260 likes | 392 Views
“ Jericho / UT Austin Pilot”. Privacy with Dynamic Patient Review. Presented by: David Staggs, JD, CISSP Jericho Systems Corporation. Agenda. Administrative issues Pilot scope Pilot data flow Review of previous demonstration Report on current progress Discussion Pilot Timeline
E N D
“Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review Presented by: David Staggs, JD, CISSP Jericho Systems Corporation
Agenda • Administrative issues • Pilot scope • Pilot data flow • Review of previous demonstration • Report on current progress • Discussion • Pilot Timeline • Plan of Action • Announcement of “all hands meeting”
Pilot Administrivia • This pilot is a community led pilot • Limited support provided by the ONC • Zachary May (ESAC) • Jeanne Burton (Security Risk Solutions) • Melissa Springer (HHS) • In conjunction with DS4P bi-weekly return of an All Hands meeting • Access to DS4P Wiki, teleconference, and calendar • Meeting times: Tuesdays 11AM (ET) • Dial In: +1-650-479-3208Access code: 662 197 169URL:https://siframework1.webex.com/siframework1/onstage/g.php?t=a&d=662197169
Scope of the Pilot • Define the exchange of HL7 CDA-compliant PCD between a data custodian and a PCD repository that includes a report on the outcome of the request backto the healthcare consumer. • Additional goal: use of identifiers that can uniquely identify the healthcare consumer and PCD repository used to report the outcome of the request back to the healthcare consumer by healthcare consumer’s provider and subsequent EHR custodians. • Stretch goal: mask and/or redact the clinical document based on PCD choices retrieved from the PCD repository. • Stretch goal: use of the PCD repository as a proxy allowing direct authentication by the healthcare consumer to the provider, subsequently reducing correlation errors.
Pilot Data Flow , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at B Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Previous Demonstration • Use Universal Client to send NwHIN messages • Patient Discovery (ITI-55), Query for Documents (ITI-38), and Request Document (ITI-39) • Demonstrate consent based on recipient and patient consent directive (retrieved from a PCD repository) • Show result of different policies: 1st requestor v. 2ndrequestor • Demonstrate PCD applied by 1st requestor • 1st requestor retrieves document; 2ndrequestor requests from 1st requestor • Demonstrate consent based on purpose of use • change policy from “allow treatment” to “allow research,” request using “research” attribute both times
Current Progress • Edmonds Scientific development of data segmentation functionality for identifying segments in clinical documents and redaction • Redaction demonstrated using Request Document (ITI-39). • UT Austin demonstrate consent based on recipient and patient consent directive (retrieved from a PCD repository) • Patient Discovery (ITI-55), Query for Documents (ITI-38), and Request Document • Conemaugh Health System demonstrate consent based on recipient and patient consent directive • Patient Discovery (ITI-55), Query for Documents (ITI-38), and Request Document
Healthcare Classification System(HCS) Document, PCD (decomposed), and Org OID (FHIR Resources Supported) Clinical/Organizational Policies PCD Constraints Rule Generation Document Fact Administration Document “Facts” Rules Document Orchestration Rules Engine Event Logging Actions Document Redacted/Annotated/ Masked Document Document Transformer Packaging Simplified View
HL7 FHIR Connectathon Fast Healthcare Interoperability Resources (FHIR) Resources: • represent flexible granular clinical concepts • managed in isolation, or aggregated into complex documents • a coherent solution for a range of interoperability problems • based on thorough requirements gathering, formal analysis and extensive cross-mapping to other relevant standards • based on simple XML, with an http-based RESTful protocol where each resource has predictable URL A workflow management layer provides support for designing, procuring, and integrating solutions.
FHIR Demonstration • Health Level Seven (HL7) • 27TH Annual Plenary & Working Group Meetings • September 21-22, 2013 Hyatt Regency Cambridge (Boston) • HCS – Security Labeling Services • DS4P Use Cases – Share All, Share Partial, Breakglass • VA/DoD iEHR Use Cases
Discussion • Open forum for discussing questions: • Problems with the Universal Client? • Problems with communicating use of the PCD repository • Problems with use of OpenATNA Audit Message Viewer • Problems with how PCD is changed and the affects • Unexpected benefits/problems
Pilot Timeline • General Timeline, conditioned on agreement of stakeholders
Plan of Action • Upon agreement of the participants the POA is: • Identify the elements available from previous DS4P pilots • Scope level of effort, decide on extended scenario • Determine first draft of functional requirements • Review standards available for returning information on requests • Determine any gaps or extensions required in standards • Stand up information holders and requestors • Create XDS.b repository holding PCD • Identify remaining pieces, create test procedures • Document and update IG with results of our experience
Announcement • DS4P “All Hands Meeting:” • When: Wed, August 28, 11:00am – 12:30pm (ET) • Where: Dial-in 1-650-479-3208 • Access code: 661 315 448 • WebEx URL • (https://siframework1.webex.com/siframework1/onstage/g.php?t=a&d=661315448)
DS4P Standards Material • Location of DS4P Standards Inventory: http://wiki.siframework.org/Data+Segmentation+-+Standards+Inventory • Location of DS4P Standards Mapping Issues: http://wiki.siframework.org/file/view/Copy%20of%20DataMappingsIssues%2005102012.xlsx/333681710/Copy%20of%20DataMappingsIssues%2005102012.xlsx • General Standards Source List: http://wiki.siframework.org/file/view/General%20SI%20Framework%20Standards%20Analysis.xlsx/297940330/General%20SI%20Framework%20Standards%20Analysis.xlsx • Standards Crosswalk Analysis http://wiki.siframework.org/Data+Segmentation+for+Privacy+Standards+and+Harmonization (at bottom of page, exportable) • Implementation Guidance http://wiki.siframework.org/file/view/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf/416474106/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf
DS4P References • Use Case: http://wiki.siframework.org/Data+Segmentation+for+Privacy+Use+Cases • Implementation Guide: http://wiki.siframework.org/Data+Segmentation+for+Privacy+IG+Consensus • Pilots Wiki Page: http://wiki.siframework.org/Data+Segmentation+for+Privacy+RI+and+Pilots+Sub-Workgroup
Pilot Data Flow , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at B Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Pilot Data Flow Clinical exchange # , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at B Fetch PCD Fetch PCD Custodian of Data being Provided at Clinical exchange # Send audit Send audit PCD Repository 2nd Requestor Patient
Pilot Data Flow (1) , = Clinical data A,B = PCD data = audit record 1st Requestor Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Pilot Data Flow (2) , = Clinical data A,B = PCD data = audit record 1st Requestor Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Pilot Data Flow (3) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at B Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Pilot Data Flow (4) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Pilot Data Flow (5) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at Custodian of Data being Provided at PCD Repository 2nd Requestor Patient
Pilot Data Flow (updated) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at B Custodian of Data being Provided at PCD Repository 2nd Requestor Patient