Presentation is loading. Please wait.

Presentation is loading. Please wait.

VA-SAMHSA DS4P Pilot Demonstrations Data Segmentation for Privacy Initiative Veterans Health Administration Healthcare Information Governance Emerging.

Published byBeverly Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "VA-SAMHSA DS4P Pilot Demonstrations Data Segmentation for Privacy Initiative Veterans Health Administration Healthcare Information Governance Emerging."— Presentation transcript:

1 VA-SAMHSA DS4P Pilot Demonstrations Data Segmentation for Privacy Initiative Veterans Health Administration Healthcare Information Governance Emerging Health Technologies Advancement Center (EHTAC) HIMSS 2013 Interoperability Showcase Demonstration Playbook Duane DeCouteau Senior Software Engineer (Edmond Scientific)

2 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Table of Contents VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative SectionSlides Demonstration Overview3-6 Demonstration How-To7-14 Use Case: Emergency Treatment15-20 Use Case: Share Partial21-25 Use Case: Share All26-28 Use Case: Patient Changes Mind (Modifying Patient Consent) 29-35 An Unexpected Interop: VA-SAMHSA and NetSmart 36 Things to Consider37

3

4 Tablets #1-3 (Primary) SAMHSA – VA Exchange VA Prototypic Portal Mitre Patient Consent FEIsystems REM Jericho PDP Emergency Use Case VA Direct – Third Party VA Prototypic Portal Mitre Patient Consent FEIsystems REM Jericho PDP VA Repository No Redisclosure Tablet #4 VA Direct – Third Party VA Prototypic Portal Jericho Patient Consent VA Repository Jericho PDP Tablet #5 VA Direct – Third Party VA Prototypic Portal HIPAAT Patient Consent VA Repository HIPAAT Policy Engine [ Bull Pen ] Kiosk 11-1 FEISystems REM (EHR) Clinical Rules Manager Privacy Rules Manager Security and Privacy Administration Security Labeling Service (SLS) Document Orchestration Detailed Access Control Information Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Platforms MobilityPrimary Presentation Station VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative

5 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Supporting Patient Consent Management Systems Jericho Systems Patient Portal Mitre Corporation DS4P GUI MyConsentMinder VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative

6 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Clinical and Use Configuration(s) PUI100010060001 Asample Patientone, 42 Male Active Problems Type 2 Diabetes Asthma Cononary Atery Atheroma Hyperlipidemia Hypertension Acute HIV Substance Abuse Active Medications Bupropion Hydrochloride Zidovudine PUI100010060007 Asample Patienttwo, 32 Male Active Problems Psychotic Disorder Persistent Alcohol Abuse Diabetes mellitus type 2 Sickle Cell Anemia Active Medications Thorazine Metformin Hydroxyurea PUI100015060013 Asample Patienthree, 27 Female Active Problems Anorexia nervosa (disorder) Obsessive compulsive personality disorder (disorder) Active Medications Sertraline 20 MG/ML Oral Solution [Zoloft] [861066] PUI100015060014 Asample Patienfour, 42 Male Active Problems Acute stress disorder (disorder) Major depressive disorder (disorder) Active Medications Sertraline 20 MG/ML Oral Solution [Zoloft] [861066] DrDuane/DrBurak/DrMike/DrMichael/DrDavid/DrKel – Asample Patientone Use Cases Share Partial Emergency Treatment DrMike/DrDuane - Asample Patienttwo Use Cases Share All DrDavid/DrMichael - Asample Patientthree Use Cases Patient Changes Mind DrKel/DrBurak - Asample Patientfour Patients VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative User/Use Case AssignmentsAdditional Patients JERICHO TEST – Patient Consent Only HIPAAT TEST – Patient Consent Only

7 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Login Screen (Username and Password Provided by VA Development Team) Logout Option (System will automatically logout User after 30 minutes of inactivity)

