Privacy on FHIR Meeting Agenda and Minutes Agenda & Meeting Minutes Purpose of Meeting: Introductions and Review of Use Cases Date & Time: Tues 7 OCT 2014, 4-5 PM Eastern Location: United States: +1 (626) 521-0016 United States (toll-free): 1 866 899 4679 Access Code: 782820893 Meeting. https://global.gotomeeting.com/join/782820893 Audio PIN: Shown after joining the meeting Meeting Password: FHIR Meeting ID: 782-820-893 POF WIKI: http://wiki.siframework.org/Privacy+on+FHIR Facilitator: Mike Davis Meeting Support: Attendees: O = Onsite Attendee; P = Phone Attendee; X = Not Attending o Mark Russell (MITRE) Adrian Gropper (PPR) Brynn Mow (Jericho) Dave Hill (MITRE) David Staggs (Jericho) Debbie Bucci (ONC) Duane DeCouteau (VA) Mike Davis (VA) Mike Dufel (Jericho) o Mohammad Jafari (VA) o Nagesh Bashyam (Dragon) (ONC) o Nate Gould (DoD) Gerry Gebel (Axiomatics) Ray Kibble John Pitale (VA) Ross Freeman (Jericho) Johnathan Coleman (ONC) Taylor Gill (Jericho) Josh Mandel (MIT) Judy Fincher (VA) Justin Richer (MITRE/MIT) Kathleen Connor (VA) Ken Salyard (SAMHSA) o o o o o o Terry Luedtke (VA) o Thomas Hardjono (MIT) Tim McGrail (VA) o Tony Mallia (VA) o William Israel (Jericho) Agenda Page 1 of 7 Privacy on FHIR Meeting Agenda ID Topic 1 Minutes, Agenda, Friday Meeting Presenter Kathleen, Mike 10 min 2 Labeling a FHIR Resource Duane 20 min 3 oxAuth AS (If co-operating) Duane 20 min 4 HITSC/JASON (See Notes at end) Debbie, Mike 10 min Project Deliverables HIMSS Deliverables 1. “Wow” powered use cases meant to capture imagination and win hearts and mind [aka “Elevator Pitch”] All 2. Storyboards intended to convey business requirements and standards landscape to developers 3. Architecture a) Choreographies and data element exchanged b) Diagram showing subsystems and connections between them c) Flow diagram showing activities and message movement between subsystems d) Elements passed in the Tokens or request headers relevant to access control 4. Reference Model (Open source executable code to serve as model for developers, models, requirements and profile) 1. “Wow” Power PoF Overview Presentation and HIMSS Slide (1 per booth) Kathleen Use cases 2. Storyboards TBD 3. Architecture a) Dragons Diagrams b) Mohammad Diagrams c) Mohammad Sequence Diagrams d) Project Brief 4. Reference Models VA provided SLS/PPS, Test Models. SAMHSA Consent2Share open CDMS Key Discussion Notes ID Topic 1 HITSC/JASON Notes (See Notes at end) 2 Agenda Page 2 of 7 Privacy on FHIR Action Items ID Assigned to Action Items 1 3 Due Date How do we constrain the scope of the use cases? We have seven months to complete and test Demo. Status Comments 0926 Added Standards 6/2014 All 2 Assign Date What resources are available and what can be provided by each of us? Post materials to S&I PoF page http://wiki.siframework.org/Pr ivacy+on+FHIR Mike 9/2014 0912 KC 0908 0819 COMPLETE Three identified. 0613 Need to know how many separate items. For Review 0923 Complete Possible multiple booths or POD. 1. Patient App scenario 2. Consent Directives 3. HIE 4. Standards on FHIR 0829 Bill of Lading in today’s presentation 0923 Documents starting to be uploaded. 0913 Dragon assisted Mike with uploading to the ONC PoF Wiki 4 Update the HoF diagram to include a single trusted AS for the Happy Path. Tony and Mohammad 9/22 9/26 0926 Complete Accepted by Group Next Meeting Date: 3 OCT 2014 Time: 1-2 PM (Eastern) Location: Dial-In Line: Debbies GoToMeeting NOTES The HITSC has produced a draft report on directions in healthcare based upon a JASON report. You can find the complete draft here: http://www.healthit.gov/FACAS/sites/faca/files/HITSC_JTF_Draft_Recs_2014-09-10.pdf Agenda Page 3 of 7 Privacy on FHIR The report is supposed to be finalized by 15 Oct. I pulled out some of the more tasty security and privacy items: Page 11: JTF consideration of security issues. JASON recommended encryption of data and transactions as a critical security feature, but did not propose any new technologies or measures than are already in use today. We thus have not focused on that aspect of the report. Page 24: We note that without external mechanisms for validating trust and appropriate use specific to health care, there will still be a need for coordination between connecting parties, as well as normal business coordination regarding licensing, responsibilities, etc. that exists in all industries Page 26: