Usage of Python and PWA to develop an application in context of Health Care management for patients.
A Computer Science Bachelor Thesis
Abstract
A Personal Health Record, can cover parts of a user’s life in a specific way, such as caloric and nutritional control device, or in a general way with more complete applications and with several features such as, medication control, exam results storage, medical appointments and even exercise monitoring.
To increase the users’ quality of life, it is necessary to develop a progressive web application that safely and reliably stores the user’s health information. This thesis project presents a theoretical study about using personal health record trends to manage health information generated by the user through mobile devices, and tests that can confirm the software reliability.
After performing unit tests directly on the application’s source code, it was concluded that the application meets security requirements for storing confidential information in a comprehensive manner so as not to expose the user in any way by improperly disclosing their data.
1. Introduction
Health has been one of the most important aspects of human life since the beginning of times and directly influences the habits and behavior of the individual. Nowadays, with more information and tools than we ever had before, it has never been more difficult to have the time to take care of this very significant area of life. In recent decades, in addition to all the advances achieved so far, technology has been incorporated into all areas of modern life.
The concept of technology and health is called Health Care Informatics, and consists of a type of information engineering focused on the health field, applying medical concepts for improvements in health care. The PhD Stephen C. Burrows, from the Health Informatics department at Sacred Heart University in England, defines Health Care Informatics as:
“Health Care Informatics is the study of methods for managing health information and resources. It is a multidisciplinary field that uses Health Information Technology (HIT) to improve health care through any combination of quality and greater efficiency. It deals with devices, resources and methods required to enhance the use of health and biomedicine information “. (BURROWS S .; 2018)
In this paper, we will discuss how technology in the health field can help patients and doctors to reduce problems of not having a robust enough database on the patient to give correct and assertive diagnoses, benefiting health professionals, who will have more material and information about the patient’s health status, and the patient himself, who will be in control over his health status and his information on a day-to-day basis.
The bibliographic research methodology was chosen as the language for this work, as it is not only technology, but medicine is a field of study that needs an applied theoretical and scientific basis.
Facing a highly competitive market, HealthTechs, startups focused on health care, also appear, seeking as a differential, quality and valuing the good user experience. In this context, the purpose of this academic research is to present in detail the concepts, definitions and tools necessary to understand terms such as: Health Care Informatics, Health Information Technology, mHealth, Data Analysis, Data Visualization and Progressive Web Application for the development of progressive web applications in order to collect data about the patient’s health from the point of view of himself, in order to facilitate the work of health professionals on the best way to provide efficient diagnoses.
1.1. Objective
Create a Progressive Web Application that unifies information about the patients’ health, bringing quality of life to the users, making him aware of their health habits daily.
1.2. Specific Objective
1Development of a Progressive Web Application, using Python and SQL languages including Django framework, in order to let the users in charge of information about their health status, making it easier for them to decide with whom to share their information. This application is aimed at men and women aged 16 and over, and can also be used for children with an adult assistance.
1.3. Justificatory
Addressing the issue of quality of life is of great relevance, because technology nowadays has the important role of adding intelligence, and delivering even more tools for professionals in the area to provide themselves with information and that results in quality service, and so that the patient seeks an incentive to worry about his own health situation, seeking a more sustainable lifestyle. Also, about how the use of web and mobile technologies help to collect and monitor patient information in real time through mobile health applications, also known as mHealth.
2. Theorical Fundamentals
The purpose of this chapter will be to compile all the theoretical and fundamental aspects necessary to understand the relationship between health and technology and how the union of these two fields of study brings benefits to professionals in both areas and to patients and users of the service.
2.1. Health Information Technology
Health Information Technology (HIT), also known as Health IT, is made up of electronic health care systems used by professionals and patients to store, share and analyze information about the patient’s health status.
According to Brailer, PhD from the University of Pensylvania and precursor of HIT in the United States:
“Health Information Technology (HIT) is the application of information involving hardware and software that deals with storage, retrieval, sharing, and the use of healthcare information, data and knowledge for communication and decision making.” (BRAILER D .; 2004).
Also according to Brailer (2004), there are some electronic systems that are already used in this field of study, such as: electronic prescription, support for decision making, electronic health record, personal health record, among others. However, only two types of systems will be covered in detail, which will be used to support the research:
⦁ Electronic Health Recording (EHR): electronic system that allows doctors to keep a radar on patient health information, helping them to make decisions based on evidence from the medical record. And there is also the advantage of sharing system information with other specialists and thus obtaining more accurate diagnoses through discussions. And the information in this system is usually managed normally by the health institution that the patient attends.
⦁ Personal Health Recording (PHR): electronic system very similar to EHR, with the only difference being that the patient himself is the one who controls and manages the information that goes into the system. This system is generally used for the patient to keep a radar on his visits to the doctor, or also to share this same information with authorized doctors from different places, institutions and locations in case the patient is in an emergency.
This work will be based on the construction of a Progressive Web Application that behaves like a Personal Health Record for use in web or mobile hybrid format.
2.2. mHealth
Mobile Health is one of several ways to incorporate technology in the health field, transforming the way patients, doctors and researchers deal with data. It also brings immediacy and ease, since it is possible to collect or store data anywhere and anytime through a wireless device. According to the World Health Organization (WHO), which published a document in 2011, called mHealth: New horizons for health through mobile technologies, defines the term as:
“… mHealth or mobile health are medical and public health practices supported by mobile devices, such as cell phones, patient monitoring devices, personal digital assistants, and other wireless devices.” (WHO; 2011).
