1 / 61

Presenters: Co-Chair & Facilitator - HITSP Security, Privacy and Infrastructure Technical Committee John Moehrke,

HITSP Service Collaborations for Privacy and Security Webinar #10 November 12, 2009 | 2:00 – 3:30 pm (Eastern). Presenters: Co-Chair & Facilitator - HITSP Security, Privacy and Infrastructure Technical Committee John Moehrke, GE Healthcare

nemo
Download Presentation

Presenters: Co-Chair & Facilitator - HITSP Security, Privacy and Infrastructure Technical Committee John Moehrke,

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HITSP Service Collaborations for Privacy and Security Webinar #10 November 12, 2009 | 2:00 – 3:30 pm (Eastern) Presenters: Co-Chair & Facilitator - HITSP Security, Privacyand Infrastructure Technical Committee John Moehrke, GE Healthcare Johnathan Coleman, Security Risk Solutions, Inc.

  2. Overview Re-organization of HITSP’s Security, Privacy and Infrastructure constructs into a series of Service Collaborations Leverage and reuse existing HITSP constructs Align with the Health Information Technology (HIT) provisions of the American Recovery and Reinvestment Act of 2009 (ARRA). Provide a simplified framework for HITSP’s ongoing activities, making future work products easier to understand and simpler to implement.

  3. Learning Objectives During this 90-minute webinar, participants will: Understand the core concepts and components involved in HITSP’s Privacy and Security Service Collaborations, including Access Control, Security Audit, and Patient Identification Management. Demonstrate how Privacy and Security Service Collaborations can support ARRA’s Meaningful Use, leveraging existing HITSP constructs and components. Learn how to find, navigate, and use HITSP Service Collaborations documentation.

  4. Agenda What is ARRA and HITECH? HITSP Harmonization Framework - Introduction of new “building blocks” Capabilities, Service Collaborations, A new HITSP approach HITSP Service Collaborations In Action Helping meet ARRA Meaningful Use Requirements Conclusions Questions and Answers

  5. What is ARRA? Also known as the “economic stimulus package” Signed into law by President Obama on February 17, 2009 What is HITECH? A portion of ARRA referred to as the Health Information Technology for Economic and Clinical Health (HITECH) Act TITLE XIII—Health Information Technology TITLE IV—Medicare and Medicaid Health Information Technology Contains numerous provisions related to Health Information Technology (HIT) and privacy with aggressive timelines for completion

  6. To Address ARRA Requirements, Tiger Teams Were Created with Specific Focus Areas • A new EHR Centric Interoperability Specification to meet ARRA requirements • Security, Privacy & Infrastructure • Quality Measures • Data Architecture (Element, Template, and Value Set) • Exchange Architecture and Harmonization Framework • Clinical Research Tiger Team membership 232 technical experts

  7. Putting the Pieces Together HITSP created IS’s to harmonize standards and make them implementable • Before HITSP, there was a “custom puzzle” to build for every organization to talk to another organization • HITSP used existing Interoperability Specification (IS) constructs to create reusable Capabilities and Service Collaborations

  8. HITSP Glossary • Capability (CAP)– Specifies a business service that an EHR system addresses and specifies the contents and secure infrastructure needed for that business service • Service Collaboration (SC) – Defines a standards-based secure infrastructure needed for interoperable information exchanges and includes a secure transport mechanism with topology and other options regardless of content • Interoperability Specifications (IS) – Integration of all constructs used to meet business needs or the business needs specified in a Use Case • Components (C) – Logical grouping of base and composite standards that work together, such as messaging and terminology • Transactions (T) – Logical grouping of actions that use components and/or composite standards to realize the actions • Transaction Packages (TP) – Logical grouping of transactions

  9. Standards “Real World” examples of Base and Composite Standards • XML (base) • IHE-XDS (composite) • HL7-CCD (base) • DICOM (base) • LOINC (base) • SNOMED-CT (base) • NCPDP-Script (composite) • etc. Base Standard • capable of fulfilling a discrete function Composite Standards • groupings of coordinated base standards Examples • Basic Specifications • Implementation Guides • Code Sets and Terminologies

  10. Meeting Business Needs Capabilities and Collaborations could be used to build any new Interoperability Specification to meet a particular business need

  11. Two New HITSP Puzzle Pieces this Year Capabilities Service Collaborations

  12. HITSP Capabilities Enable systems to address a business need for interoperable information exchange Bridge between business, policy and implementation views: Define a set of information exchanges at a level relevant to policy and business decisions Support stakeholder requirements and business processes Define information content and secure infrastructure Specify use of HITSP constructs sufficiently for implementation Include constraints and identify specific network topologies Created To Simplify Design and Use of HITSP Specifications for ARRA Efforts and Beyond

  13. What We Mean by Harmonization Framework

  14. Building aHITSP Capability HITSP Capabilities HITSP Service Collaborations HITSP Constructs Components, Transactions, Transaction Packages Base and Composite Standards

  15. Capability Complete Set Constructs Components one base or composite standard Transaction Construct two or more base or composite standards 'packaged' together Transaction Packages Two or more Transaction constructs 'packaged' together Capability Pre-packaged combinations of Service Collaborations and/or Constructs (Components, Transactions, Transaction Packages) Working ALL together ALWAYS to achieve an exchange purpose Service Collaborations Pre-packaged groups of Component, Transaction and/or Transaction packages ALL working together to achieve an exchange purpose. Type 1: Base or Composite Standards Standards Underlying “DNA” of ALL HITSP Products

