Presentation is loading. Please wait.

Presentation is loading. Please wait.

Healthcare Privacy and Security Classification System (HCS) Guide

Published byDora Watts Modified over 9 years ago

Similar presentations

Presentation on theme: "Healthcare Privacy and Security Classification System (HCS) Guide"— Presentation transcript:

1 Healthcare Privacy and Security Classification System (HCS) Guide
Mike Davis Security Architect Department of Veterans Affairs Data Segmentation for Privacy 23 Jan 2013

2 HCS Security Domain

3 Ontology of Clearances and Security Labels

4 OASIS XACML Policy Model
Security label field values equate to the access control information (ACI) used by an Access Control System to match a user’s request for permissions to perform certain actions on a particular resource. OASIS XSPA profiles provide a health care specific approach to using ACI.

5 Electronic Health Record Access Control 7
Document Request Authorization Decisions Security Labeling Service (SLS) External Authority Document Orchestration 5 4 Decomposed Clinical Document (CLINICAL FACTS) Mapped Clinical Facts Label Rules Generation Rules Engine Raw CDA Document Authorization Obligations Security Risk Assessment / Policy 8 2 Labeling Rules 3 Transform Template(s) Transform Actions Redact, Annotate, Mask(Encrypt) Annotated (classified) Document SNOMED-CT RxNORM ICD LOINC HL7 Vocabularies Patient Restrictions Jurisdictional Policy Organizational Policy HL7 Security and Privacy Vocabulary -OR- Document Packaging (Encrypt) Annotated (classified) Composite Documents Clinical Administration Clinician Clinical Fact-AKA Clinical object, e.g., observation, medication, procedure, lab results etc. Clinical Administration: Clinical Facts are captured into EHR with standard information attributes according to documentation rules, guidelines in Organizational and Jurisdictional Policies by properly knowledgeable health care professionals Security/Privacy Administration: Patient restrictions are captured into EHR as part of the formal record Security/Privacy Administration Privacy Office Release of Information Office Business Stakeholder Security Administration 6 1 Clinical Facts extracted from source documentation Clinical Facts mapped to EHR objects e.g., Lab Report{HIV…} Label Rules created based on Risk Assessment Label Rules installed in SLS Rules Engine Clinical Facts extracted from source document SLS applies labeling rules and document transforms Authorization Decision made based on Security Label Package forwarded for delivery

6 NIST FIPS PUB 188 Standard Security Label
General structure of the NIST label structure consists of a set of fields Each field comprises a globally unique Tag Set Name, plus a set of security tags

7 HCS Security Label To support privacy metadata, the HCS defines a quadruplet (4-tuple) of resource label fields, which are security attributes about clinical facts Confidentiality Sensitivity Integrity and, Compartment HCS Security Label includes a security policy-based label (privacy mark) for handling caveat label field to convey Purpose of Use, Obligations, and Refrain Policies to which custodians and recipients of clinical facts must comply. Handling Caveat These labels define the classification of each item and constituent components (inner envelope, cover sheet, body, and section(s) and sub-sections or segments) 

8 Security Label Field Label Definition Notes Confidentiality Security label metadata classifying an IT resource (data, information object, service, or system capability) according to its level of sensitivity, which is based on an analysis of applicable privacy policies and the risk of financial, reputational, or other harm to an individual that could result from unauthorized disclosure. Only one classification value is permitted on the header of an IT resource. It must be high water mark (most restrictive). In order to access a classified (tagged) IT resource, the user must possess rights greater than or equal to the IT resource classification. [ISO/TS :2009(E) A.3.2]

9 Security Label Field Label Definition Notes Sensitivity
Security label metadata categorizing the value, importance, and vulnerability of an IT resource perceived as undesirable to share. In order to access sensitivity tagged IT resource, the user must possess rights corresponding to the sensitivity tag(s).

10 Security Label Field Label Definition Notes Integrity
Security label metadata conveying the completeness, veracity, reliability, trustworthiness, and provenance of an IT resource. Distinguish from assurance that information has not been modified in unauthorized way (subset)

11 Security Label Field Label Definition Notes Compartment
Security label metadata that "segments" an IT resource by indicating that access and use is restricted to members of a defined community or project.

12 Security Label Field Label Definition Notes Handling Caveat
Security label metadata conveying dissemination controls, information handling caveats, purpose of use, refrain policies, and obligations to which an IT resource custodian or receiver must comply. Applies to all information within scope of the caveat

13 W3C PROV Data Model & Ontology

14 W3C Provenance Class Properties
wasAttributedTo: Attribution is the ascribing of an entity to an agent wasDerivedFrom: A derivation is a transformation of an entity into another, a construction of an entity into another, or an update of an entity, resulting in a new one. wasGeneratedBy: Generation is the completion of production of a new entity by an activity. This entity did not exist before generation and becomes available for usage after this generation. wasInformedBy: Communication is the exchange of an entity by two activities, one activity using the entity generated by the other. wasInfluencedBy: Influence is the capacity of an entity, activity, or agent to have an effect on the character, development, or behavior of another by means of usage, start, end, generation, invalidation, communication, derivation, attribution, association, or delegation. hadPrimarySource: A primary source for a topic refers to something produced by some agent with direct experience and knowledge about the topic, at the time of the topic's study, without benefit from hindsight. Because of the directness of primary sources, they 'speak for themselves' in ways that cannot be captured through the filter of secondary sources. As such, it is important for secondary sources to reference those primary sources from which they were derived, so that their reliability can be investigated. A primary source relation is a particular case of derivation of secondary materials from their primary sources. It is recognized that the determination of primary sources can be up to interpretation, and should be done according to conventions accepted within the application's domain. wasInvalidatedBy: Invalidation is the start of the destruction, cessation, or expiry of an existing entity by an activity. The entity is no longer available for use (or further invalidation) after invalidation. Any generation or usage of an entity precedes its invalidation. wasQuotedFrom: quotation is the repeat of (some or all of) an entity, such as text or image, by someone who may or may not be its original author. Quotation is a particular case of derivation. wasRevisionOf: A revision is a derivation for which the resulting entity is a revised version of some original. The implication here is that the resulting entity contains substantial content from the original. Revision is a particular case of derivation.