As an example, applications aimed at health care are especially important in cases of chronic diseases, as they require continuous monitoring by the doctor, and also by the patient, who will be able to enter their most important data on the platform.
2.3. Data Visualization
Data visualization is the provision of information in graphical form, but which were previously in statistical or mathematical format, to perform data analysis. And according to Claus O. Wilke (2019, p. 1), author of the book Fundamentals of Data Visualization, data visualization is defined as: “… part art and part science. The challenge is to make art correctly without doing science the wrong way and vice versa “.
In the context of health care, the objective is to make data that is difficult to understand, have a more friendly visual language. And that this transition from the abstract to the visual (which includes formats and colors), requires the application of algorithms for effective data visualization, in order to interact better based on data, generate reports, and review information (WILKE; 2019).
2.4. Data Analysis
Data analysis is the process of applying logic, technique and statistics to represent data, ensuring its veracity, in order to avoid distorted conclusions about a subject.
According to Behrens (1997), within the data analysis there are two subsegments that are essential for this research: the exploratory data analysis (ADE), which uses statistical principles that provide computational devices and theoretical concepts to raise different hypotheses. And confirmatory data analysis (ADC) tests the hypotheses created and produces estimates with a higher degree of precision to confirm the veracity of what was assessed with the ADE.
3. Related Researches
The imminent growth of health-oriented technology has developed a field of study dedicated to these two areas of knowledge: Health Information Technology. Many researches and discoveries have been carried out in the last decades by the technological and scientific communities to develop improvements in the health area aimed at professionals and patients in order to reduce the risks of errors in medical diagnoses and improving the quality of life of patients using the service.
To compile the information in this work, the following are the most recent researches in the world, covering how technology can be used as a strategy to help and improve the users lives.
The World Health Organization (WHO) in 2016, based on a study over diagnostic errors, made notes of factors that can contribute to mitigate such failures, according to Table 1 below (World Health Organization (WHO), p. 6; 2016):
Source: Author “adapted from” (World Health Organization (WHO), 2016).
According to Michael Hough, former vice president of Advance Medical, Inc. based on studies by NorthWestern University and the National Center for Policy Analysis, he pointed out that the American healthcare industry loses hundreds of billions of dollars just through diagnostic errors and this impacts about 12 million Americans a year. And in this case, emerging technologies aimed at healthcare are welcome to create more effective diagnostic processes for both the patient and the doctor. An example cited by Hough was the Expert Medical Opinion, a service where all patient data is available online for the doctor and for the patient, helping to retrieve medical records and have a more objective view through accurate data.
In the United States, a study in conjunction with the University of California San Diego, University of Harvard and American Medical Association, an overview of the current state of Health Information Technology tools and devices that can help reduce incorrect clinical diagnoses has been developed. , as a tool that helps in collecting patient information or a system that facilitates feedback on the diagnosis itself (El-Kareh; Hasan; Schiff; 2013).
In England, a study by the Royal College of Physicians, it was developed to report in detail, aiming to understand and show the needs of users, in relation to the use of a Personal Health Record system. To perform a collection of qualitative data, 27 people who suffer from diseases, such as diabetes, depression, cancer and kidney diseases, were interviewed in order to have information about the user experience with this system. Through this study, it was concluded that some aspects are essential and other expendables in the user experience when it comes to PHR (WYATT, HOOGEWERF, QUINN. et al .; 2017). Table 2 below shows the main topics that lead a user to be interested in using a PHR.
Source: Author Wyatt J., Hoogewerf J., Quinn N. et al.; 2017.
In Brazil, according to the Center for Research in Science, Technology and Society of the Institute for Applied Economic Research (IPEA), there is great growth potential for HealthTechs, technology startups focused on healthcare, which use access as a competitive advantage, providing easy and secure patient information.
The Faculty of Medicine of São Paulo (FMUSP) developed a survey that monitors the brain functioning of doctors, to identify points that may lead to premature and perhaps incorrect diagnoses. During the study, doctors underwent two different experiments. In the first experiment, a set of symptoms were shown and the doctor had to point out the related disease. And in the second experiment, the names of the diseases were shown and the doctor had to prescribe the best way to treatment for that given disease. After this was done, the doctor’s brain behavior and responses were stored. The result of brain monitoring showed that when doctors dealt with information about generic symptoms (which can be linked to several different diseases), brain activity increased, however, it reduced when information was presented directly related to a specific disease.
According to these experiments, the researchers were able to conclude that the physician’s decision making is directly related to the decrease in the level of uncertainty (increased brain activity), therefore it is concluded that, the physician’s very early decision making may occur if he has contact with information from the patient with high diagnostic power at the beginning of the assessment, leading them to greater chances of error (Melo; Gusso; Levites; et al; 2017). Table 3 shows the results obtained. with experiments 1 and 2.
Source: Author “adapted from” (Melo; Gusso; Levites; et al; 2017)
The Personal Health Record (PHR) is already a widely used and well implemented tool in some parts of the world. According to a study by Cruickshank J., Packman C. and Paxman J. (2012), published by 2020Health.org, on implementation of PHR systems, Denmark is an example of leadership in the use of personal electronic reports for health management, which provides a PHR system available to any Danish citizen, called sundhek.dk. On this website, service users can request renewal of medical prescriptions, schedule medical appointments, apply as organ donors, among other features. However, one of the key factors for excellence in the functioning of PHR linked to the healthcare system in Denmark is the wide reach of internet access in the country, which reaches 95% of the population.
