“ Jericho / UT Austin Pilot”

S&I Framework

Jericho / UT Austin Pilot

Privacy with Dynamic Patient ReviewAugust 27, 2013

Presented by:David Staggs, JD, CISSPJericho Systems Corporation1208/27/2013AgendaAdministrative issues Pilot scopePilot data flow Review of previous demonstrationReport on current progressDiscussionPilot TimelinePlan of ActionAnnouncement of all hands meeting308/27/2013Pilot AdministriviaThis pilot is a community led pilotLimited support provided by the ONCZachary May (ESAC)Jeanne Burton (Security Risk Solutions)Melissa Springer (HHS) In conjunction with DS4P bi-weekly return of an All Hands meetingAccess to DS4P Wiki, teleconference, and calendar Meeting times: Tuesdays 11AM (ET) Dial In: +1-650-479-3208Access code: 662 197 169URL:https://siframework1.webex.com/siframework1/onstage/g.php?t=a&d=662197169408/27/2013Scope of the PilotDefine the exchange of HL7 CDA-compliant PCD between a data custodian and a PCD repository that includes a report on the outcome of the request back to the healthcare consumer. Additional goal: use of identifiers that can uniquely identify the healthcare consumer and PCD repository used to report the outcome of the request back to the healthcare consumer by healthcare consumers provider and subsequent EHR custodians.Stretch goal: mask and/or redact the clinical document based on PCD choices retrieved from the PCD repository. Stretch goal: use of the PCD repository as a proxy allowing direct authentication by the healthcare consumer to the provider, subsequently reducing correlation errors.

508/27/2013Pilot Data Flow

Custodian of Data being Provided at

PatientPCD Repository2nd Requestor1st RequestorB

, = Clinical data

A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at 608/27/2013Previous DemonstrationUse Universal Client to send NwHIN messagesPatient Discovery (ITI-55), Query for Documents (ITI-38), and Request Document (ITI-39) Demonstrate consent based on recipient and patient consent directive (retrieved from a PCD repository)Show result of different policies: 1st requestor v. 2nd requestorDemonstrate PCD applied by 1st requestor1st requestor retrieves document; 2nd requestor requests from 1st requestor Demonstrate consent based on purpose of usechange policy from allow treatment to allow research, request using research attribute both times708/27/2013Current ProgressEdmonds Scientific development of data segmentation functionality for identifying segments in clinical documents and redactionRedaction demonstrated using Request Document (ITI-39). UT Austin demonstrate consent based on recipient and patient consent directive (retrieved from a PCD repository)Patient Discovery (ITI-55), Query for Documents (ITI-38), and Request Document Conemaugh Health System demonstrate consent based on recipient and patient consent directive Patient Discovery (ITI-55), Query for Documents (ITI-38), and Request Document

07/30/20138

Healthcare Classification System(HCS)08/27/20139Document FactsDocument OrchestrationRules EngineDocument TransformerRule GenerationPackagingSimplified ViewPCD ConstraintsDocumentClinical/Organizational PoliciesFact AdministrationRulesDocumentActionsDocument, PCD (decomposed), and Org OID (FHIR ResourcesSupported)Redacted/Annotated/Masked DocumentEvent LoggingHL7 FHIR ConnectathonFast Healthcare Interoperability Resources (FHIR) Resources:represent flexible granular clinical conceptsmanaged in isolation, or aggregated into complex documentsa coherent solution for a range of interoperability problemsbased on thorough requirements gathering, formal analysis and extensive cross-mapping to other relevant standardsbased on simple XML, with an http-based RESTful protocol where each resource has predictable URLA workflow management layer provides support for designing, procuring, and integrating solutions.

08/27/2013101108/27/2013FHIR DemonstrationHealth Level Seven (HL7) 27TH Annual Plenary & Working Group MeetingsSeptember 21-22, 2013 Hyatt Regency Cambridge (Boston)

HCS Security Labeling ServicesDS4P Use Cases Share All, Share Partial, BreakglassVA/DoD iEHR Use Cases1208/27/2013DiscussionOpen forum for discussing questions:Problems with the Universal Client?Problems with communicating use of the PCD repositoryProblems with use of OpenATNA Audit Message ViewerProblems with how PCD is changed and the affects Unexpected benefits/problems1308/27/2013Pilot TimelineGeneral Timeline, conditioned on agreement of stakeholders

14Plan of ActionUpon agreement of the participants the POA is: Identify the elements available from previous DS4P pilotsScope level of effort, decide on extended scenarioDetermine first draft of functional requirementsReview standards available for returning information on requestsDetermine any gaps or extensions required in standardsStand up information holders and requestorsCreate XDS.b repository holding PCDIdentify remaining pieces, create test procedures Document and update IG with results of our experience

08/27/201315AnnouncementDS4P All Hands Meeting:

When: Wed, August 28, 11:00am 12:30pm (ET)Where: Dial-in 1-650-479-3208 Access code: 661 315 448 WebEx URL(https://siframework1.webex.com/siframework1/onstage/g.php?t=a&d=661315448)

08/27/20131608/27/2013Backup SlidesDS4P Standards MaterialLocation of DS4P Standards Inventory:http://wiki.siframework.org/Data+Segmentation+-+Standards+InventoryLocation of DS4P Standards Mapping Issues:http://wiki.siframework.org/file/view/Copy%20of%20DataMappingsIssues%2005102012.xlsx/333681710/Copy%20of%20DataMappingsIssues%2005102012.xlsxGeneral Standards Source List:http://wiki.siframework.org/file/view/General%20SI%20Framework%20Standards%20Analysis.xlsx/297940330/General%20SI%20Framework%20Standards%20Analysis.xlsxStandards Crosswalk Analysis http://wiki.siframework.org/Data+Segmentation+for+Privacy+Standards+and+Harmonization (at bottom of page, exportable)Implementation Guidancehttp://wiki.siframework.org/file/view/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf/416474106/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf

08/27/2013171808/27/2013DS4P ReferencesUse Case: http://wiki.siframework.org/Data+Segmentation+for+Privacy+Use+Cases

Implementation Guide: http://wiki.siframework.org/Data+Segmentation+for+Privacy+IG+Consensus

Pilots Wiki Page: http://wiki.siframework.org/Data+Segmentation+for+Privacy+RI+and+Pilots+Sub-Workgroup1908/27/2013Pilot Data Flow



, = Clinical data

A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at 2008/27/2013Pilot Data Flow


PatientPCD Repository2nd Requestor1st RequestorClinical exchange #Clinical exchange # B

, = Clinical data

A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at Fetch PCDFetch PCDSend auditSend audit2108/27/2013Pilot Data Flow (1)


PatientPCD Repository2nd Requestor1st Requestor

, = Clinical data

A,B =PCD data

= audit record2208/27/2013Pilot Data Flow (2)


PatientPCD Repository2nd Requestor1st Requestor, = Clinical data

A,B =PCD data

= audit record2308/27/2013Pilot Data Flow (3)


PatientPCD Repository2nd Requestor1st RequestorB, = Clinical data

A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at 2408/27/2013Pilot Data Flow (4)



A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at 2508/27/2013Pilot Data Flow (5)



A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at 2608/27/2013Pilot Data Flow (updated)



, = Clinical data

A,B =PCD data

= audit recordAnd Subsequent Custodian of Data being Provided at

“ Jericho / UT Austin Pilot”

Documents

Transcript of “ Jericho / UT Austin Pilot”