Privacy on FHIR
Meeting Agenda and Minutes
Agenda & Meeting Minutes
Purpose of Meeting: Introductions and Review of Use Cases
Date & Time: Tues 7 OCT 2014, 4-5 PM Eastern
Location: United States: +1 (626) 521-0016 United States (toll-free): 1 866
899 4679
Access Code: 782820893
Meeting. https://global.gotomeeting.com/join/782820893
Audio PIN: Shown after joining the meeting
Meeting Password: FHIR
Meeting ID: 782-820-893
POF WIKI:
http://wiki.siframework.org/Privacy+on+FHIR
Facilitator: Mike Davis
Meeting Support:
Attendees: O = Onsite Attendee; P = Phone Attendee; X = Not Attending
o Mark Russell (MITRE)
Adrian Gropper (PPR)
Brynn Mow (Jericho)
Dave Hill (MITRE)
David Staggs (Jericho)
Debbie Bucci (ONC)
Duane DeCouteau (VA)
Mike Davis (VA)
Mike Dufel (Jericho)
o Mohammad Jafari (VA)
o Nagesh Bashyam (Dragon) (ONC)
o Nate Gould (DoD)
Gerry Gebel (Axiomatics)
Ray Kibble
John Pitale (VA)
Ross Freeman (Jericho)
Johnathan Coleman (ONC)
Taylor Gill (Jericho)
Josh Mandel (MIT)
Judy Fincher (VA)
Justin Richer (MITRE/MIT)
Kathleen Connor (VA)
Ken Salyard (SAMHSA)
o
o
o
o
o
o Terry Luedtke (VA)
o Thomas Hardjono (MIT)
Tim McGrail (VA)
o Tony Mallia (VA)
o
William Israel (Jericho)
Agenda
Page 1 of 7
Privacy on FHIR
Meeting Agenda
ID Topic
1 Minutes, Agenda, Friday Meeting
Presenter
Kathleen, Mike
10 min
2
Labeling a FHIR Resource
Duane
20 min
3
oxAuth AS (If co-operating)
Duane
20 min
4
HITSC/JASON (See Notes at end)
Debbie, Mike
10 min
Project Deliverables
HIMSS Deliverables
1. “Wow” powered use cases meant to capture
imagination and win hearts and mind [aka “Elevator
Pitch”]
All
2. Storyboards intended to convey business
requirements and standards landscape to developers
3. Architecture
a) Choreographies and data element exchanged
b) Diagram showing subsystems and connections
between them
c) Flow diagram showing activities and message
movement between subsystems
d) Elements passed in the Tokens or request headers
relevant to access control
4. Reference Model (Open source executable code
to serve as model for developers, models,
requirements and profile)
1. “Wow” Power
 PoF Overview Presentation and HIMSS Slide
(1 per booth)
 Kathleen Use cases
2. Storyboards
 TBD
3. Architecture
a) Dragons Diagrams
b) Mohammad Diagrams
c) Mohammad Sequence Diagrams
d) Project Brief
4. Reference Models
 VA provided SLS/PPS, Test Models.
 SAMHSA Consent2Share open CDMS
Key Discussion Notes
ID Topic
1
HITSC/JASON Notes (See Notes at end)
2
Agenda
Page 2 of 7
Privacy on FHIR
Action Items
ID
Assigned to
Action Items
1
3
Due Date
How do we constrain the
scope of the use cases? We
have seven months to
complete and test Demo.
Status
Comments
0926
Added
Standards
6/2014
All
2
Assign
Date
What resources are available
and what can be provided by
each of us?
Post materials to S&I PoF page
http://wiki.siframework.org/Pr
ivacy+on+FHIR
Mike
9/2014
0912
KC
0908
0819
COMPLETE
Three
identified.
0613 Need
to know
how many
separate
items.
For Review
0923
Complete
Possible multiple
booths or POD.
1. Patient App
scenario
2. Consent
Directives
3. HIE
4. Standards on
FHIR
0829 Bill of Lading in
today’s presentation
0923 Documents
starting to be
uploaded.
0913 Dragon assisted
Mike with uploading
to the ONC PoF Wiki
4
Update the HoF diagram to
include a single trusted AS for
the Happy Path.
Tony and
Mohammad
9/22
9/26
0926
Complete
Accepted by Group
Next Meeting
Date:
3 OCT 2014
Time:
1-2 PM (Eastern)
Location:
Dial-In Line:
Debbies GoToMeeting
NOTES
The HITSC has produced a draft report on directions in healthcare based upon a JASON report. You can find the
complete draft here:
http://www.healthit.gov/FACAS/sites/faca/files/HITSC_JTF_Draft_Recs_2014-09-10.pdf
Agenda
Page 3 of 7
Privacy on FHIR
The report is supposed to be finalized by 15 Oct. I pulled out some of the more tasty security and privacy items:
Page 11: JTF consideration of security issues. JASON recommended encryption of data and transactions as a
critical security feature, but did not propose any new technologies or measures than are already in use today. We
thus have not focused on that aspect of the report.