8 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Tablet Navigation Bar Test Patient Selection eHealth Exchange VA – SAMHSA Document Query and Document Retrieve eHealth Direct VA – SAMHSA – Third Party Providers Inbox of Processed Documents (Note: XDM Packages must be processed via Reference Model) Access Control Decisioning View: Policy Decision, Obligations, Generated Annotated Rules, Executed Rules User Profile/Credentials/Workflow (For Demonstration only Purpose of Use (POU) is allowed to be modified) Not Implemented Logout (End User Session)

9 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Select and set context To Veteran patient Patient Selection

10 Execute Document Query Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative View Request SAML Assertion View Meta data Document Search

11 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Document Retrieve Retrieve Selected Document Decrypt Document Payload Decrypt Masked Entries View Transformed CDA Document View Document Retrieve SAML Assertion View Document Meta data (For Demonstration Purposes Only) Select Document to retrieve

12 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Access Control Decisioning Log View Obligation(s) from Patient Consent USPrivacyLaw Organizational Policy View Rules executed based on contents of document being retrieved View Annotation Rules derived from Clinical Facts and Organizational Policy

13 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Setting Purpose of Use (POU)

14 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Basics VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Providers eHealth Direct Inbox Note: Due to time limitations this capability was not implemented please utilize Reference Model test harness to load and process XDM packages. View contents of METADATA.xml Decrypt DOCUMENT.xml file if necessary (SAMHSA patients only) View HTML version of DOCUMENT.xml CDA file. Test/Validate No redisclosure without consent.

15 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Emergency Treatment (Break-the-glass) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Use Case Scenario: The “test” Patient, a Veteran, is being seen at a VAMC Emergency Room for non-specific abdominal pain. The “test” Patient is also receiving un-related treatment at a 42CFRPart2 constrained organization. That patient has chosen to participate in eHealth Exchange and has created a Consent Directive authorizing participation as well are constraining specific components of their clinical record. Specifically the “test” patient wishes to REDACT Substance Abuse, Mental Health related observations, and MASK (for intended recipient eyes only) all findings related to HIV. The Emergency Room attending performs an eHealth Exchange document query and retrieve. Expected Outcome: Annotation of Document will occur with Document, Section, and Entry security labels being applied, NO actions of REDACTION or MASKING will be performed when Purpose of Use (POU) is Emergency Treatment (ETREAT). Authorization for disclosure is determined by POU, Organizational policy, and trust relationship between exchanging organizations (exchange of certificates). Document, in its entirety, is delivered for viewing to Emergency Room attending (requestor) with 42CFRPart2 WARNING and heightened auditing.

16 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Emergency Treatment (Break-the-glass) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #1: From your tablet login to DS4PMobilePortal Step #2: Touch your profile button, “DrName” and change your POU to Emergency(this is normally a workflow event). Step #3: Touch “Patient List” and then select “Asample Patientone” from drop-down list. Step #4: Touch “eHealth Exchange” then touch “Search” button to perform cross-enterprise document query (VA-SAMHSA). Available documents are returned and visible for selection in table. Note: that no document annotation has occurred at this point only 1)an authorization to release to recipient and 2) available documents and meta data are returned. Step #5: Touch row of interest “Consult Notes” and then touch the “Retrieve Document” button.

17 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Emergency Treatment (Break-the-glass) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #6: Note that the document has been delivered to the requestor in the Emergency Room in its Encrypted form per sending organizations DS4P policy. Step #7: Touch “X” button or anywhere to close “Document Retrieve Response” window. Step #8: Touch “Decrypt Document” to decrypt document payload. This step is for demonstration purposes only. Step #9: Note that contents of document are now revealed (in XML form) to requestor. Again this is a step is for demonstration purposes only.

18 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Emergency Treatment (Break-the-glass) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #10: Touch the “View Clinical Document” button the 42CFRPart warning is displayed as well as the document. Note the document and section level tagging of “R” for restricted. And the entry level tag related to applicable policies. Substance Abuse (ETH), Mental Health Related (PSY), and HIV information is visible. Step #11: Touch the “Access Control Decisioning” button. In table touch most recent event related to your “Provider Id” and “Document Retrieve” service request.