In the USA, however, the sentiment towards PHR is a little different, according to the study published by 2020health.org, although Americans are more open to this type of technology over the years, there is also great insecurity in regarding data privacy.
However, there is a great challenge for Brazil, that also offers a public health system that is totally free, known as Unified Health System (SUS), with regard to information storage, due to the massive number of users, as it 150 million Brazilians make usage of SUS. Therefore, the implementation of electronic medical records in the public system would have many problems in basic aspects, such as the technological infrastructure for internet access, equipment and software.
Based on the developed research, the focus of this thesis will be on how diagnostic errors can be reduced and avoided through an electronic medical record via application, with patient access to insert and manipulate information about their health status, such as medications, personal history and illness, recent trips, medical appointments, specific diet, etc.
4. Development
In this chapter, will be shared all the aspects and tools necessary for the creation of a Progressive Web Application, using Python and SQL languages including Django framework. The application developed for this research has the objective of leaving the user in charge of information about their health status, and make it easier for them to decide with whom to share their data.
4.1. Linguagem Python
Python is a high-level object-oriented programming language, created by Guido van Rossum in the early 1990s, and today it is one of the most widely used languages in the world. The design of the Python language highly values readability and simplicity, helping programmers to write clearer and smarter code for small or large projects (KUHLMAN, 2009). Python language has a large collection of libraries, and this is one of the great strengths of the language, which provides tools for various tasks. Some of these libraries assist programmers in creating graphical user interfaces, connecting to databases, unit tests, analyzing and visualizing data, manipulating data in spreadsheets, etc.
4.2. Framework Django
For the practical development of the application, Django was chosen because it is known as a fast web development framework written in Python. In addition, it has the Model-View-Template (MVT) as a design pattern, which will also be used in application development. Security is also a very important aspect of web development with Django.
According to the Django framework’s own documentation (2020) “… your user authentication system provides a secure way to manage user accounts and passwords.” Another Django feature that will be important for the application will be the conversion of a template into a .pdf document for sharing user data.
4.3. Linguagem JavaScript
According to Goodman (2001, p. 3), “… Javascript is a language for improving web technologies. Making the language capable of transforming static pages into an interactive and intelligent experience ”.
Javascript was introduced in 1995 as a way to add programs to web pages. The language has since been adopted by all major graphic browsers (HAVERBEKE, 2018). In the context of development of this research, the Javascript language will be used exclusively to insert PWA functionalities, such as: Push Notification, Geolocation and Icon insertion on the Home Screen of the computer or mobile device, making a communication with the Django framework.
4.4. Structured Query Language
According to Groff, Weinberg and Oppel (2010), Structured Query Language (SQL) was created and developed in the 1970s and is a programming language commonly used in relational databases and management of databases. In addition, it is a language recognized by the International Standardization Organization (ISO).
SQL is the most common way to manage databases due to its efficiency and ease to perform queries, manipulation and insertion of information. There are two types of categories of essential commands in SQL that will be used in this search:
Data Definition Language (DDL): used to create and change the structure of objects in a database. And these objects include views, tables, etc. The most used reserved words for definition queries are CREATE, ALTER and UPDATE.
Data Manipulation Language (DML): used to include commands that allow you to manipulate data in a database. And manipulation encompasses data selection, insertion, deletion and updating. The reserved words used for manipulation queries are SELECT, INSERT, DELETE and UPDATE
4.5. Progressive Web Application
Progressive Web Application (PWA) are a set of techniques used to program web applications, progressively developing features that were previously only used and seen in native applications, that is, applications developed especially for IOS, Android or Windows platforms. (BIØRNHANSEN, MAJCHRZAK, GRØNLI, 2017).
According to LePage and Richard (2020), Progressive Web Application can also be defined as:
Progressive Web Applications are essentially web applications. Using progressive enhancement, new features are activated in modern browsers. Using service workers and a web application manifest, your web application becomes reliable and installable. (LEPAGE, RICHARD; 2020)
In this research, PWAs for a number of fwas chosen actors, such as saving the user’s time who has to download the application from an app store, being able to create good quality applications cheaper than programming natively, and can be used by any user regardless of the browser.
For the development of this application, some features characteristic of native applications are used that, with the help of PWA techniques and Javascript language, it is possible to insert in a web application:
Icon on the Home Screen: functionality enabled when the website login screen is accessed, where the user can choose to add the website icon on the home screen of the mobile device or computer desktop.
Push notification: when the user profile screen is displayed, the user will receive a permission request to send him notifications, and if the user allows the request, he will receive notifications periodically reminding him to keep his profile updated.
Geolocation: it also works through permission request when the user accesses the profile editing page. When the user clicks on the [Find] button, with the help of a Google API, it is possible to access the user’s location and return his city and state.
4.6. Front-End
According to Cody Lindley (2019), front-end is the practice of transforming lines of code into a graphical interface designed for the user, through languages such as Hyper Text Markup Language (HTML), Cascade Style Sheets (CSS) and JavaScript.
And these languages are used to build a complete web browsing environment or PWA for the user. The framework used for this work is Bootstrap because it uses all the languages mentioned above to create a responsive graphical interface, which is mandatory for the development of a PWA.
4.7. Back-End
The back-end is the part of the softwar that cannot be seen by the user, but it is essential because without it the application does not work. Back-end programming reads entries, such as login authentication, events, and will make you able to navigate through the web pages. In this phase, databases, servers, storage forms, design pattern and APIs are defined (LINDLEY; 2019).
The platform used for the development of the back-end of the application of this work is the Django framework, since it is possible to develop it in Python language, and also with MVT(Model, View, Template) design pattern, besides being more appropriate for medium and large projects.
