Proceedings from an International Workshop, Montreux, Switzerland: Unique Identifier Systems Key concepts Unique Patient ID Brainstorming Meeting Nairobi,

Slides:

Advertisements

Similar presentations

Data Quality Considerations

Advertisements

A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.

Operating System Security

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

Introduction to the User’s Guide for Developing a Protocol for Observational Comparative Effectiveness Research Prepared for: Agency for Healthcare Research.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

Department of Labor HSPD-12

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Chapter 17 Controls and Security Measures

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

FIT3105 Smart card based authentication and identity management Lecture 4.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Copyright 2012 Delmar, a part of Cengage Learning. All Rights Reserved. Chapter 13 Health Information Systems and Strategy.

Selection of Data Sources for Observational Comparative Effectiveness Research Prepared for: Agency for Healthcare Research and Quality (AHRQ)

Marjie Rodrigues

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Standard 5: Patient Identification and Procedure Matching Nicola Dunbar, Accrediting Agencies Surveyor Workshop, 10 July 2012.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Zachary Olson and Yukari Hagio CIS 4360 Computer Security November 19, 2008.

Chapter 10: Authentication Guide to Computer Network Security.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

Sub-session 1B: General Overview of CRVS systems.

Paula Peyrani, MD Medical/Project Director, HIV Program at the 550 Clinic Assistant Director, Research Design and Development Clinical and Translational.

Secure Electronic Transaction (SET)

A Brief Introduction to Patient Identification Using the VUHID System Barry R. Hieb, MD Chief Scientist, Global Patient Identifiers Inc. Kantara, June.

Designing Active Directory for Security

Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.

This material was developed by Duke University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information.

Connecting for Health: Common Framework. 2 What is Connecting for Health? Broad-based, public-private coalition More than 100 collaborators –Providers.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

VUHID Update for CHC Collaborative Health Consortium Barry R. Hieb, MD Chief Scientist, Global Patient Identifiers Inc. Updated Dec., 2011 \marketing\presentations\CHCpresentation

Programme Objectives Analyze the main components of a competency-based qualification system (e.g., Singapore Workforce Skills) Analyze the process and.

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.

28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Integrating a Federated Healthcare Data Query Platform With Electronic IRB Information Systems Shan He IPHIE 2010.

Shaping a Health Statistics Vision for the 21 st Century 2002 NCHS Data Users Conference 16 July 2002 Daniel J. Friedman, PhD Massachusetts Department.

AADHAR TECHNOLOGY Gurneet Kaur, Nitin Mangal. What is Aadhar?  Unique Identification Number linked to a person’s demographic and biometric information.

PRESENTATION ON BIOMETRICS

Security & Privacy. Learning Objectives Explain the importance of varying the access allowed to database elements at different times and for different.

Data Access Framework (DAF) Relationship to Other ONC Initiatives 1.

Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

Biometrics Chuck Cook Matthew Etten Jeremy Vaughn.

Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.

INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.

Networking and Health Information Exchange Unit 6a EHR Functional Model Standards.

Introduction to Active Directory

Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.

My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.

1 Copyright © 2009, 2006, 2003, 2000, 1997, 1994 by Saunders, an imprint of Elsevier Inc. Chapter 23 Nursing Informatics.

 Pharmaceutical Care is a patient-centered, outcomes oriented pharmacy practice that requires the pharmacist to work in concert with the patient and.

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.

Responsibility for Policies and Procedures DR. Mohamed Seyam PhD. PT. Assistant Professor Of Physical Therapy.

National Health Identifiers: Foundations for UHC Asia eHealth Information Network (AeHIN) 3rd General Meeting 4 December 2014 Xenophon M. Santas Lead,

ABC-MAP Act 191 of 2014 September 16, 2016 Pennsylvania’s Prescription Drug Monitoring Program (PA PDMP)

Challenge/Response Authentication

Authentication.

Integrating the Healthcare Enterprise

ConnectingOntario ClinicalViewer

Session 19. Digitizing civil registration and vital statistics

Towards Improvement of Safety for Patient Health Information Exchange

IS4680 Security Auditing for Compliance

PLANNING A SECURE BASELINE INSTALLATION

PKI (Public Key Infrastructure)

HLN Consulting, LLC® November 8, 2006

Presentation transcript:

Proceedings from an International Workshop, Montreux, Switzerland: Unique Identifier Systems Key concepts Unique Patient ID Brainstorming Meeting Nairobi, Kenya November 10, 2009 Xenophon M. Santas U.S. Centers for Disease Control and Prevention Global AIDS Division

Acknowlegdements Shaun Grannis, M.D. Regenstrief Institute Indiana University School of Medicine Mark Shields, M.D. CDC-Zambia Philippe Boucher WHO-Geneva

Presentation Overview Unique identifier characteristics Examples of unique person identifiers System implementation considerations Deployment considerations

Unique identifier characteristics (1) Uniqueness. A unique identifier should identify one and only one individual, and ideally a person should have only one unique identifier. Ubiquity. A unique identifier should be accessible whenever and wherever it is required for healthcare purposes. Ubiquity is not intrinsic to the identifier -- rather it is a reflection of the perceived usefulness and the defined the scope for the identifier.. May be highly specific, such as for use at only one clinic; a specific care program such as a multi-drug-resistant tuberculosis; or for broad use such all public and private healthcare organizations. Scope. May be highly specific, such as for use at only one clinic; a specific care program such as a multi-drug-resistant tuberculosis; or for broad use such all public and private healthcare organizations.