19 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Emergency Treatment (Break-the-glass) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #12: Touch the “Obligations” button, in the XACML Response window we see patient consent directives to REDACT ETH and PSY, and too MASK HIV. Additionally the organization is constrained by US Privacy Laws 42CFRPart2, Title32Section7332, and requires document handling of encryption. Step #13: Touch the Security Labeling Service “SLS Rules Generated” button. A list of all applicable/ available rules is shown, DRL is Drools Rule Language. The rules and the decomposed C32 are sent to the Drools Rule Engine for processing.

20 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Emergency Treatment (Break-the-glass) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #14: Touch the Security Labeling Service “SLS Rules Executed” button. A list of all the rules that executed and results in a label being applied to a specific observation. Note: all disregard patient directives to REDACT and/or MASK. Step #15: RESET you session by setting your Purpose of Use (POU) in your user profile to “Treatment” see step #2 for further instructions.

21 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share Partial VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Use Case Scenario: The “test” Patient, a Veteran, has been referred for a Monday morning follow up appointment with “DrName”. Over the weekend our “test” patient updates their consent directive to include “DrName” as an authorized recipient. Remember our patient’s consent directive constrains specific components of their clinical record. Specifically the “test” patient wishes to REDACT Substance Abuse, Mental Health related observations, and MASK (for intended recipient eyes only) all findings related to HIV. Prior to seeing our test patient “DrName” performs a eHealth Exchange document query. Expected Outcome: Annotation of Document will occur with Document, Section, and Entry security labels being applied, Actions of REDACTION or MASKING will be performed. Authorization for disclosure is determined by, provider ID, POU, Credentials, Sensitivity Permissions, Organizational policy, and trust relationship between exchanging organizations (exchange of certificates). Document, fully annotated (REDACT/LABEL/MASK/ENCRYPT) is delivered to “DrName”.

22 Step #1: From your tablet login to DS4PMobilePortal Step #2: Touch your profile button, “DrName” and change your POU to Treatment(this is normally a workflow event). Step #3: Touch “Patient List” and then select “Asample Patientone” from drop-down list. Step #4: Touch “eHealth Exchange” then touch “Search” button to perform cross-enterprise document query (VA-SAMHSA). Available documents are returned and visible for selection in table. Note: that no document annotation has occurred at this point only 1)an authorization to release to recipient and 2) available documents and meta data are returned. Step #5: Touch row of interest “Consult Notes” and then touch the “Retrieve Document” button. Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share Partial VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative

23 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share Partial VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #6: Note that the document has been delivered to the requestor in its Encrypted form per sending organizations DS4P policy. Step #7: Touch “X” button or anywhere to close “Document Retrieve Response” window. Step #8: Touch “Decrypt Document” to decrypt document payload. This step is for demonstration purposes only. Step #9: Note that contents of document are now revealed (in XML form) to requestor. Again this is a step is for demonstration purposes only.

24 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share Partial VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #10: Touch the “View Clinical Document” button. The 42CFRPart warning is displayed as well as the document. Note the document and section level tagging of “R” for restricted. And that one problem list item, and one medication have been MASKED. Substance Abuse (ETH) and Mental Health Related (PSY) findings have been REDACTED. Step #11: Touch the “Decrypt Doc and Entries” button. Assuming your user has necessary permissions you will receive the key and be able to decrypt the MASKED entries. This step is for demonstration purposes only. Close the XML display. Step #12: Touch the “View Clinical Document” button. The two (2) MASKED entries are revealed to the user. In this case Acute HIV, and the AZT equivalent medication were previously hidden from users view.