4.8. Unified Modeling Language
Pressman (2010), software engineer and author of Software Engineering: A Practitioner’s Approach, defines a UML as a standard language for the specification and documentation of a software project, in order to bring productivity in the system development phase, increasing the quality of the final product.
Unified Modeling Language (UML) are diagrams used to help to understand and communicate a business model or software. It also helps to raise functional requirements of the system, which describes the functionalities of the system and the interactions that should be made (RUMBAUGH, JACOBSON, BOOCH; 2004).
In this research, two important diagrams for the documentation of a system will be approached, which are: Use Case Diagram and Class Diagram. And these diagrams are intended to represent, through elements, how software will work and how each part of the system will interact with the user.
4.8.1. Use-Case Diagram
In the UML, a Use Case Diagram is a requirements gathering document to communicate to the user about features that the system will offer. It also presents possible scenarios, to illustrate a sequence of steps that describe the user’s interaction with the system and its way of functioning (MARSIC, 2012).
Also according to Marsic (2012), there are three main elements in the construction of a Use Case Diagram, which are:
- Use Case: it is an ellipse-shaped label that represents the property or functionality of the system that will interact with the user.
- Actors: format that represents a human that will interact with the system.
- Relationship: An arrow that represents an actor’s connection to one or more use cases, or only between use cases. These relationships can be of an inclusive nature (situation where without the previous use case it is not possible to execute the current use case) or extensive (which functions as an alternative event).
In Table 4 we can see in which situations communication, inclusion and extension relationships should be used:
In Figure 3, you can see the Use Case that will be used to build the PWA application, what the application’s features will be and how the actor will relate to it.
4.8.2. Class Diagram
According to Pressman definition (2010), a Class Diagram represents the relationship structure between classes to model essential system objects, and the elaboration of this diagram is extremely important because each class of the diagram is equivalent to a table on database and the structure of the software, which must be designed according to the existing use cases and how they should be interconnected.
In Figure 4 below, it can be seen that the Class Diagram was prepared thinking about the structure of the application and how the data will be stored in the database.
4.8.3. Model Entity-Relationship
An Entity-Relationship Model (ERM), according to the creator of the model, Peter Pin-Shan Chen (1976), is everything that describes the requirements of a project, so that it serves as a foundation for the construction of a relational database within an application.
It can be seen in Figure 5 below, that the main elements for the creation of a ERM are, the entities (which represent the objects and that they can contain one or more attributes) and, the types of relationships between the entities. What distinguishes relationships between entities, is that they can be one to one (shows that the entities only relate to each other), one to many relationships (one entity relates to several others) and many to many relationships (several entities relating to each other).
4.9. Prototyping
A prototype is a software development model where a system can be built and rebuilt whenever necessary until the prototype desired by the customer is achieved. Prototyping is ideal for situations where the design requirements are fully known to everyone, and it becomes a way for developers and customers to reach a consensus of what can be done according to the customer’s request (PRESSMAN, 2010). The necessary steps to make a good prototyping are:
- Requirements Analysis: In this phase, requirements are defined jointly between developers and customers involved.
- Design: the design step is done as a freehand sketch or using specialized software for this. It works as an idea of how the system will behave in the customer’s view.
- Prototyping: the project’s prototype is based on the information gathered with the outline and the Requirements Analysis phase.
- User Evaluation: At this stage, a proposal of what the system might be, is presented to interested customers. And then customers have an opportunity to point out what is good and what can be modified in the system, and the requirement analyst collects the customer’s suggestions to pass on to the system developers.
- Prototype Realignment: In case the current prototype of the system is not fully according to what the customer had in mind, the customer gives their feedback, and the development team in accordance with what was passed by the customer in the Evaluation User, make necessary adjustments.
- Implementation: The last phase happens when the system is finally produced based on the prototype refinements and implemented in production status. In addition, the system can go through a maintenance phase to avoid future failures.
Prototyping any and all systems is of great importance, as it is not necessary to be an expert to prototype a project, and encourages involvement and communication between all stakeholders and developers from scratch, so it is possible to track possible mistakes early in the software development project.
In Figures 6, 7, 8 and 9 below, we see an initial prototype of a system that proposes to be a Personal Health Report (PHR).
4.10. MVT Design Pattern
According to Holovaty & Moss (2010), MVT (Model, View, Template) is a software architecture standard, divided into three parts that are interconnected, with the function of:
- Model: it is linked to data writing, reading and manipulation, so it is responsible for communicating to View when any type of validation is done in the application.
- View: receives and configures all business rules that the application’s features will support. It is the layer located between Model and Template, which controls the flow of information that passes through the system. In addition to executing the events triggered in the Template layer.
- Template: accesses data from the Model layer, presents data and information to the user through a graphical interface.
- The MVT design pattern is used in this research because with it, it is possible to maintain a level of standardization and organization in object-oriented programming, so changes made to the frontend (Template) do not significantly interfere in the backend functionalities (Model and View), and also because MTV is the default design of the Django framework.
4.11. Three-tier Systems Architecture
A multi-layered systems architecture is typically used to break down a complex system in order to make it easy to understand, and also to make these layers easy to organize and maintain, according to an IBM company publication, through the IBM Knowledge Center ( 2015).
As a rule, layered system architectures have such layers as a way to separate the system by pre-defined functionalities, each fulfilling its responsibility for the full functioning of a system.
Also according to IBM Knowledge Center (2015), the system architecture in three layers allows to have three different systems in a single application, so that layer number one represents the components of presentation to the client, layer number two represents the logic running tasks and layer number three represents the data and its management.
