1 / 27

“ Jericho / UT Austin Pilot”

“ Jericho / UT Austin Pilot”. Privacy with Dynamic Patient Review. Presented by: David Staggs JD, CISSP Jericho Systems Corporation. Agenda. Administrative issues Pilot scope Pilot data flow Test cases Test results Discussion Pilot timeline Plan of action Meeting announcement.

amos
Télécharger la présentation

“ Jericho / UT Austin Pilot”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review Presented by: David Staggs JD, CISSP Jericho Systems Corporation

  2. Agenda • Administrative issues • Pilot scope • Pilot data flow • Test cases • Test results • Discussion • Pilot timeline • Plan of action • Meeting announcement

  3. Pilot Administrivia • This pilot is a community led pilot • Limited support provided by the ONC • JohnathanColeman (Security Risk Solutions) • Zachary May (ESAC) • Penelope Hughes (ONC) • LibbieBuchele (ONC Sponsor) • In conjunction with DS4P bi-weekly return of an All Hands meeting • Access to DS4P Wiki, teleconference, and calendar • Meeting times: Tuesdays 11AM (ET) • Dial In: +1-650-479-3208Access code: 662 197 169URL:https://siframework1.webex.com/siframework1/onstage/g.php?t=a&d=662197169

  4. Scope of the Pilot • Define the exchange of HL7 CDA-compliant PCD between a data custodian and a PCD repository that includes a report on the outcome of the request to the healthcare consumer (subject). • Additional goal: use identifiers to identify the subject/ PCD repository for use in reporting the outcome of the “secondary user” request use case to subject by subsequent EHR custodians. • Stretch goal: mask and/or redact the clinical document based on data segmentation and PCD choices retrieved from the PCD repository.

  5. Pilot Data Flow , = Clinical data A,B = PCD data = audit record  1st Requestor And Subsequent Custodian of Data being Provided at  B Custodian of Data being Provided at   PCD Repository 2nd Requestor Patient

  6. Test Cases • Consent To Patient Discovery : No Consent • Consent To Document Query : No Consent • Consent To Document Retrieve : No Consent • Consent To Patient Discovery : 1st Requestor (1st) • Consent To Document Query : 1st To PC - Allow • Consent To Document Query with POU 1st to PC – Deny • Consent To Document Retrieve : 1st to PC - Allow • Consent To Patient Discovery : 2nd Requestor(2nd) • Consent To Document Query : 2ndTo PC - Deny • Consent To Document Retrieve : 2nd To PC – Deny • Consent To Document Query : 2ndto SC - Deny • Consent To Document Retrieve : 2ndto SC - Deny • Consent To Document Retrieve : With Segmentation

  7. Test Cases (Visual Representation) PC = Primary Custodian SC = Secondary Custodian

  8. Test Participants Participants in the September 20, 2013 DS4P Pilot Execution Script:

  9. Consent To Patient Discovery: 1st Requestor (Test 4) • Scenario: A research university searches the NwHIN for information on an individual named GallowYounger. • Test Steps: • 1st requestor searches for the name Gallow Younger. • Select Gallow Younger in the list. • Click on the Patient Correlation tab. • Click “Discover Patient.” • Log Capture • Primary Custodian CONNECT log • First Requestor CONNECT log & screenshots • ATNA Log • PCD Repository log • Exchanged consent directive

  10. Example Summary Consent To Patient Discovery: 1st Requestor (Test 4)

  11. Example of Collected Logs

  12. PCD Repository (Glassfish Log 26)

  13. Discussion • Review of J-UT DS4P Test Document Draft • Overview • Scenario Tests • Transaction Tests • Document Tests • Test Results • Appendixes: Test Artifacts • Recorded video of the test session will be available

  14. Pilot Timeline • General Timeline, conditioned on agreement of stakeholders

  15. Plan of Action • Upon agreement of the participants the POA is: • Identify the elements available from previous DS4P pilots • Scope level of effort, decide on extended scenario • Determine first draft of functional requirements • Review standards available for returning information on requests • Determine any gaps or extensions required in standards • Stand up information holders and requestors • Create XDS.b repository holding PCD • Identify remaining pieces, create test procedures • Document and update IG with results of our experience

  16. Meeting Announcement • Next meeting (10/1) cancelled • Next meeting date: 10/8 • Review test document • Review of current IG guidance • Review proposed IG guidance statements

  17. Backup Slides

  18. DS4P Standards Material • Location of DS4P Standards Inventory: http://wiki.siframework.org/Data+Segmentation+-+Standards+Inventory • Location of DS4P Standards Mapping Issues: http://wiki.siframework.org/file/view/Copy%20of%20DataMappingsIssues%2005102012.xlsx/333681710/Copy%20of%20DataMappingsIssues%2005102012.xlsx • General Standards Source List: http://wiki.siframework.org/file/view/General%20SI%20Framework%20Standards%20Analysis.xlsx/297940330/General%20SI%20Framework%20Standards%20Analysis.xlsx • Standards Crosswalk Analysis http://wiki.siframework.org/Data+Segmentation+for+Privacy+Standards+and+Harmonization (at bottom of page, exportable) • Implementation Guidance http://wiki.siframework.org/file/view/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf/416474106/Data%20Segmentation%20Implementation%20Guidance_consensus_v1_0_4.pdf

  19. DS4P References • Use Case: http://wiki.siframework.org/Data+Segmentation+for+Privacy+Use+Cases • Implementation Guide: http://wiki.siframework.org/Data+Segmentation+for+Privacy+IG+Consensus • Pilots Wiki Page: http://wiki.siframework.org/Data+Segmentation+for+Privacy+RI+and+Pilots+Sub-Workgroup

  20. Pilot Data Flow , = Clinical data A,B = PCD data = audit record  1st Requestor And Subsequent Custodian of Data being Provided at  B Custodian of Data being Provided at   PCD Repository 2nd Requestor Patient

  21. Pilot Data Flow Clinical exchange # , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at  B Fetch PCD Fetch PCD Custodian of Data being Provided at  Clinical exchange #  Send audit Send audit PCD Repository 2nd Requestor Patient

  22. Pilot Data Flow (1) , = Clinical data A,B = PCD data = audit record  1st Requestor Custodian of Data being Provided at  PCD Repository 2nd Requestor Patient

  23. Pilot Data Flow (2) , = Clinical data A,B = PCD data = audit record  1st Requestor Custodian of Data being Provided at  PCD Repository 2nd Requestor Patient

  24. Pilot Data Flow (3) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at  B Custodian of Data being Provided at   PCD Repository 2nd Requestor Patient

  25. Pilot Data Flow (4) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at  Custodian of Data being Provided at   PCD Repository 2nd Requestor Patient

  26. Pilot Data Flow (5) , = Clinical data A,B = PCD data = audit record 1st Requestor And Subsequent Custodian of Data being Provided at  Custodian of Data being Provided at  PCD Repository 2nd Requestor Patient

  27. Pilot Data Flow (updated) , = Clinical data A,B = PCD data = audit record  1st Requestor And Subsequent Custodian of Data being Provided at  B Custodian of Data being Provided at   PCD Repository 2nd Requestor Patient

More Related