  16. Service Collaborations and Capabilities in Action Base and Composite Standards Capabilities Service Collaborations Constructs Component, Transaction, or Transaction Packages

  17. Multiple Capabilities = Interoperability Specification Interoperability Specification

  18. Capabilities and Service Collaborations Allow Us to Develop New Technical Constructs As Needed

  19. HITSP Capabilities

  20. SPI Capabilities SPI Capabilities

  21. HITSP Service Collaborations

  22. Task 2: SPI Service Collaboration Suite IS documents/Workflows ????? ????? EHR Centric IS All other ISxxx Service Collaborations SC108:Access Control SC110:Patient Identification Management SC112: Healthcare DocumentManagement SC114: Administrative Transport to Health Plan SC116: EmergencyMessage Distribution TransactionPackages (e.g. TP30) SCxxx: Future SCs SC109:Security Audit SC111:Knowledge And Vocabulary SC113: Query forExisting Data SC115:HL7 Messaging Transactions (e.g. T29) Component(e.g. C26) Constructs Specified in Service Collaboration Constructs as needed by the SC e.g. TP20, T15, T16, T17 Constructs as needed by the SC e.g. TP20, T15, T16, T17 Constructs as needed by the SC e.g. TP20, T15, T16, T17

  23. Putting it all together Privacy Security

  24. What Is an Example of a Capability? Requirement: Hospital wants to exchange a discharge prescription with an patient’s physician’s office. This diagram shows how Capability (CAP) 117 was assembled to support this requirement using Transaction, Transaction Package and Service Collaboration T40 T42 TP43 TP46 SC114 • System Roles • Medication Order Prescriber • Medication Order Filler • Health Plan • Health Information Exchange Exchange a prescription with an Ambulatory or Long-Term Care Organization CAP117 – Communicate Ambulatory and Long Term Care Prescription

  25. Example: Capability 117 • Requirement: Hospital wants to exchange a discharge prescription with an patient’s physician’s office. SC114– Administrative Transport to Health Plan P H A R M A C Y TP46– Medication Formulary and Benefits Information TP43– Medication Orders T42– Medication Dispensing Status T40– Patient Health Plan Eligibility Verification CAP117 – Communicate Ambulatory and Long Term Care Prescription

  26. Service Collaborations (SC) Defines a standards-based secure infrastructure needed for interoperable information exchanges. Includes a secure transport mechanism with topology and other options. Uses HITSP Constructs to specify the secure infrastructure. Does not specify the content of the information exchange but may include information to support the exchange (e.g., authorization information) Additional Keys to Simpler Definition and Implementation of HITSP Specifications

  27. Service Collaboration – An Essential Component

  28. Example: Service Collaboration 114 SC109 - Security Audit Collaboration T15 - Collect and Communicate Security Audit Trail T16 - Consistent Time SC108 - Access Control Service Collaboration C19 - Entity Identity Assertion (Optional) H E A L T H PLAN T17 - Secured Communication Channel TP20 - Access Control TP30 - Manage Consent Directives T85 - Administrative Transport to Health Plan T17 - Secured Communication Channel Provider SC114 – Administrative Transport to Health Plan

  29. How It All Fits Together Binds content definition with secure infrastructure for a set of interoperable information exchanges

  30. The Refined HITSP Harmonization Framework HITSP Capabilities Service Collaborations Transaction Constructs Service Collaboration Transaction Package Transaction Component SDOs = Standards Development Organizations

  31. Exchange Architectures HITSP Specifications apply to information exchanges indicated by arrows in the figure

  32. SPI Service Collaboration Suite

  33. SPI Service Collaboration Suite (continued)

  34. Review of Selected Service Collaborations SC108– Access Control SC109 – Security Audit SC110 – Patient Identification Management SC112 – Healthcare Document Management SC113 – Query for Existing Data

  35. Access Control – HITSP SC 108

  36. Access Control – HITSP SC 108

  37. Review of Selected Service Collaborations SC108– Access Control SC109 – Security Audit SC110 – Patient Identification Management SC112 – Healthcare Document Management SC113 – Query for Existing Data

  38. Security Audit – HITSP SC 109

  39. Security Audit – HITSP SC 109

  40. Review of Selected Service Collaborations SC108– Access Control SC109 – Security Audit SC110 – Patient Identification Management SC112 – Healthcare Document Management SC113 – Query for Existing Data

  41. Patient Identification Management – HITSP SC 110

  42. Patient Identification Management – HITSP SC 110

  43. Review of Selected Service Collaborations SC108– Access Control SC109 – Security Audit SC110 – Patient Identification Management SC112 – Healthcare Document Management SC113 – Query for Existing Data

  44. Query for Existing Data – External View – HITSP SC 113

  45. Query for Existing Data – Request

  46. Query for Existing Data – Request

  47. Query for Existing Data – Respond to

  48. Query for Existing Data – Respond to

  49. Review of Selected Service Collaborations SC108– Access Control SC109 – Security Audit SC110 – Patient Identification Management SC112 – Healthcare Document Management SC113 – Query for Existing Data

  50. Healthcare Document Management – HITSP SC 112

More Related