- First Layer: is the layer where the user’s interaction occurs, and allows the user to interact with the second layer safely and does not allow it to access the third layer directly. In this way, if a client component provides a personal electronic medical record form, the client sends that form to the second layer, which will do the necessary validations with the database in the third layer to edit, save or delete such information.
- Second Layer: as this is the logical layer of the system, the processes of this layer communicate with the database (third layer), and this is where almost everything happens, because if several client components send multiple electronic forms to the second layer, it must handle all of these transactions simultaneously and without competition failures.
- Third Layer: the third layer is somewhat protected from client components, so any form of communication with this layer comes from the logical layer (second layer) of the system.
With these definitions it is concluded that for the system to work, all layers need to communicate, however, respecting some rules. This system architecture can be used in any high-level programming language and in any operational system (IBM Knowledge Center; 2015).
4.12. Functional and Non-Functional Requirements
A Functional Requirement is everything that represents the main requirements of the product to be developed, and demonstrates what is the expected behavior of certain system functionalities in the user’s view. The Non-Functional Requirement is that one linked to the quality of the system that will be created, such as: security, usability, availability, etc. (MARSIC, 2012)
Next, we see the construction of functional and non-functional requirements of the system that proposes to create a PWA that works as a personal health report, where the acronyms RF are equivalent to the Functional Requirements and the RNF are equivalent to the Non-Functional Requirements :
- RF01 — Login: Access the application in its entirety through Login via username and password.
- RF02 — Create Account: Screen where the user creates an account, registering some personal information such as, full name, e-mail, age and password creation, so that they can access the application.
- RF03 — Recover Password: Possibility to recover the password if the user already has an account through registered e-mail.
- RF04 — View Profile: Screen that allows the user to view their personal data, and all other information maintained in the application.
- RF05 — Maintain Medicines: Screen that allows the user to enter, edit and delete information on used medications.
- RF06 — Maintain Diet: Screen that allows the user to enter, edit and delete information about their diet routine.
- RF07 — Maintain Travels: Screen that allows the user to enter, edit and delete information about travel dates and destinations to places at risk and prone to the proliferation or contraction of contagious diseases.
- RF08 — Maintain Vaccines: Screen that allows the user to enter, edit and delete information about vaccines already taken.
- RF09 — Maintain Appointments: Screen that allows the user to enter, edit and delete information about the date and time of medical appointments.
- RF10 — Register Exercises: Screen that allows the user to time and choose an exercise mode to practice.
- RNF01 — Security: Login via username and password created by the user. And because it is a PWA, it uses Hyper Text Transfer Protocol Secure (HTTPS) protocol, allowing an encrypted connection. In addition to native Django framework tools for user authentication.
- RNF02 — Usability: Because almost all screens in the application’s personal electronic medical record use CRUD (Create, Read, Update, Delete) operations, user interaction with the application is extremely simple.
- RNF03 — Portability: As PWA is a website that must behave like a native application, it is mandatory that the application works perfectly independently if the user uses the application through a computer or any mobile device.
5. Obtained Results
Through the studies and research of this work on the field of technology applied to health, it is concluded that, with the help of a personal health report, the patient becomes more interested in the habits that can affect his health situation, and seek to improve your lifestyle over time. Also, with the continuous use of the application, it is expected to obtain a robust patient information base, so that it can be used for medical analysis, helping the professional to formulate more accurate medical diagnoses and based on details of the patient’s routine.
And with the development of this application based on PWA, it is expected that the patient/user will feel engaged in using it daily due to its easy use, and at the same time keeping a report of information saved in a database, in a single location under the control of the patient itself, which can be shared when and with whomever they wish.
6. Tests Performed
One of the most important requirements for building any application is security for several reasons, some of which are reliability and integrity as a way to ensure that the user can access the application and store its information with the confidence that their data is being hosted safely.
For the sake of data privacy and confidentiality, information from no real user will be used in the tests performed on this research, in accordance with the General Data Protection Law (LGPD) from Brazil. All tests performed are in order to confirm the safety linked to the application usability.
6.1. Lei Geral de Proteção de Dados (LGPD)
According to the website of the Ministry of Defense of Brazil (2020), the General Data Protection Law (LGPD) that came into force on September 18 2020, are rules established for maintaining and sharing data, in order to guarantee some basic rights to users, such as: knowing which of your data is kept by the company, having the option to update that data, knowing if your data is being shared and for what purpose, or even revoking the consent to use your data.
6.2. Authentication Security
The Django framework provides a password management middleware that requires the user to enter a password of at least 8 characters, between letters and numbers, which is not similar to the username, neither in the “obvious password list” preset by Django.
When the user registers a new account, the server encrypts the password registered by the user with an SHA256 hash code and then stored in the database, adding an extra layer of security to the user’s account, because even the application administrator has no access to the user’s password (HOLOVATY, MOSS; 2008). In Figure 11, the password field with encrypted content is seen in a user’s registration.
Another security aspect for authentication is the username field, it is not allowed to register two identical users in the system and it must be filled with a maximum of 10 characters, whether letters or numbers.
According to Dauzon, Bendoraitis and Ravindran (2016), within the Django framework there is also the element of @login_required, which is used in every function or class of the View layer, in order to only allow access for users who had their login and password on certain pages of the application. For example, if the user tries to access the profile page (page for logged in user) through the website URL, without having previously authenticated his login and password, he will be redirected to the app’s home page.
