jericho ut austin pilot n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
“ Jericho / UT Austin Pilot” PowerPoint Presentation
Download Presentation
“ Jericho / UT Austin Pilot”

Loading in 2 Seconds...

play fullscreen
1 / 25

“ Jericho / UT Austin Pilot” - PowerPoint PPT Presentation


  • 97 Views
  • Uploaded on

“ Jericho / UT Austin Pilot”. Privacy with Dynamic Patient Review. Presented by: David Staggs JD, CISSP Jericho Systems Corporation. Agenda. Administrative issues Pilot scope Pilot data flow Implementation guidance document Previously discussed sections Additional sections

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '“ Jericho / UT Austin Pilot”' - missy


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
jericho ut austin pilot

“Jericho / UT Austin Pilot”

Privacy with Dynamic Patient Review

Presented by:

David Staggs JD, CISSP

Jericho Systems Corporation

agenda
Agenda
  • Administrative issues
  • Pilot scope
  • Pilot data flow
  • Implementation guidance document
    • Previously discussed sections
    • Additional sections
  • General discussion
  • Pilot timeline
  • Plan of action
pilot administrivia
Pilot Administrivia
  • This pilot is a community led pilot
    • Limited support provided by the ONC
      • JohnathanColeman (Security Risk Solutions)
      • Zachary May (ESAC)
      • Penelope Hughes (ONC)
      • LibbieBuchele (ONC Sponsor)
  • In conjunction with DS4P bi-weekly return of an All Hands meeting
  • Access to DS4P Wiki, teleconference, and calendar
  • Meeting times: Tuesdays 11AM (ET)
    • Dial In: +1-650-479-3208Access code: 662 197 169URL:https://siframework1.webex.com/siframework1/onstage/g.php?t=a&d=662197169
scope of the pilot
Scope of the Pilot
  • Define the exchange of HL7 CDA-compliant PCD between a data custodian and a PCD repository that includes a report on the outcome of the request to the healthcare consumer (subject).
  • Additional goal: use identifiers to identify the subject/ PCD repository for use in reporting the outcome of the “secondary user” request use case to subject by subsequent EHR custodians.
  • Stretch goal: mask and/or redact the clinical document based on data segmentation and PCD choices retrieved from the PCD repository.
pilot data flow
Pilot Data Flow

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

B

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

j ut implementation guidance
J-UT Implementation Guidance
  • PCD returned to the document custodian should be specific to the document custodian and the requestor
  • PCD should be requested for each type of network exchange that could reveal PHI: ITI-55, ITI-38, and ITI-39
  • Data labels should be passed in the PCD request if they exist in the document being requested
  • Document Custodian should return release decision as an ATNA audit message to the PCD repository
  • PCD repository should allow edit of PCD and review of release decisions through standard interfaces

http://wiki.siframework.org/file/view/SIFramework_DS4P_UC_Jericho_4NOV2013.docx/466080974/SIFramework_DS4P_UC_Jericho_4NOV2013.docx

previously discussed ig sections
Previously Discussed IG Sections
  • PCD should be dynamically filtered specifically for the document custodian and requestor (§2.2)
  • PCD should be requested for each type of data exchange that could reveal PHI (§3.0)
  • PCD request should include any data labels identified in the requested information (§2.3)
  • Release decision should be returned to the PCD repository using an ATNA audit message (§2.4)
  • PCD repository should be securely accessible to patients using standard interfaces
  • PCD alternative representation should be XACML and should be lightweight (§2.6)
  • PCD repository location and account information can be embedded in a CDA clinical document (§2.5)
additional topics added to the ig
Additional Topics Added to the IG
  • Introduction: creation of the pilot (§1.0)
  • Use Case Scenario: implementation of user story 3 (§2.0)
  • Architecture: The J-UT data flow (§2.1)
  • IHE ITI-55 Transactions: diagram and data sets for patient discover request received at the gateway (§3.1)
  • IHE ITI-38 Transactions: diagram and data sets for document list request received at the gateway (§3.2)
  • IHE ITI-39 Transactions: diagram and data sets for document request received at the gateway(§3.3)
  • Test Participants: List of members who played roles in the test scenario (§4)
  • Summary of J-UT Implementation Guidance: Summary of the major guidance from the pilot (§5)
general discussion
General Discussion
  • Implementation guidance document
    • Do we need more time to review?
    • Does the content need additions / deletions?
  • Are there issues with the remaining artifacts?
    • Mapping / gap analysis of functionality to standards?
    • Test cases, test artifacts, and/or test video?
  • Additional activities
    • More demonstrations and/or J-UT meetings?
    • Approval of the implementation guidance document?
    • Bringing the IG to standards organizations (profiles)?
pilot timeline
Pilot Timeline
  • General Timeline, conditioned on agreement of stakeholders
plan of action
Plan of Action
  • Upon agreement of the participants the POA is:
    • Identify the elements available from previous DS4P pilots
    • Scope level of effort, decide on extended scenario
    • Determine first draft of functional requirements
    • Review standards available for returning information on requests
    • Determine any gaps or extensions required in standards
    • Stand up information holders and requestors
    • Create XDS.b repository holding PCD
    • Identify remaining pieces, create test procedures
    • Document and update IG with results of our experience
ds4p standards material
DS4P Standards Material
  • Location of DS4P Standards Inventory:

http://wiki.siframework.org/Data+Segmentation+-+Standards+Inventory

  • Location of DS4P Standards Mapping Issues:

http://wiki.siframework.org/file/view/Copy%20of%20DataMappingsIssues%2005102012.xlsx/333681710/Copy%20of%20DataMappingsIssues%2005102012.xlsx

  • General Standards Source List:

http://wiki.siframework.org/file/view/General%20SI%20Framework%20Standards%20Analysis.xlsx/297940330/General%20SI%20Framework%20Standards%20Analysis.xlsx

  • Standards Crosswalk Analysis

http://wiki.siframework.org/Data+Segmentation+for+Privacy+Standards+and+Harmonization (at bottom of page, exportable)

  • Implementation Guidance

http://wiki.siframework.org/file/view/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf/416474106/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf

ds4p references
DS4P References
  • Use Case: http://wiki.siframework.org/Data+Segmentation+for+Privacy+Use+Cases
  • Implementation Guide: http://wiki.siframework.org/Data+Segmentation+for+Privacy+IG+Consensus
  • Pilots Wiki Page: http://wiki.siframework.org/Data+Segmentation+for+Privacy+RI+and+Pilots+Sub-Workgroup
test cases
Test Cases
  • Consent To Patient Discovery : No Consent
  • Consent To Document Query : No Consent
  • Consent To Document Retrieve : No Consent
  • Consent To Patient Discovery : 1st Requestor (1st)
  • Consent To Document Query : 1st To PC - Allow
  • Consent To Document Query with POU 1st to PC – Deny
  • Consent To Document Retrieve : 1st to PC - Allow
  • Consent To Patient Discovery : 2nd Requestor(2nd)
  • Consent To Document Query : 2ndTo PC - Deny
  • Consent To Document Retrieve : 2nd To PC – Deny
  • Consent To Document Query : 2ndto SC - Deny
  • Consent To Document Retrieve : 2ndto SC - Deny
  • Consent To Document Retrieve : With Segmentation
test cases visual representation
Test Cases (Visual Representation)

PC = Primary Custodian

SC = Secondary Custodian

Test Document available for review (since 9/16/2013) at: http://wiki.siframework.org/DS4P+Jericho-UT+Austin+Draft+Test+Document

Video of the test will be available shortly.

test participants
Test Participants

Participants in the September 20, 2013 DS4P Pilot Execution Script:

pilot data flow1
Pilot Data Flow

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

B

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

pilot data flow2
Pilot Data Flow

Clinical exchange #

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

B

Fetch PCD

Fetch PCD

Custodian of Data being Provided at 

Clinical exchange # 

Send audit

Send audit

PCD Repository

2nd Requestor

Patient

pilot data flow 1
Pilot Data Flow (1)

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

pilot data flow 2
Pilot Data Flow (2)

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

pilot data flow 3
Pilot Data Flow (3)

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

B

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

pilot data flow 4
Pilot Data Flow (4)

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

pilot data flow 5
Pilot Data Flow (5)

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient

pilot data flow updated
Pilot Data Flow (updated)

, = Clinical data

A,B =

PCD data

= audit record

1st Requestor

And Subsequent Custodian of Data being Provided at 

B

Custodian of Data being Provided at 

PCD Repository

2nd Requestor

Patient