25 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share Partial VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #12: Touch the “Access Control Decisioning” button. Step #13: Touch to select most recent “DocumentRetrieve” service request associated with your provider ID in the log table. Step #14: Touch the Security Labeling Service “SLS – Rules Generated” button. Note that rules now take into account the patients wishes to REDACT or MASK aspects of their clinical record. Patient Constraint SNOMED-CT code Sensitivity LabelConfidentiality Label Action US Privacy Law Refrain Policy Document Handling

26 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share All VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Use Case Scenario: The “test” Patient, a Veteran, has been referred to an orthopedic surgeon “DrName” at the VAMC in Helena, MT. The “test” Patient is also receiving un-related treatment at a 42CFRPart2 constrained organization. That patient has chosen to participate in eHealth Exchange and has created a Consent Directive authorizing participation and disclosure to “DrName”. The patient has no concerns in regards to sharing his/her clinical information fully with DrName. Expected Outcome: Annotation of Document will occur with Document, Section, and Entry security labels being applied, Actions of REDACTION or MASKING will be performed IF REQUIRED. Authorization for disclosure is determined by, provider ID, POU, Credentials, Sensitivity Permissions, Organizational policy, and trust relationship between exchanging organizations (exchange of certificates). Document, fully annotated (REDACT/LABEL/MASK/ENCRYPT) is delivered to “DrName”.

27 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share All VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #1: From your tablet login to DS4PMobilePortal Step #2: Touch your profile button, “DrName” and make sure your POU is set to Treatment(this is normally a workflow event). Step #3: Touch “Patient List” and then select “Asample Patienttwo” from drop-down list. Repeat Step #4 thru #10 from Share Partial Use Case Note when viewing clinical document. No masking is present and PSY, ETH, SICKLE Cell Anemia, disorders and medications are visible.

28 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Share All VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #11: Touch the “Access Control Decisioning” button. Step #12: Touch to select most recent “DocumentRetrieve” service request associated with your provider ID in the log table. Step #13: Touch “Obligations” button. Note that there are no patient constraints present. Step #14: Touch the Security Labeling Service “SLS – Rules Generated” button. Note that rules now take into account that no patient constraints are present and are entirely based on organizational policy.

29 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind (Modifying Patient Consent) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Use Case Scenario: The “test” Patient, a Veteran, is currently receiving treatment for PTSD from “DrDavid” at the VAMC in Helena, MT. The “test” Patient is also receiving un-related treatment at a 42CFRPart2 constrained organization. That patient has chosen to participate in eHealth Exchange and has created a Consent Directive authorizing participation and disclosure to “DrDavid” with no constraints. The patient initially has no concerns in regards to sharing his/her clinical information fully with “DrDavid”. At some point in the future our “test” patient fells uncomfortable seeing “DrDavid” and is switched to another Mental Health Provider at the VAMC. After some consideration our “test” patient decides to alter their VA consent directive to disallow access “DrDavid” both locally and across the eHealth Exchange. Expected Outcome: Annotation of Document will occur with Document, Section, and Entry security labels being applied, Actions of REDACTION or MASKING will be performed IF REQUIRED. Authorization for disclosure is determined by, provider ID, POU, Credentials, Sensitivity Permissions, Organizational policy, and trust relationship between exchanging organizations (exchange of certificates). Initially the Document, fully annotated (REDACT/LABEL/MASK/ENCRYPT) is delivered to “DrDavid”. After the “test” patient changes their consent directive to disallow “DrDavid” access, “DrDavid” Is no longer able to receive necessary authorizations to request or view the patients record. Note: This use case example of patient changes mind has had its scope minimized. Only Jericho was able to provide a patient effacing Consent Tool, services, XDS.b repository, and integrate prior to HIMSS. And Consent Directives stored in SAMHSA XDS.b repository were actually generated by VA services without benefit of a patient tool. There are still some issues to be worked out between VA/SAMHSA and Jericho in regards to this portion of the demonstration.