6.3. Cross Site Request Forgery Prevention
Cross Site Request Forgery (CSRF), are defined by the action of a hacker or malicious user using the service user’s secret credentials. With the functionality of protection against CSRF offered by the Django framework, the user can insert information in the application forms and send it to the serverside in a secure way, as the CSRF creates a kind of check barrier through a token code generated every time that the user saves, edits or deletes information from the application forms, confirming that the user manipulated information in the original application (DAUZON, BENDORAITIS, RAVINDRAN; 2016).
This prevents a possible hacker from reproducing pages and forms imitating the original application also with the POST request, thus sending the user’s sensitive data to another location outside the original application without the user realizing it. To obtain the user’s information, the hacker would have to know the secret credential that is linked to the user via cookie (HOLOVATY, MOSS; 2008).
In Figure 12 below we see as an example, the Django command {% csrf_token%} that should be used for all forms existing in the templates within the application to activate CSRF prevention tokens.
6.4. Unit Tests
According to Osherove’s definition (2014; p. 11), a unit test means “… a piece of code that invokes a unit of work and verifies a specific final result of that unit. If the end result is wrong, the test has failed. A test unit can cover both methods and classes, and can be written and executed quickly. ”
It is possible to write unit tests directly (using the language used to develop the application) or using specific frameworks to formulate unit tests. In the case of Django, a set of tools is already offered through the use of the unittest Python library. For this reason, it was decided not to use any other specific framework for unit tests.
As an example, in the figures below you can get an idea of how a unit test is performed through the components of the MVT design pattern. In Figure 13, at the top we have the test case script for user authentication to start and end a section, where the is_authenticated () method is used to test whether the user has actually logged in or out. And at the bottom of the image is the test result, confirming that both tests have been successfully completed.
In Figure 14, in its upper part is the unit test script of the URLs and templates that give access to the application’s login, menu, profile and logout pages. As a result, if the test is redirecting to the correct page of the application, the test returns the ReverseMatch method with the information from that URL.
In the testcase shown in Figure 15 below, the unit test work is focused on validating the database functioning in receiving the entered or edited data by the user. As an example in the image below, a new user has first inserted through the setUp() function and also, the creation of a profile related to the user that has just been created. If the unit test does not return any type of error, the algorithm returns the values of the username, full name, e-mail and password of the created user, and then the fields filled out related to the user’s profile.
Source: Own authorship; 2020.
7. Limitations
At the beginning of the software development process, it is extremely important to demonstrate clearly to the user what the application will offer, and especially, aspects what is not covered in the development of the final product.
The following stand out some points that are perceived to improve limiting issues within the progressive web application project for creating personal electronic medical records:
• Inclusion of two-tier authentication for user authentication via email address or phone number;
• Use of PWA’s key feature to access the web platform pages even without an internet connection;
• Incorporate other APIs to make the user’s interaction with the application more attractive;
• Insert PWA into the cloud storage service in order to make it more scalable and keep database more secure;
8. Conclusion
A personal health reporting system aims to have patients centralize important data about their health status. This research is composed by the development of a system that can be used through a computer or mobile device, managed solely and exclusively by the patient/user, allowing it to manage its personal health information.
After performing unit tests on different components of the software architecture, it is concluded that, although there are countless ways to hack softwares in order to cause damage to the user or the service provider, good programming practices and techniques that create layers of user protection, make the application more reliable, increasing the likelihood that users will trust their sensitive information within the application. As focal aspects of the research, we can highlight points such as:
A) HealthTechs are a growing trend for the coming years, bringing to the discussion the way that health entrepreneurship incorporated into technology will do to attract users to this service: be it in the quality of care, efficiency in the customer experience or confidential data preservation.
B) From important studies and researches (highlighting the UN and WHO) pointed out in the section of related works on HealthTechs, Personal Health Reports and mHealth, it was concluded that, despite the promise of positive influence from technological products focused on health, potential users for these services still have some resistance to store such sensitive information within a web or mobile platform.
C) Bearing in mind the need to make the user really confident in using the product, the development of the application was thought to used through a computer or cell phone, with care to insert layers of security and unit tests at key points of the application, such as user authentication, navigation between application pages, storing information in a database and filling out forms for inserting or editing data.
About the research, having the points noted above, in the next chapter some suggestions for future work will be presented, in order to add more features to bring improvements to the system implemented in this work.
8.1. Future Works
From the results obtained that were presented previously, new types of research can be developed based on a large amount of information made available by each application user, provided if they agree with the terms of use so that their data can be used for quantitative studies. Some suggestions for future work, related to social research and application improvement, are presented below.
8.1.1. Pharmaceutical Industry Research
With the development of this application and after collecting information from a database of users large enough to compose a sample, it would be interesting to conduct researches and statistical studies about, which drugs are most consumed among people in a certain region of the country or age group.
The application can also help to inform whether these medications are used correctly by the patient himself, allowing to know if the medication is being administered at the correct time intervals, for example.
8.1.2. Social Mapping of Vaccinated Users
Another way of using the application developed for future work would be to map users from the public and private health systems who participated or not in vaccination campaigns developed by the Ministry of Health, also based on information about their location, age group, and recent trips.
With the mapping of these unvaccinated users, a new awareness campaign can be carried out, aimed especially at these unvaccinated people, reinforcing the social responsibility of getting vaccinated.
8.1.3. Professional Login Access
The application design is made so that the patients store their health information, and only they can see their own information on the platform, unless they want to share this information with a professional through a .pdf file.
However, it would be interesting and inclusive, to make the application accessible not only to patients but also to healthcare professionals, who could have their own login, and to it, all their patients would be linked together with their information.
