Cross-Enterprise Document Point-to-point Interchange (XDM) IHE Vendors Workshop 2006 IHE IT Infrastructure Education David HEANEY (McKesson), Emmanuel CORDONNIER (ETIAM)
Consulting to referring physicians Specialist, Radio or Lab GP / PCP Doctor A Remote advice Hospital-doctor communication Patient Transfer Personal Health Record (PHR)to ED/Primary Care EMR Acute Care Dischargeto Extended Care Facility (ECF) Hospital Acute Care / ED Care Facility XDMUses Cases
XDM Value proposition • Complementary to sharing documents (XDS), point-to-point communication of documents • Both transports: secured mail & media (CD…) • As XDS, “document content agnostic” • Maximal re-use of XDS objects & meta-data • Compatible with exchange of images (PDI…) • All XDS “content profiles” apply
XDS Scope • Interchange of patient centered documents • Transmission of results, discharge letters or patient referrals (not the "workflow" itself but all the medical information associated with - e.g. reports, results, images, signals…) • Personal Health Record medical information (history, etc), snapshots of clinical information (medication list, immunization records, etc), current observations from home care medical devices (e.g. blood pressure, blood sugar level, etc).
XDM Key Technical Properties • Re-uses XDS approach for documents • SubmissionSet, DocumentEntry • ebRS based XML meta-data w. limited extensions • Secure e-mail (SMTP, ZIP) • Potential association of XDS and PDI at the actor level (Document Source…)
XDM Actor Diagram Portable Media Creator Distribute Document Set on Media [ITI-33] Portable Media Importer
XDM Actors and Options Note 1: At least one of these options is required for each Actor.
XDP content: In complement, PDI content: XDM in conjunction with PDI
Security considerations (1) • Use of S/MIME encryption and signature for off-line network transfer (integrity, privacy) • Encryption, with TLS authentication of both hosts, for on-line transfers across secure domains • Actors need to protect themselves against confidentiality and integrity related risks • XDP grouped with ATNA (access control/audit) • Import operations need to be further protected (hash and size to detect corruption with metadata assurance) • Media must be securely managed (respect of privacy, proper identification, and corruption checking)
Security considerations (2) • Additionally, parties are recommended to have a mutual agreement: • Management of Patient identification in order to avoid/limit identification errors. The metadata includes a patient id shared by both the Document Source and the Document Recipient as well as id and associated patient info as known by the Document Source. • Measures taken to avoid/limit loss of email by using acknowledgements. • Management of personnel and the organizations identification and access control mechanisms. • Codes set and vocabulary used enabling a consistent management of the metadata on both side. • In addition both organizations shall have mutually acceptable audit trail mechanisms.