Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.
-
Upload
godwin-floyd -
Category
Documents
-
view
214 -
download
0
Transcript of Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.
![Page 1: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/1.jpg)
Data Segmentation for PrivacyAgenda
All-hands Workgroup Meeting
May 9, 2012
![Page 2: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/2.jpg)
Meeting Etiquette
Remember: If you are not speaking keep your phone on mute
Do not put your phone on hold – if you need to take a call, hang up and dial in again when finished with your other call – Hold = Elevator Music = very frustrated speakers and participants
This meeting, like all of our meeting is being recorded– Another reason to keep your phone on mute when not speaking
Feel free to use the “Chat” feature for questions, comments or any items you would like the moderator or participants to know.
NOTE: This meeting is being recorded and will be posted on the Meeting Minutes Wiki page after
the meeting
From S&I Framework to Participants:Hi everyone: remember to keep your phone on mute
![Page 3: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/3.jpg)
Agenda
Topic Time Allotted
General Announcements 5 Minutes
Tiger Team Review 15 Minutes
Privacy Metadata Analysis 60 Minutes
Next Steps/Questions 10 Minutes
![Page 4: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/4.jpg)
HL7 EHR-S Metadata Ballot
• Third item on ballot desktop
• “Comment Only” ballot, due date for comments on May 25th, 2012
• Documents for public comment are in draft form
• Scope of the ballot touches on the 3 P’s: Patient Identification, Provenance, & Privacy
• Seeking input on:
1. Have the correct categories of metadata been captured in the Profile?
2. Have the correct metadata items been identified in the Profile?
3. Does audit data need to be differentiated from metadata? If so, how?
4. Are these the correct functions and conformance criteria to represent metadata needs and processes?
• Current ballot only contains two documents:
1. Chapter 1 of the Profile - Overview and Conformance Clause
2. Chapter 2 of the Profile - Functions List (in excel format).
Relevant Content:
"The EHR-S Metadata Functional Companion Profile sets a foundation for other profiles to establish realm or domain-specific
language related to metadata, audit data, and its management in EHR-S. This Profile identifies the system functionality and
conformance criteria for an EHR system to support metadata required for patient demographics, provenance (source and
type of data), and security and privacy in support of health information exchange."
Name Lvl. Ballot Document Signup Close Date Ballot Open Ballot Close HL7 EHR-System Functional Profile for Health Information Exchange Metadata, Release 1 - US Realm
O1 ( 621.3 kb ) May 18, 2012 Apr 25, 2012 May 25, 2012
![Page 5: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/5.jpg)
General Announcements
Pilot Implementation• Forming a RI/Pilot sub-workgroup starting on May 21st
![Page 6: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/6.jpg)
Data Segmentation for PrivacyAll-hands Slides
Consent Management Transactions Tiger Team
Information Interchange Tiger TeamSystem Requirements Tiger Team
May 9, 2012
![Page 7: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/7.jpg)
DS4P Initiative Timeline
![Page 8: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/8.jpg)
Work Accomplished and Next Steps
Work Accomplished• Conducted Implementation Guide walkthrough
Next Steps• Review and finalize tiger team recommendations of data set/data element
analysis• Provide Implementation Guidance in accordance with tiger team
recommendations• Continue review and comment of IG document
![Page 9: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/9.jpg)
Announcements, Recommendations, and Risks
Announcements• CMT and II TT meetings will be Monday, 5/14• SR TT meeting will be Tuesday, 5/15• IG comment and feedback wiki page
Risk/Issues/Dependencies• We need your input, please review the IG document prior to next weeks TT
meetings
![Page 10: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/10.jpg)
Action ItemsDescription Owner Status Due Date Notes
Review and finalize tiger team recommendations of data set/data element analysis
WG
Open 5/14
Still pending
Finalize IG document
WG
Open 5/30
![Page 11: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/11.jpg)
Data Segmentation for PrivacyAll-hands Slides
Privacy Metadata Analysis
May 9, 2012
![Page 12: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/12.jpg)
Privacy Policy Overview
Composite Privacy Policies
– Composite policies are complex, they comprise of several, computable policies
– Privacy metadata used to summarize the relevant base policies:
• Confidentiality level• Information source is a
covered substance abuse treatment
• Consent required for disclosure/re-disclosure
42 CFR Part 2
Consent required for disclosure
Facility = Substance Abuse Treatment
Confidentiality = Restricted
![Page 13: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/13.jpg)
Privacy Metadata Inside CDA
Clinical Document Architecture (CDA) based Documents
– Atomic data objects– Support confidentiality
level in a hierarchical way
• Global – in the header, it applies overall to the document
• Per section – the highest level must apply to the document
CDA Document
Section Section Section
Confidentiality = Restricted
Confidentiality = Restricted
Confidentiality = Restricted
Confidentiality = Normal
Assumptions: - Receiving EHR system can enforce access control to control access to restricted information - Only information receiving organization is authorized to receive is sentRecommendation: - Apply “highest watermark approach” to applying confidentiality code to document - Use HL7 confidentiality code system, CDA subset (N, R, VR)
![Page 14: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/14.jpg)
IHE XUA ++ Metadata
Submission Set Metadata
DocumentEnvelope Metadata
DocumentEnvelope Metadata
DocumentEnvelope Metadata
Select documents to
be sent
Submit documents to
recipient
Confidentiality Code
Specify user, role, purpose,
consent reference
Segment protected
information
Sending 42 CFR protected information
Document Envelope Metadata is the XDSDocumentEntry
![Page 15: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/15.jpg)
Parse XUA Metadata
Parse Document Metadata
XUA ++ Metadata Persist documents and
metadata
Interpret Submission Metadata
Receiving 42 CFR protected information
Submission Set Metadata
DocumentEnvelope Metadata
DocumentEnvelope Metadata
DocumentEnvelope Metadata
Confidentiality Code
Purpose of Use
![Page 16: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/16.jpg)
XUA ++ Metadata
Select documents to
be sent
Submit documents to
recipient
Specify user, role, purpose,
consent reference
Re-disclosure: Sending 42 CFR protected information
Third-party documents
and metadata
Locally created
Submission Set Metadata
Document EnvelopeMetadata
DocumentEnvelope Metadata
DocumentEnvelope Metadata
Third-party author
Segment protected
information
![Page 17: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/17.jpg)
![Page 18: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/18.jpg)
![Page 19: Data Segmentation for Privacy Agenda All-hands Workgroup Meeting May 9, 2012.](https://reader035.fdocuments.in/reader035/viewer/2022070410/56649edc5503460f94bebfc4/html5/thumbnails/19.jpg)
Open Issues
1. Re-disclosure Notification:
- Machine readable and/or human readable?
2. Can the approach presented here satisfy use case requirements if the payload is not a CDA?