8.1.4. Emergency Care for the Elderly
Another option to incorporate into the existing application is to add an exclusive feature for users aged above 60, where they could activate an emergency button to get some kind of immediate medical attention or request an ambulance referral.
REFERENCES
Biørn-Hansen, A., Majchrzak, T. & Grønli, T-M. Progressive Web Apps: The Possible Web-native Unifier for Mobile Development.; 2017; pages 344–351 ISBN: 978–989–758–246–2; DOI: 10.5220/0006353703440351;
Behrens, J. T., Principles and Procedures of Exploratory Data Analysis. Psychologycal Methods. 1997, Vol. 2, №2, 131–160; (https://pdfs.semanticscholar.org/4016/18eda85f341b0600f49811229cfeb50c2843.pdf?_ga=2.126836877.1602013678.1601418011-1572317932.1601418011; acessado em 02/04/2020)
Booch G., Rumbaugh J., Jacobson I., The Unified Modeling Language Reference Manual; Pearson Education, Inc; Boston; 2005; ISBN 0–321–24562–8 (https://personal.utdallas.edu/~chung/Fujitsu/UML_2.0/Rumbaugh--UML_2.0_Reference_CD.pdf; acessado em 08/04/2020)
Brailer, D. The decade of health information technology. HHS Report, July, 21 (2004); (http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.360.9186&rep=rep1&type=pdf; acessado em 25/03/2020)
Budde R., Kautz K., Kuhlenkamp K., Züllighoven H. (1992) What is Prototyping?. In: Prototyping. Springer, Berlin, Heidelberg. DOI: https://doi.org/10.1007/978-3-642-76820-0_2
Burrows S., Journal of Health Informatics and Management: About the Journal; 2018 (https://www.scitechnol.com/health-informatics.php; acessado em 07/03/2019)
Castiglione C., Frontend vs. Backend Developers: What’s the Difference?; 2019 (https://learn.onemonth.com/frontend-vs-backend-developers/; acessado em 07/04/2020)
CREMESE; SUS completa 20 anos, mas não implanta seus princípios fundamentais; 2010 (https://www.cremese.org.br/index.php?option=com content&view=article&id=20986:sus-completa-20-anos-mas-nao-implanta-seus-principios-fundamentais&catid=3; acessado em 26/02/2020)
Cruickshank J., Packman C., Paxman J., Personal Health Records: Putting pacients in control?; 2020health.org; 2012; ISBN 9781907635229 (http://www.wholeschoolhealth.com/dms/2020health/downloads/reports/2020PHRreport_ONLINE.pdf; acessado em 13/09/2020)
Dauzon S., Bendoraitis A., Ravindran A; Django: Web Development with Python; Packt Publishing Ltd.; Birmingham, 2016; ISBN: 978–1–78712–138–6; (http://englishonlineclub.com/pdf/Django%20-%20Web%20Development%20with%20Python%20(Learning%20Path)%20[EnglishOnlineClub.com].pdf; acessado 06/10/2020)
Django Overview (https://www.djangoproject.com/start/overview/; acessado em 30/08/2020)
El-Kareh R, Hasan O, Schiff GD. Use of health information technology to reduce diagnostic errors. BMJ Qual Saf. 2013;22(Suppl. 2):ii40-ii51. (https://qualitysafety.bmj.com/content/22/Suppl_2/ii40?int_source=trendmd&int_medium=trendmd&int_campaign=trendmd; acessado em 07/02/2020)
Fernandes C., Backend: Nos bastidores da aplicação., 2014; (https://canaltech.com.br/software/Backend-nos-bastidores-da-aplicacao/; acessado em 01/04/2020)
Goodman D., Javascript Bible; Hungry Minds Inc.; New York; 2017; ISBN: 0–7645–3342–8 (https://everythingcomputerscience.com/books/all.pdf; acessado em 30/09/2020)
Groff J. R., Weinberg P. N., Oppel A. J.; SQL: The Complete Reference., 3rd Edition; The MacGraw-Hill Companies, Inc., New York, 2010, ISBN: 978–0–07–159256–7 (https://d0wnl0ads.files.wordpress.com/2011/08/sql-the-complete-reference-third-edition-sep-2009.pdf; acessado em 01/04/2020)
Guia completo de SQL (https://www.devmedia.com.br/guia/guia-completo-de-sql/38314; acessado em 01/04/2020)
Haverbeke M., Eloquent Javascript: A Modern Introduction to Programming.; 3rd Edition; 2018; (https://eloquentjavascript.net/Eloquent_JavaScript.pdf; acessado em 30/09/2020)
Holovaty A., Moss J. K., The Definitive Guide to Django: Web Development Done Right.; Springer-Verlag Inc., New York; ISBN-10: 1590597257; 2008; (http://slav0nic.org.ua/static/books/python/The%20Definitive%20Guide%20to%20Django%20-%20Apress.pdf; acessado em 30/08/2020)
Hough M.; Reducing Misdiagnosis: Healthcare Technology Set To Save Thousands Of Lives And Billions Of Dollars; 2017 (https://www.healthitoutcomes.com/doc/reducing-misdiagnosis-healthcare-technology-set-to-save-thousands-of-lives-and-billions-of-dollars-0001, acessado em 16/02/2020)
IBM; Arquiteturas de Três Camadas; IBM Knowlegde Center; 2015; (https://www.ibm.com/support/knowledgecenter/pt-br/SSEQTP_8.5.5/com.ibm.websphere.base.doc/ae/covr_3-tier.html; acessado em 11/05/2020)