Page 24: We note that without external mechanisms for validating trust and appropriate use specific to health care,
there will still be a need for coordination between connecting parties, as well as normal business coordination
regarding licensing, responsibilities, etc. that exists in all industries
Page 26: JASON calls for granting “fine grained” consumer (patient) control over uses of health data “Privacy
bundles” would capture common access patterns that fit most patient needs. Undergirding these “privacy bundles”
would be a requirement for a fine-grained level of data tagging and segmentation to allow such “privacy bundles” to
apply to a wide variety of use cases and legal/policy situations
Page 27: HHS (OCR) should help clarify the degree to which patients and consumers can control access and usage
of their personal health data. Much confusion exists, even among HIT experts.
Page 28: Standards-based, data-level APIs accessible to patient could become a major source of innovation for the
industry. There is strong interest from the “mHealth” app industry in gaining direct data access to patient data,
probably via consumer-granted access to their provider’s portal.
Page 28: The technical availability of APIs would need to be accompanied by business processes to support healthcare specific concerns (privacy, appropriate use of data) as well as general business concerns (data rights, liability,
etc.)
Page 28: Confusion exists about the degree to which data access rights are “carved out” under existing regulations
versus the consumer’s right to a copy of their data and subsequent control of access to their copy.
Page 30: Additional research and regulatory refinement will be necessary to balance the needs of the research
community with the need to protect patient privacy.
Page 31: The challenges of protecting patient privacy will grow as more and more and more data is captured
digitally.
Page 36: Cross-reference to PCAST report and Cross-reference to ONC Interoperability Road Map
October 7, 2015 Minutes
Mike walked through Agenda. He recommended cancelling Friday Oct. 10.
Duane’s demo is not ready, so deferring.
Mike discussed the JASON Report and the HITSC JASON Task Force Draft Recommendations. Josh reported on
background of JASON report state of interoperability wrt to support research, which was released by ONC. ONC
tasked the FACA to analyze and synthesize report recommendations, and report back to ONC. JASON proposed
strawman architecture and told ONC to make architecture available for MU 3.
Task Force minutes indicate that final recommendations for sharing data among enterprises and with consumers.
Doesn’t make direct technology recommendation but suggests FHIR and OAuth to expose the data. Would not be
ready for MU but might be available for later programs.
Mike walked through the JASON Task Force recommendations [excerpted above]. The current work at HL7 on
FHIR CD that align. Adrian and Mike discussed possibility of creating standard pre-approved consent directives.
Josh stated that UMA could offer support for pre-approved CD.
Agenda
Page 4 of 7
Privacy on FHIR
Mike and Josh discussed “Page 27: HHS (OCR) should help clarify the degree to which patients and consumers
can control access and usage of their personal health data. Much confusion exists, even among HIT experts.” Mike
stated that OCR isn’t the only agency that should be involved. Josh suggested that a list of policies/agencies that
need to be reviewed to clarify this question, and suggested that Mike write up a paragraph that lists these.
Duane's PoF FHIR Security Labels
Duane presented security labeling on FHIR resources after Kathleen summarized the current architectural issues
being discussed wrt to intrinsic/extrinsic and coarse/fine grain labeling in a policy agnostic/policy enabling manner.
Duane discussed what security labeling keys off in the current FHIR implementation. Atom feed is a publication
format that includes the metadata and payload like a RSS feed.
Duane used a HIV antibody test – go through entry and pull out the FHIR clinical fact (code/value) and run against
the Drool’s rules engine and receive the tags that need to be applied. Now sticking the labels at the entry level. Part
of the conversation about other labels that need to live somewhere – entry, feed level – some are static in nature,
which drives the intrinsic/extrinsic level. As an implementer it doesn’t matter where the tags go. Code that ties
changes to any entry and SSL and send back sets of labels. Where it gets stored/applied don’t control. Putting
these in the feed and entry level vs header level. Is there a classification over entire feed or entry? I.e. high water
mark? Yes.
Mike concluded that the FHIR methodology discussion outcome is aligned with PoF approach.
Josh – FHIR communication happens at the Resources. May be use cases for intra-Resource sub-parts but that
should not be made standard before the tagging at the Resource level.
Bill of Lading discussion:
David stated that Jericho would not be prepared to implement several of the components.
Josh raised concerns about whether the open source components will necessarily fit together – e.g., the
Consent2Share application.
Adrian asked about how this pilot will solve the multiple portal problem.
Jericho would like to demonstrate the CDMS as a centralized portal for the patient using FHIR. Duane asked if
Jericho would be making that code open source.
Adrian asked about whether there’s an UMA AS? Duane stated that he’s building oxAuth and Gluu Ox UMA AS the
UMA component in the pilot.
Call adjourned at top of the hour. Next week may have a demo of Duane’s open source AS.
Agenda
Page 5 of 7
Privacy on FHIR
Agenda
Page 6 of 7
Privacy on FHIR
Agenda
Page 7 of 7