Unique identifier characteristics (2) (ASTM 1714) Global system-level capabilities. Include accessible, assignable, identifiable, verifiable, mergeable, and splittable. For example, verifiability – the ability to determine that an identifier is or is not valid – is is often accomplished by including a check digit. Longitudinal linkage characteristics highlight the specific ability of an identifier to aggregate data across multiple systems over time. These characteristics include being linkable and mappable (e.g., to an existing medical record number).

Unique identifier characteristics (3) (ASTM 1714) Confidentiality and security characteristics address the ability of an identifier to protect and preserve patient privacy. These characteristics include being content free, controllable, healthcare focused, secure, de-identifiable, and public. Standards-based characteristics describe the degree to which an identifier complies with existing approaches. These characteristics include being compatible with existing industry standards, deployable, and usable. For example, deployable indicates that an identifier can be implemented using different technologies such as smart cards, barcode readers, and paper.

Unique identifier characteristics (4) (ASTM 1714) Design characteristics highlight properties inherent to either the actual identifier or the system maintaining the identifiers. Include being unique, repository-based, atomic, concise, unambiguous, permanent, governed, network, long-lasting, retroactive, universal, and incremental. However, contrast concise – as short as possible to support efficient entry – with long lasting – sufficiently long to accommodate information over time. The cost-effectiveness characteristic addresses how well a unique identifier system provides maximum functionality while minimizing deployment and operational costs.

Examples of unique person identifiers (1) Serial number. Creating sequentially increasing integers, with or without leading zeros (0001, 0002, 0003, …) is one of the simplest methods for assigning unique numbers. Forms the basis for some of the distributed methods described below. Globally unique identifiers (GUID). An exceedingly large number of unique values, produces 3.4×1038 possible values, and can be created locally on any computer. An example GUID is: {3F2504E0-4F89-11D3-9A0C-0305E82C3301} Its lack of an explicit check digit and length limit its usefulness for manual data entry applications.

Examples of unique person identifiers (2) Quasi-unique personal identifying elements. Not guaranteed to be unique, a combination of nearly constant personal demographic elements, including given name, surname, sex, birth date, mothers first name, mothers maiden name, fathers first name, birth location, and birth order. These elements are necessary to perform identity validation when an identifier is lost; are not typically used as the identifier itself. Blocked serial number. Combines a centrally determined nationally-unique site code with serial numbers issued by that site. However, system may assign multiple identifiers to a single patient.

Examples of unique person identifiers (3) Biometrics. Includes voice patterns, fingerprints, iris patterns, facial shapes, and vein patterns. Advantages: they are highly specific to an individual; identity can be verified without documents or cards that may be lost, stolen, or altered. Disadvantages include relatively expensive cost; instances where the identifiers evolve – voice patterns can change gradually with age, fingerprints can degrade (disappear) with time. Privacy concerns remain because of the potential for biometrics, particularly fingerprints, to be used by law enforcement agencies.

Examples of unique person identifiers (4) Identifiers with additional functionality. Identifiers may convey additional features such as privacy and security. The ASTM 1714 document describes a process to include security information in the identifier to indicate whether a particular identifier is intended for fully-identified use (e.g., in patient care) or as a private limited-use token (e.g. for population level reporting or research). May be desirable from a system implementation perspective, but then the identifier compromises the principle of being content free.

System implementation considerations (1) Transitioning from pre-existing identifiers. A unique identifier will be deployed either in the absence or presence of an existing health ID. If one already exists, the existing systems must be altered to accommodate the new identifier. This may be expensive. Historical data must be mapped to the new identifier. New workflows may be needed. Central versus distributed architecture. Assigning and managing identifiers may be conducted either by a central assigning authority or may be distributed and coordinated among many loosely connected or disconnected sites. Limitations in resource-constrained settings (e.g., unreliable or nonexistent network connectivity) may dictate that the assignment of unique identifiers be distributed.

System implementation considerations (2) Trusted authorities. Refers to an entity that performs functions crucial to a unique healthcare identifier system. May be a single trusted authority, or multiple trusted authorities operating in a distributed fashion. Functions of a trusted authority include: - Implements policies and procedures for granting access to existing identifiers - Maintains confidentiality and security by providing encryption/decryption or other processes - Assigns new unique identifiers - Maintain linkages between multiple identifiers - Ensures uniqueness of assigned identifiers

System implementation considerations (3) Matching algorithms. Although a unique healthcare identifier can improve patient identity management, it is not a panacea; sophisticated matching methods are a necessary component of any robust unique identifier system. Patient matching methods will still be needed for the following functionalities: –Retrieving clinical information when a unique identifier is absent –Reconciling duplicate identifiers –Incorporating historical data –Verifying identity (identity theft and the sharing of identifiers) –Verifying absence/presence of an identifier (i.e., prior to assigning a new identifier)

System implementation considerations (4) Assigning identifiers. Real-world workflows for patient registration and care are highly variable. The processes for assigning unique healthcare identifiers will also vary. But workflows for assigning unique identifiers must include: –Initiate request for new identifier by an authorized local entity (e.g., the patient, a clinical or administrative entity). –Provide identifying traits (e.g., name, birth date, gender) –Identity verification, i.e., verify that no unique identifier has been previously assigned. –Return new identifier. If a unique identifier is present, the existing identifier is used. If no existing unique identifier is found, the trusted authority generates a new unique identifier.

Deployment considerations (1) ASTM 2553 details a voluntary universal healthcare identifier system. Below we conclude by highlighting features of some example approaches.