30 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind (Modifying Patient Consent) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #1: From your tablet login to DS4PMobilePortal as “DrDavid” Step #2: Touch your profile button, “DrDavid” and make sure your POU is set to Treatment(this is normally a workflow event). Step #3: Touch “Patient List” and then select “Asample Patientthree” from drop-down list. Repeat Step #4 thru #10 from Share Partial Use Case Note when viewing clinical document, that masked entries exists in both Problem List and Medications.

31 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind (Modifying Patient Consent) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #11: Touch the “Decrypt Doc and Entries”. Masked entries are decrypted and XML document is displayed. This step is for demonstration purposes only. Close window. Step #12: Touch “View Clinical Document” button. Note that EHT and PSY findings are now visible to “DrDavid”.

32 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #11: Touch the “Access Control Decisioning” button. Note that authorization decisions occurred for DocumentQuery, DocumentRetrieve, DocumentEntryUnMask, and DocumentView. Change Asample Patientthree’s VA Consent Directive Step #12: Login into Jericho Systems Patient Portal as “Asample Patientthree”. Note that Dr. David has been authorized to view our test patients records with no constraints.

33 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind (Modifying Patient Consent) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #13: Click on the “Update” button next to “Dr. David” Step #14: Click on “Block all personal health information.” Then click on “Continue” button. Step #15: Click on “Authorize & Sign” button.

34 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind (Modifying Patient Consent) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #16: Sign the draft consent directive making it authoritative by entering in username and password and selecting an end date. Step #17: Click on “Sign Draft” button. Step #18: Note the access for Dr. David is now blocked. Logout of Jericho Systems “Patient Portal”.

35 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Demonstration Use Case: Patient Changes Mind (Modifying Patient Consent) VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Step #19: From the DS4PMobilePortal Touch the “eHealth Exchange” button then Touch “Search” button. DrDavid receives a “You do not have the necessary authorization privileges to perform this operation”. Step #20: Touch “Access Control Decisioning” button. Note the DrDavid’s DocumentQueryOut request have been denied.

36 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 An Unexpected Interop: VA-SAMHSA and NetSmart VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Should we be concerned? During the HIMSS Interoperability Showcase the VA-SAMHSA team was asked to perform an impromptu Interop with the NetSmart DS4P Pilot. VA-SAMHSA team provided NetSmart their Direct HealthVault (development sandbox) email address, requirements for an XDM attachment, and a example of the METADATA being produced by SAMHSA (FEISystems). The first attempt to process the XDM package failed due to the structure of the zip file. NetSmart delivered a new direct message the following day. The direct xdm package was able to be received by the VA developed XDMProcessingService (web service) but failed the Collection phase as it was unable to identify intended recipient to determine permissions for persisting the data. This implied there was a disconnect in METADATA being asserted. The interop was set aside until after the conference. Upon my return home I disabled the permission check during collection phase and manually persisted the intended recipient info after the fact. Allowing the document and its METADATA to be stored. To the right is the CCD received from NetSmart.

37 Data Segmentation Using Healthcare Privacy and Security Labels HIMSS 2013 Things to Consider…. VA-SAMHSA DS4P Pilot HIMSS 2013 Demonstration Data Segmentation for Privacy Initiative Need to revisit METADATA being exchange between organizations. Cart before the horse problem, should HCS be engaged during DocQuery? This is only an issue when an organization annotates the document in real-time. XACML is good for enforcing obligations and refrain policies. But not for determining them. Key exchange between organizations. The OASIS XSPA standards and IHE XUA++ need to be updated to reflect outcomes of pilot. When embedding an XACML policySet in the CDA R2 Consent Directive, which the VA-SAMHSA pilot relied heavily on, a minimum set of policies and resources needs to be recommended.

Download ppt "VA-SAMHSA DS4P Pilot Demonstrations Data Segmentation for Privacy Initiative Veterans Health Administration Healthcare Information Governance Emerging."

Similar presentations

Broker Portal ECF Enhancements Screen Navigation Walkthrough Please progress through the walkthrough by clicking your mouse button following each informational.

