100 likes | 200 Views
Automate Blue Button Initiative Pull Workgroup Meeting. November 20, 2012. Meeting Etiquette. From S&I Framework to Participants: Hi everyone: remember to keep your phone on mute . All Panelists. Remember: If you are not speaking, please keep your phone on mute
E N D
Automate Blue Button InitiativePull Workgroup Meeting November 20, 2012
Meeting Etiquette From S&I Framework to Participants: Hi everyone: remember to keep your phone on mute All Panelists • Remember: If you are not speaking, please keep your phone on mute • Do not put your phone on hold. If you need to take a call, hang up and dial in again when finished with your other call • Hold = Elevator Music = frustrated speakers and participants • This meeting is being recorded • Another reason to keep your phone on mute when not speaking • Use the “Chat” feature for questions, comments and items you would like the moderator or other participants to know. • Send comments to All Panelists so they can be addressed publically in the chat, or discussed in the meeting (as appropriate). 2
Announcements and Reminders • Meeting Reminders • Pull Workgroup Meetings are Tuesdays from 3:00 – 4:00 pm Eastern. • The next Community Meeting will be announced. 3
Looking ForwardABBI Schedule • November • October 22- November 19: Drafting and comment period on ABBI Implementation Guide (Part 1: Send via Direct + Content) • Nov 19th : BEGIN Comment Period Round 2 on ABBI Implementation Guide (Part 1: Send via Direct, Content) • 26th : Discuss Comments in workgroup calls • 28th : END Comment Period on ABBI IG (Part 1) • December • 3rd : Review Implementation Guide Comments in Workgroup Calls and Finalize Guide • 6th :ABBI Participates in Connect-a-thon • 10th :“Public Release” of ABBI Implementation Guide (Part 1) • 11th : ABBI Participates in Town Hall @ ONC Annual Meeting • 21st : BEGIN Comment Period on ABBI Implementation Guide (Part 2: Send via Email, Payor Content, and Developer Toolkit) • January • ~ 10th: END Comment Period on ABBI Implementation Guide (Part 2) • ~ 15th : Release ABBI Implementation Guide (Part 2) • All of January: Testing Period; Identify and Respond to Reference Implementations • February • Testing Period; Identify and Respond to Reference Implementations • March • Complete Testing Period • HIMMS: Showcase ABBI Implementatiosn • Release Final Automate Blue Button v2 Implementation Guide (Part 1 and Part 2 listed above)
Pull Workgroup1 • PULL Current Status Pre-Discovery • Agreed and voted oncharter, including • Scope • Timeline • Deliverables Discovery • Open call for straw man proposals for PULL scenarios • Review background information from other S&I groups like RHex Project • Discuss advantages and disadvantages of proposed straw men • Identify proposal(s) to invest in • Write draft implementation guide Reference Implementations • Identify 1-2 partners that can build proof of concepts for PULL • Have 1-2 partners demonstrate the technical feasibility of the implementations Implementation Guidance • Refine use cases based on reference implementations • Refine implementation guide based on reference implementations Implementations • 2-4 full implementations that reflect implementation guidance 6
OAuth Summary Points(from Adrian G) - OAuth is a means of securing RESTful servers based on a secret token communicated over a secure channel. OAuth security applies to a wide range of clients and servers including mobile devices but risk mitigation methods apply to various use-cases. - OAuth uses a two-level authorization mechanism to facilitate scalability. The top level is institutional and analogous to a white-list or federation mechanism. The lower level is individual and corresponds to a time and scope-limited authorization by a specific patient. - OAuth can work both as part of a specified federation and by using a dynamic discovery process without a specified federation. The dynamic process could be useful in support of universal access that does not restrict the patient's choice of pull agent while still allowing for the administrative efficiency of specified federations. - OAuth by itself distributes the authorization management to the edges of the network. This can get confusing for patients that want to manage authorizations at many data holders including labs, specialists, clinics and payers. UMA is a proposed standard protocol on top of OAuth that allows for access authorizations to be managed by a trusted central service that can be independent of any particular data holder. This trusted, independent central service would be analogous to a federated identity provider for Single Sign On and could either be the same or separate from the IDP.
Example “Search” and “Summary” Endpoints(from Keith B.) Click to open
Pull Summary Points(from Josh Mandel) Double-Click to access /open PDF
Next Steps / Meeting Reminders • Next Steps • Homework: Review Push IG & Content IG • Looking Forward: Josh M. prototype ; Keith B – Search & Summary Endpoint doc on the public site • Dec 6th: Virtual Connectathon for DIRECT / Trust to test sending data from data holders to receivers; NIST tools will also be present • Dec 11th: ONC annual Meeting; ABBI will have a Town Hall from 2:30-4 pm, and more of a casual meeting up that evening for all ABBI folks who are interested. • Meeting Reminders • Next PULL Workgroup Meeting is Tuesday, November 27, 2012 @ 3:00 pm Eastern. • The next Community Meeting will be announced. • http://wiki.siframework.org/Automate+Blue+Button+Initiative • For questions, please contact your support leads • Initiative Coordinator: Pierce Graham-Jones (pierce.graham-jones@hhs.gov) • Presidential Innovation Fellow: Ryan Panchadsaram (ryan.panchadsaram@hhs.gov) • Project Manager: Jennifer Brush (jennifer.brush@esacinc.com) • S&I Admin: Apurva Dharia (apurva.dharia@esacinc.com)