Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report July 1, 2008.

Published byDiane Jenkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report July 1, 2008."— Presentation transcript:

1 Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report July 1, 2008

2 openPASS Boca Chart 3Q2008 -Successful recruitment -HL7 SOA PASS Service Functional and Platform Independent Models -Consensus Reference Architecture -Healthcare document/message standards -Jurisdictional standards -Jurisdictional laws and regulations Dependencies Packaging Editions -Recruit project/subproject leadership -Prioritized Use Cases -Service inventory prioritization -Alignment with Reference Architecture -Initial implementation priorities --Audit (basic) --Secure transport --Security context --Policy-driven access control (basic) -Migration of Eclipse OHF code base -IHE ATNA -Work out service orchestration strategy Content -Resource constraints -Several services required to be useful -Composition required to be useful -Requires domain expert engagement -Divergence of related standards efforts -Delays in emerging standards -Jurisdictional standards differences -Jurisdictional regulatory differences Pressures/Exposures -Identity Resolution (in support of basic user/patient context coordination) Added None—new project Deleted & Changed July 08 -2008/09 Plan published -OHF ATNA code migrated Q4 08 -Initial PASS-Audit code release complying with ATNA profile Milestones

3 openPASS Roadmap 4Q 2008 Guiding Principles: Align with HL7-SOA PASS Service Functional Models Build service inventory of composable components Support OHT Reference Architecture requirements Developer recruiting Project Site Live July 2008 3Q2008 1H 2009 1 st Milestone Release PASS-Audit,Messaging Initial ATNA client component releases PASS-Identity, Access Initial component releases PASS Service Candidate Prioritization Aug 2008 Sept 2008 2008-09 Plan Published Development begins

4 openPASS Service Candidates Consent Group Consent Directive Provisioning Consent Directive Query Credentials Group Credential Validation Credential Assertion Identity Group Audit Record Generator Authentication Identity Assertion Patient Registry Query Patient Resolution Identity Provisioning Context Management Identity Registry Directory PKI Management Provider Resolution De-Identification Utility Services Digital Signature Encryption Access Group Authorization Resource Proxy Decision Factor Processing Access Policy Processing Access Enforcement Message Services Channel Transport Message Transport Packaging Audit Group Audit Record Generator Audit Monitor Audit Record Generator Audit Audit Alert Audit Archive Audit Event Catalog Audit Repository Audit Analysis Audit Report Audit Logger Audit Policy Tooling Access Policy Editor/Translator Consent Form Editor Entity Registry Editor

5 openPASS Services in Architectural Context Health Service Bus PASS Common Service Patient Identifier Service Protected ResourceWorkstation UI Services Terminology Services HL7 V3 Services Admin Support Services Clinical Support Services Process EHR Registry EHR Repository Runtime Platform Messages PASS Services Infrastructure Service Terminology Service openPASS Services

6  Phase 1 openPASS Services are intended to provide the basic capabilities that allow a patient or provider to request access to patient health information from a protected resource and, based upon the security and privacy policies applied by the resource, have that access either be granted or denied.  To accomplish this objective, Phase 1 openPASS Services must provide at least basic functionality for  Patient Identity Resolution  Provider Identity Authentication, Assertion and Validation  Provider Credential Assertion  Point-to-Point and Message-based Document/Message Transport  Policy-driven Access Control Decisions and Enforcement  Audit Event Record Generation and Submission to Audit Logging Services openPASS Phase 1 Proposed Scope

7 openPASS Service Candidates Consent Group Consent Directive Provisioning Consent Directive Query Credentials Group Credential Validation Credential Assertion Identity Group Audit Record Generator Authentication Identity Assertion Patient Registry Query Patient Resolution Identity Provisioning Context Management Identity Registry Directory PKI Management Provider Resolution De-Identification Utility Services Digital Signature Encryption Access Group Authorization Resource Proxy Decision Factor Processing Access Policy Processing Access Enforcement Message Services Channel Transport Message Transport Packaging Audit Group Audit Record Generator Audit Monitor Audit Record Generator Audit Audit Alert Audit Archive Audit Event Catalog Audit Repository Audit Analysis Audit Report Audit Logger Audit Policy Tooling Access Policy Editor/Translator Consent Form Editor Entity Registry Editor - Phase 1 Dependency Identity Group Audit Record Generator Authentication Identity Assertion Patient Registry Query Patient Resolution Identity Provisioning Context Management Identity Registry Directory PKI Management Provider Resolution De-Identification

Download ppt "Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report July 1, 2008."

Similar presentations

National HIT Agenda and HIE - 2007 John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education

September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education
PASSPrivacy, Security and Access Services Don Jorgenson Introduction to Security and Privacy Educational Session HL7 WG Meeting- Sept. 2012.

PASSPrivacy, Security and Access Services Don Jorgenson Introduction to Security and Privacy Educational Session HL7 WG Meeting- Sept
Purpose of HIPAA Administrative Simplification

Purpose of HIPAA Administrative Simplification
NHIN Specifications Richard Kernan, NHIN Specification Lead (Contractor), Office of the National Coordinator for Health IT Karen Witting, Contractor to.

NHIN Specifications Richard Kernan, NHIN Specification Lead (Contractor), Office of the National Coordinator for Health IT Karen Witting, Contractor to.
Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director
December 3, 2010 SAIF Governance Framework A Brief Update on work to date.

December 3, 2010 SAIF Governance Framework A Brief Update on work to date.
1 Copyright 2008 NexJ Systems Inc. Confidential and Proprietary - Not for Distribution. Open Source Strategy NexJ Systems Inc.

1 Copyright 2008 NexJ Systems Inc. Confidential and Proprietary - Not for Distribution. Open Source Strategy NexJ Systems Inc.
Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.

Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.
Initial slides for Layered Service Architecture

Initial slides for Layered Service Architecture
Data Gathering HITPC Workplan HITPC Request for Comments HITSC Committee Recommendations gathered by ONC HITSC Workgroup Chairs ONC Meaningful Use Stage.

Data Gathering HITPC Workplan HITPC Request for Comments HITSC Committee Recommendations gathered by ONC HITSC Workgroup Chairs ONC Meaningful Use Stage.
IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.

IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.
Academic Outreach Project Status Report and Project Approvals OHT Board of Stewards Phoenix--22Jan10.

Academic Outreach Project Status Report and Project Approvals OHT Board of Stewards Phoenix--22Jan10.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.
Summary Report Project Name: OpenExchange Brief Project Description: OpenExchange platform provides standards based core infrastructure to exchange patient.

Summary Report Project Name: OpenExchange Brief Project Description: OpenExchange platform provides standards based core infrastructure to exchange patient.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.
September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.

September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.
Charter: IHE Server Components project Requesting approval in principle.

Charter: IHE Server Components project Requesting approval in principle.
What IHE Delivers Security and Privacy Overview & BPPC September 23, 2015 1 Chris Lindop – IHE Australia July 2011.

What IHE Delivers Security and Privacy Overview & BPPC September 23, Chris Lindop – IHE Australia July 2011.

Similar presentations

Ads by Google