Broker Portal ECF Enhancements Screen Navigation Walkthrough Please progress through the walkthrough by clicking your mouse button following each informational.
PantherSoft Financials Smart Internal Billing. Agenda  Benefits  Security and User Roles  Definitions  Workflow  Defining/Modifying Items  Creating.

PantherSoft Financials Smart Internal Billing. Agenda  Benefits  Security and User Roles  Definitions  Workflow  Defining/Modifying Items  Creating.
CareCentrix Direct Training.

CareCentrix Direct Training.
Data Segmentation for Privacy VA/SAMHSA/Mitre/Jericho Pilot Sprint 5 Review Sprint #5 Technical Objectives – (2 week sprint ending July 27, 2012) Story:

Data Segmentation for Privacy VA/SAMHSA/Mitre/Jericho Pilot Sprint 5 Review Sprint #5 Technical Objectives – (2 week sprint ending July 27, 2012) Story:
Project Proposal to IHE: Implementation Guide for Data Segmentation For Privacy (DS4P) over REST Submitted by S&I Framework Data Segmentation for Privacy.

Project Proposal to IHE: Implementation Guide for Data Segmentation For Privacy (DS4P) over REST Submitted by S&I Framework Data Segmentation for Privacy.
Enforceable Specification of Privacy Peter Mork Jean Stanford CEM IR&D.

Enforceable Specification of Privacy Peter Mork Jean Stanford CEM IR&D.
Information Services Portal Login/Logout. LOGIN PAGE Please refer to the following pages for scenarios 1, 2 and 3 Please refer to the ‘Guest User’ User.

Information Services Portal Login/Logout. LOGIN PAGE Please refer to the following pages for scenarios 1, 2 and 3 Please refer to the ‘Guest User’ User.
Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.

Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.
Direct Implementation Perspective 0 Mark Bamberg, Vice President Research & Development MEDfx.

Direct Implementation Perspective 0 Mark Bamberg, Vice President Research & Development MEDfx.
Question: What is Secure Envelope?

Question: What is Secure Envelope?
Tutorial Introduction Fidelity NTSConnect is an innovative Web-based software solution designed for use by customers of Fidelity National Title Insurance.

Tutorial Introduction Fidelity NTSConnect is an innovative Web-based software solution designed for use by customers of Fidelity National Title Insurance.
Data Segmentation for Privacy VA/SAMHSA/Mitre Pilot Sprint 4 Review Sprint #4 Technical Objectives Integration of Drools Service, Document Processing,

Data Segmentation for Privacy VA/SAMHSA/Mitre Pilot Sprint 4 Review Sprint #4 Technical Objectives Integration of Drools Service, Document Processing,
Qualifications Portal Guide Personal Development and Employability Qualification.

Qualifications Portal Guide Personal Development and Employability Qualification.
Presentation to HL7 S&I Framework Data Segmentation for Privacy Initiative 9/25/2013 Johnathan Coleman, CISSP Initiative Coordinator, Data Segmentation.

Presentation to HL7 S&I Framework Data Segmentation for Privacy Initiative 9/25/2013 Johnathan Coleman, CISSP Initiative Coordinator, Data Segmentation.
SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.

SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.
UNCLASSIFIED User Guide Applicant. UNCLASSIFIED Table of Contents What is the SAFETY Act? Applicant Guide Help Desk.

UNCLASSIFIED User Guide Applicant. UNCLASSIFIED Table of Contents What is the SAFETY Act? Applicant Guide Help Desk.
System for Administration, Training, and Educational Resources for NASA SATERN Overview for Learners May 2006.

System for Administration, Training, and Educational Resources for NASA SATERN Overview for Learners May 2006.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review July 9, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.

“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review July 9, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review July 16, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.

“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review July 16, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
Email Encryption Cisco Ironport using Click here to begin Press the ‘F5’ Key to Begin.

Encryption Cisco Ironport using Click here to begin Press the ‘F5’ Key to Begin.

Similar presentations

Ads by Google