180 likes | 351 Views
Kairon : Granular Patient Consent Management. The MITRE Corporation Peter Mork, PhD. About MITRE Research. MITRE: Private, independent non-profit organization Chartered to work solely in the public interest Provide support to governmental sponsors
E N D
Kairon: Granular Patient Consent Management The MITRE Corporation Peter Mork, PhD
About MITRE Research • MITRE: • Private, independent non-profit organization • Chartered to work solely in the public interest • Provide support to governmental sponsors • Four Federally Funded Research and Development Centers • MITRE Research: • Internal competition • Approximately 6% of revenue (provided by FAR) • Targeted to specific focus areas, including health care • Advances technologies for transition to public and private sectors
Consent Research Request Server Browser Record Holder Server Consent Server EHR Policy Enforcer Consent DB Policy Reasoner
Objective: Efficient Consent Management • Globally Accessible by: • Patients and • Record Holders • Intuitive User Interface • Platform Adaptable • Modular Design adapts to: • Technology or • Legal Changes
Consent Directive Analysis Model Privacy Policy Reference • Consent specifications- allow/disallow action • purpose of consent • effective period • additional conditions • Medical Record Reference • Patient Identification • Medical Record Identification Action Specification - hierarchy of operations applied to information • Information Sender • -Organization • Information Receiver • Role • Identity • Health Information Affected • Related to a diagnosis • Data Sensitivity • Coverage Type • Type of information (e.g., lab, rx)
Preference Simplification(through Rule Minimization) Dr. Walsh: Purpose = Treatment (Medications or Allergies) and not Mental Health
Rewritten Preferences <AND> <OR> <String-is-in(‘medication’, Select(datatype))/> <String-is-in(‘allergy’, Select(datatype))/> </OR> <String-is-in(‘NOT-mental-health’, Select(topic)))/></AND>
Consent Form CDA Document • Produced by the form • Conforms to the Implementation Guide
Electronic Consent Directive: CDA Document (rendered as HTML)
Contacts • Peter Mork, PhD • pmork@mitre.org • 703-983-1465 • Jean Stanford • jstanford@mitre.org • 301-814-4934 • Source Forge Site: • http://kaironconsents.sourceforge.net/
Constraints on Consent • Legal • HIPAA / Privacy Act • State Laws • Trust • Relationships • Delegation • Compliance • Auditing • Enforcement • Authentication • Credentials • Identity Management
Implementation Landscape High Integrate with State Mandates Automated Enforcement Intelligent Redaction Eliciting Patient Preferences Integrate Care Relationships Implemented Technical Complexity Under Development Patient Review & Approve Grand Challenges Credential Matching Preemptory Access Audit Low Accepted Practices Policy Maturity Inchoate