15 HCS Clinical Fact Metadata Template
Clinical Attribute Provenance Security Label Clinical Fact Name Clinical Attribute Name Clinical attribute provenance including: Clinical attribute metadata including: ·         wasAttributedTo ·         Classification, ·         wasDerivedFrom ·         Sensitivity, ·         wasGeneratedBy ·         Integrity, ·         wasInformedBy ·         Category, ·         wasInfluencedBy ·         Handling Instructions ·         hadPrimarySource ·         wasInvalidatedBy ·         wasQuotedFrom ·         wasRevisionOf

16 HCS Clinical Fact Metadata Example
Clinical Attribute Provenance Security Label (HL7*) Diagnosis <Patient Name > N Source=<Organization> 042 (HIV) hadPrimarySource: ICD-9 Code Restricted, HIV wasAttributedTo: <Attending> Medications (AZT) hadPrimarySource: RxNorm wasDerivedFrom: Diagnosis Allergies wasDerivedFrom: Encounter (Penicillin) hadPrimarySource: SNOMED CT Laboratory Report 8053 (Lipid Panel) hadPrimarySource: LOINC 8320 Total Cholesterol 8316 Triglyceride 8429 HDL 7973 LDL Procedure 86689.Z7 (HIV-1 Western Blot) hadPrimarySource: CPT

Download ppt "Healthcare Privacy and Security Classification System (HCS) Guide"

Similar presentations

What IHE Delivers Basic Patient Privacy Consents HIT-Standards – Privacy & Security Workgroup John Moehrke GE Healthcare.

What IHE Delivers Basic Patient Privacy Consents HIT-Standards – Privacy & Security Workgroup John Moehrke GE Healthcare.
Enforceable Specification of Privacy Peter Mork Jean Stanford CEM IR&D.

Enforceable Specification of Privacy Peter Mork Jean Stanford CEM IR&D.
Contraception and Family Planning Content Profile IHE October 2013.

Contraception and Family Planning Content Profile IHE October 2013.
Obligation Vocabulary Work in Progress HL7 Security WG Kathleen Connor VA (ESC) January 2012.

Obligation Vocabulary Work in Progress HL7 Security WG Kathleen Connor VA (ESC) January 2012.
2015 Edition Proposed Rule Modifications to the ONC Health IT Certification Program and 2015 Edition Health IT Certification Criteria.

2015 Edition Proposed Rule Modifications to the ONC Health IT Certification Program and 2015 Edition Health IT Certification Criteria.
Data Segmentation Model 17 Jan 2012 John (Mike) Davis HL7 Security Co-Chair.

Data Segmentation Model 17 Jan 2012 John (Mike) Davis HL7 Security Co-Chair.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
August 12, 20151 Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.

August 12, Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.
The Final Standards Rule John D. Halamka MD. Categories of Standards Content Vocabulary Privacy/Security.

The Final Standards Rule John D. Halamka MD. Categories of Standards Content Vocabulary Privacy/Security.
Data Segmentation for Privacy VA/SAMHSA/Mitre Pilot Sprint 4 Review Sprint #4 Technical Objectives Integration of Drools Service, Document Processing,

Data Segmentation for Privacy VA/SAMHSA/Mitre Pilot Sprint 4 Review Sprint #4 Technical Objectives Integration of Drools Service, Document Processing,
Information Asset Classification

Information Asset Classification
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Initial slides for Layered Service Architecture

Initial slides for Layered Service Architecture
Update on Newborn Screening Use Case Advisory Committee on Heritable Diseases in Newborns and Children - Advisory Committee on Heritable Diseases in Newborns.

Update on Newborn Screening Use Case Advisory Committee on Heritable Diseases in Newborns and Children - Advisory Committee on Heritable Diseases in Newborns.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review July 9, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.

“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review July 9, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
Our Joint Playing Field: A Few Constants Change Change Our missions (if defined properly) Our missions (if defined properly) Importance of Community Engagement.

Our Joint Playing Field: A Few Constants Change Change Our missions (if defined properly) Our missions (if defined properly) Importance of Community Engagement.
July 20, 2007 Healthcare Information Technology Standards Panel Principles for Proper Use of HITSP Interoperability Specifications And Proposal for Proper.

July 20, 2007 Healthcare Information Technology Standards Panel Principles for Proper Use of HITSP Interoperability Specifications And Proposal for Proper.
HL7 HL7  Health Level Seven (HL7) is a non-profit organization involved in the development of international healthcare.

HL7 HL7  Health Level Seven (HL7) is a non-profit organization involved in the development of international healthcare.
Switch off your Mobiles Phones or Change Profile to Silent Mode.

Switch off your Mobiles Phones or Change Profile to Silent Mode.
HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.

HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.

Similar presentations

Ads by Google