisms in this study,
which is immensely good, but some degrees of risk are still there until we design the system
to measure the potentiality of our framework. In this way we will have more chance and
confidence to shield patients’ information in the system, resulting in more consistent
outcomes tailored to ensure the privacy of patients’ health data. We will implement user
testing to evaluate the potentiality of the proposed system. We will explore and analyse the
privacy assurance of the users when interacting with the system . Moreover, we will
incorporate necessary policies and mechanisms to assure data privacy for the distributed
patient record management system and service delivery. This accumulation will provide
scalability and flexibility of the PRMS in distributed environments where different healthcare
organizations will collaborate for delivering perfect services by ensuring the privacy and
security of the patients’ sensitive data.

8 References
1] A. Pika, M. T. Wynn, S. Budiono, A. H. M. ter Hofstede, W. M. P. van der Aalst,
and H. A. Reijers, ‘‘Privacy-preserving process mining in healthcare,’’ Int. J. Environ.
Res. Public Health, vol. 17, no. 5, p. 1612, Mar. 2020, doi: 10.3390/ijerph17051612.
[2] K. Abouelmehdi, A. Beni-Hessane, and H. Khaloufi, ‘‘Big healthcare data:
Preserving security and privacy,’’ J. Big Data, vol. 5, no. 1, pp. 1–18, Dec. 2018.
[3] V. Diamantopoulou, N. Argyropoulos, C. Kalloniatis, and S. Gritzalis,
‘‘Supporting the design of privacy-aware business processes via privacy process
patterns,’’ in Proc. 11th Int. Conf. Res. Challenges Inf. Sci. (RCIS), May 2017, pp.
187–198.
[4] A. McLeod and D. Dolezel, ‘‘Cyber-analytics: Modeling factors associated with
healthcare data breaches,’’ Decis. Support Syst., vol. 108, pp. 57–68, Apr. 2018.
[5] R. Taplin, Managing Cyber Risk in the Financial Sector: Lessons From Asia,
Europe and the USA. Evanston, IL, USA: Routledge, 2016.
[6] F. H. Semantha, S. Azam, K. C. Yeo, and B. Shanmugam, ‘‘A systematic
literature review on privacy by design in the healthcare sector,’’ Electronics, vol. 9,
no. 3, p. 452, Mar. 2020.
[7] OAIC. Notifiable Data Breaches Report, Australian Government—Office of the
Australian Information Commissioner. Accessed: Jan. 25, 2021. [Online]. Available:
https://www.oaic.gov.au/privacy/notifiable-databreaches/notifiable-data-breaches-
statistics/notifiable-data-breachesreport-january-june-2020/
[8] A. H. Seh, M. Zarour, M. Alenezi, A. K. Sarkar, A. Agrawal, R. Kumar, and R.
A. Khan, ‘‘Healthcare data breaches: Insights and implications,’’ Healthcare, vol. 8,
no. 2, p. 133, May 2020, doi: 10.3390/ healthcare8020133.
[9] N. Whigham. Health Sector Tops the List as Australians Hit by 300 Data Breaches
Since February. News.com.au. Accessed: Nov. 20, 2020. [Online]. Available:
https://www.news.com.au/technology/online/ hacking/health-sector-tops-the-list-as-
australians-hit-by-300-databreaches-since-february/news-story/
5e95c47694418ad072bf34d872 e22124