1 / 20

HTH975: Connecting Providers and Payers Secure Exchange of Healthcare Data over the Internet

HTH975: Connecting Providers and Payers Secure Exchange of Healthcare Data over the Internet. Mike Woods President – Pentelar Inc. Mike.Woods@Pentelar.com Aisha El-Zorba Senior Product Manager aishael@sybase.com August 15-19, 2004. Current Exchange of Healthcare Data.

fauve
Download Presentation

HTH975: Connecting Providers and Payers Secure Exchange of Healthcare Data over the Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HTH975: Connecting Providers and Payers Secure Exchange of Healthcare Data over the Internet Mike Woods President – Pentelar Inc. Mike.Woods@Pentelar.com Aisha El-Zorba Senior Product Manager aishael@sybase.com August 15-19, 2004

  2. Current Exchange of Healthcare Data • Direct Connects from providers to payers • Asynchronous communications • FTP • TCP/IP • VPN • Clearinghouses

  3. Secure Exchange of Healthcare Data over the Internet • Internet • Secure • Reliable • Standard Protocols • EDIINT AS1 • EDIINT AS2 • RosettaNet • ebXML

  4. EDIINT AS1 • EDI over the INTernet Applicability Statement 1 • AS1 is an RFC standard (RFC 3335) by which applications communicate EDI (EDIFACT or X12) or XML data over the SMTP transport (email). • S/MIME encryption and digital signatures • S/MIME encryption and digital signatures provide confidentiality and content-integrity of the data being transported. • Compression • significantly reduces in file sizes. • In order to provide protection to their networks, company mail servers are often very restrictive of the messages that are received. Combined with anti-virus software, which is often loaded on these servers, the email messages processed by the mail servers are often altered or even blocked. This can pose a serious problem with AS1 messages because this alteration can corrupt the security applied to the transaction.

  5. EDIINT AS2 • EDI over the INTernet Applicability Statement 2 • Exchange structured business data securely using HTTP transfer for XML, Binary, Electronic Data Interchange, (EDI - either the American Standards Committee X12 or UN/EDIFACT, Electronic Data Interchange for Administration, Commerce and Transport) or other data describable in MIME used for business to business data interchange. • The data is packaged using standard MIME content-types. • Authentication and privacy are obtained by using Cryptographic Message Syntax (S/MIME) security body parts. • Authenticated acknowledgements make use of multipart/signed replies to the original HTTP message. • Adoption in the US • Gas Industry - GISB • Retail

  6. RosettaNet • Is designed to harness the imminent, exponential growth of electronic commerce across the IT supply chain by developing, promoting, and leading the adoption of both open content and open transaction standards, along with the necessary metrics to measure the business impact of these standards on members of the supply chain. • Industries • Electronics • Adoption • US • Europe • China • Japan • Korea • Malaysia • Singapore • Tiawan

  7. ebXML - Technology Definitions • What is a Web Service: • Self contained module that allows a business entity to “interact” with one or more external entities using Web technologies (e.g. over the internet). • What is ebXML (Electronic Business using eXtensible Markup Language): • Provides reliable and secure messaging (transmission of information) between two or more business entities • Automates ad hoc business collaborations (transactions) • Is the only finalized, industry-standard specification for collaborative B2B based Web services

  8. Web Services Key Enablers • eXtensible Markup Language (XML) • Self describing document language • Simple Object Access Protocol (SOAP) • Define and access structure\protocol for OPEN messaging • Web Services Descriptor Language (WSDL) • Describe the capabilities of a service • Universal Description, Discovery and Integration (UDDI) • Registry of WHAT is out there • ebXML • ALL of that… plus what is missing. • Stay tuned.

  9. Synchronous Messaging

  10. Asynchronous Messaging

  11. Why ebXML? • Security • Encryption • Digital Signatures • Transport (HTTPS) • Reliability (Guaranteed Delivery) • Open Standard • OASIS • Proven • V2.0 currently more than 1 year old • V3.0 ready to be released

  12. More. More. More. • ebXML Extends SOAP • SOAP with Attachments • Adds Security (including PKI with Digital Certificates) • Authentication • Authorization • Non-repudiation • Message / payload level encryption • Transport level encryption (HTTPS) • Digital signatures • Adds reliability – guaranteed delivery

  13. Drummond Group • Interoperability Testing Experts • Vendor Neutral Third Party to Test Commercial Software • ebXML cross certification • 11 Companies that passed ebMS v1.0 compatibility • 7 companies that passed ebMS v2.0 compatibility • Sybase passed both! • www.drummondgroup.com

  14. Sybase’s Offering (ebXML) • Web Services Integrator (WSI) • EAServer or Weblogic Server 7.x or later • Process Server • To support Business Process Specification Schema (BPSS) • Integration Orchestrator (IO) • Business Process Integration Suite (BPI Suite)

  15. Overseas • Europe • eBES (e-business Board for European Standardization) • Asia • Korean Banking • China Banking • KIEC - Korea Institute for Electronic Commerce

  16. Auto Industry • STAR • Standards for Technology in Automotive Retail • Chose ebXML because Open Standard • Started implementation • Reynolds & Reynolds • 70 year old, billion dollar company • Middle “broker” in automotive retail. • Sybase and Pentelar recently created a Proof-Of-Concept demo for them to communicate with Volkswagen.

  17. Government of Canada • Pentelar worked with the Government of Canada - Canadian Passport Office - to analyze, design, develop, test and implement a Document Verification system. • Identity documents are verified with the issuing agency in real time. • Pathfinder project for Secure/Reliable communications with external agencies and the Government of Canada.

  18. Health Care • HIPAA - Health Insurance Portability and Accountability Act • ebMS directly addresses HIPAA Security, Electronic Signature, Privacy and transaction requirements related to data being transmitted between partners. • HL7 – Health Level 7 • ANSI accredited • Clinical and Administrative data domain • April 27, 2004 – announced ebXML support (Draft standard for trial use) in V3 Messaging Standard.

  19. Demo…. • Health Care Scenario • Verification of Eligibility for Service

  20. Web Services Integrator TPM EDIINT AS2 Business to Business Transport (B2B) Data Security Human Resources Applications A d a p t e r s Integration Business Trading Partner Management (TPM) RosettaNet Financial Applications Process Srv Trading Partners Logistics Applications Business Process Monitoring (BPM) BTSM ebXML Other Legacy Applications Business Process Modeling and Control (BPM) J2EE Server Web Browsing Customer, or Partner

More Related