IPEA; As tecnologias da informação podem revolucionar o cuidado com a Saúde?, 2019; (http://www.ipea.gov.br/cts/pt/central-de-conteudo/artigos/artigos/107-as-tecnologias-da-informacao-podem-revolucionar-o-cuidado-com-a-saude, acessado em 26/02/2020)
Kuhlman D., A Python Book: Beginning Python, Advanced Python, and Python Exercises; Open Source MIT License; 2009; (https://www.davekuhlman.org/python_book_01.pdf; acessado em 05/04/2020)
Lai, A. M., et al; Present and Future Trends in Consumer Health Informatics and Patient Generated Health Data; Yearb Med Inform.; 2017; 26(1): 152–159; DOI:10.15265/IY-2017–016
Lindley C., Frontend Developer Handbook., 2019; (https://frontendmasters.com/books/front-end-handbook/2019/#1; acessado em 01/04/2020)
Marsic I., Software Engineering, Rutgers University, New Jersey; 2012; (https://www.ece.rutgers.edu/~marsic/books/SE/book-SE_marsic.pdf; acessado em 07/04/2020)
Melo, M., Gusso, G.D.F., Levites, M. et al. How doctors diagnose diseases and prescribe treatments: an fMRI study of diagnostic salience. Sci Rep 7, 1304 (2017); (https://www.nature.com/articles/s41598-017-01482-0; acessado em 22/02/2020)
Ministério da Defesa; Lei Geral de Proteção de Dados Pessoais — LGPD; Brasília; 2020; (https://www.gov.br/defesa/pt-br/acesso-a-informacao/lei-geral-de-protecao-de-dados-pessoais-lgpd; acessado em 22/11/2020)
NLM; Health Informatics: National Library of Medicine Informatics Training Conference. The Ohio State University; 2016; (https://www.nlm.nih.gov/ep/documents/NLM_Informatics_Training_Conference_2016.pdf; acessado em 04/03/2020)
Osherove R; The Art of Unit Testing; 2nd Edition; Manning Publications; 2014; (https://manning-content.s3.amazonaws.com/download/7/7dae2a7-3809-47d0-8ad3-ebcb1cfeb0be/sample_ch01_Osherove2_November11.pdf; acessado em 08/10/2020)
Peter Pin-Shen Chan, The Entity-Relationship Model — Toward a Unified View of Data, ACM Inc., Massachusetts, 1976 (http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.526.369&rep=rep1&type=pdf; acessado em 07/04/2020)
Pressman R. S., Software Engineering: A Practitioner’s Approach., 7th Edition, MacGraw-Hill Campanies, Inc., 2010; ISBN: 978–0–07–337597–7.; (http://seu1.org/files/level4/IT-242/Software%20Engineering%20_%207th%20Edition.pdf; acessado em 07/05/2020)
Richard S. & LePage P., What are the Progressive Web Applications?; 2020; (https://web.dev/what-are-pwas/; acessado em 06/04/2020)
Santoni M., Progressive Web Apps browser support & compatibility; 2018 (https://www.goodbarber.com/blog/progressive-web-apps-browser-support-compatibility-a883/; acessado em 29/09/2020)
Shekelle PG, Morton SC, Keeler EB. Costs and Benefits of Health Information Technology. Evidence Report/Technology Assessment №132. (Prepared by the Southern California Evidence-based Practice Center under Contract №290–02–0003.) AHRQ Publication №06-E006. Rockville, MD: Agency for Healthcare Research and Quality; 2006; DOI: https:/doi.org/10.23970/AHRQEPCERTA132.
Singh H, et al., Identifying diagnostic errors in primary care using an electronic screening algorithm. Arch Intern Med; 2007; 167:302–8. (https://jamanetwork.com/journals/jamainternalmedicine/fullarticle/411672; acessado em 07/02/2020)
Singh H, Meyer, Thomas EJ.; The frequency of diagnostic errors in outpatient care: estimations from three large observational studies involving US adult populations. BMJ Qual Saf 2014; 23:727–731.; DOI: 10.1136/bmjqs-2013–002627 (https://qualitysafety.bmj.com/content/23/9/727; acessado em 05/02/2020)
Sweeney, J. Healthcare Informatics. Online Journal of Nursing Informatics (OJNI), 2017; (https://www.himss.org/resources/healthcare-informatics; acessado em 08/03/2020)
Three-tier Archtecture; 2015 (https://managementmania.com/en/three-tier-architecture; acessado em 11/05/2020)
Wilke, Claus O., Fundamentals of Data Visualization. O’Reilly; 2018; ISBN 978–1–4920–3108–6. (https://serialmentor.com/dataviz/; acessado em 29/03/2020)
World Health Organization; Diagnostic Errors: Technical Series on Safer Primary Care. Geneva; 2016. Licence: CC BY-NC-SA 3.0 IGO. (https://apps.who.int/iris/bitstream/handle/10665/252410/9789241511636-eng.pdf; acessado em 12/02/2020)
World Health Organization; mHealth: New horizons for health through mobile technologies.; Geneva; 2011; ISBN 978 92 4 156425 0; (https://www.who.int/goe/publications/goe_mhealth_web.pdf; acessado em 25/03/2020)
Wyatt J., Hoogewerf J., Quinn N. et al. Personal health record user insights: final report. London: Royal College of Physicians, 2017.; ISBN 978–1–86016–674–7; (https://www.rcplondon.ac.uk/file/5653/download; acessado em 13/09/2020)