JASON calls for granting “fine grained” consumer (patient) control over uses of health data “Privacy bundles” would capture common access patterns that fit most patient needs. Undergirding these “privacy bundles” would be a requirement for a fine-grained level of data tagging and segmentation to allow such “privacy bundles” to apply to a wide variety of use cases and legal/policy situations Page 27: HHS (OCR) should help clarify the degree to which patients and consumers can control access and usage of their personal health data. Much confusion exists, even among HIT experts. Page 28: Standards-based, data-level APIs accessible to patient could become a major source of innovation for the industry. There is strong interest from the “mHealth” app industry in gaining direct data access to patient data, probably via consumer-granted access to their provider’s portal. Page 28: The technical availability of APIs would need to be accompanied by business processes to support healthcare specific concerns (privacy, appropriate use of data) as well as general business concerns (data rights, liability, etc.) Page 28: Confusion exists about the degree to which data access rights are “carved out” under existing regulations versus the consumer’s right to a copy of their data and subsequent control of access to their copy. Page 30: Additional research and regulatory refinement will be necessary to balance the needs of the research community with the need to protect patient privacy. Page 31: The challenges of protecting patient privacy will grow as more and more and more data is captured digitally. Page 36: Cross-reference to PCAST report and Cross-reference to ONC Interoperability Road Map October 7, 2015 Minutes Mike walked through Agenda. He recommended cancelling Friday Oct. 10. Duane’s demo is not ready, so deferring. Mike discussed the JASON Report and the HITSC JASON Task Force Draft Recommendations. Josh reported on background of JASON report state of interoperability wrt to support research, which was released by ONC. ONC tasked the FACA to analyze and synthesize report recommendations, and report back to ONC. JASON proposed strawman architecture and told ONC to make architecture available for MU 3. Task Force minutes indicate that final recommendations for sharing data among enterprises and with consumers. Doesn’t make direct technology recommendation but suggests FHIR and OAuth to expose the data. Would not be ready for MU but might be available for later programs. Mike walked through the JASON Task Force recommendations [excerpted above]. The current work at HL7 on FHIR CD that align. Adrian and Mike discussed possibility of creating standard pre-approved consent directives. Josh stated that UMA could offer support for pre-approved CD. Agenda Page 4 of 7 Privacy on FHIR Mike and Josh discussed “Page 27: HHS (OCR) should help clarify the degree to which patients and consumers can control access and usage of their personal health data. Much confusion exists, even among HIT experts.” Mike stated that OCR isn’t the only agency that should be involved. Josh suggested that a list of policies/agencies that need to be reviewed to clarify this question, and suggested that Mike write up a paragraph that lists these. Duane's PoF FHIR Security Labels Duane presented security labeling on FHIR resources after Kathleen summarized the current architectural issues being discussed wrt to intrinsic/extrinsic and coarse/fine grain labeling in a policy agnostic/policy enabling manner. Duane discussed what security labeling keys off in the current FHIR implementation. Atom feed is a publication format that includes the metadata and payload like a RSS feed. Duane used a HIV antibody test – go through entry and pull out the FHIR clinical fact (code/value) and run against the Drool’s rules engine and receive the tags that need to be applied. Now sticking the labels at the entry level. Part of the conversation about other labels that need to live somewhere – entry, feed level – some are static in nature, which drives the intrinsic/extrinsic level. As an implementer it doesn’t matter where the tags go. Code that ties changes to any entry and SSL and send back sets of labels. Where it gets stored/applied don’t control. Putting these in the feed and entry level vs header level. Is there a classification over entire feed or entry? I.e. high water mark? Yes. Mike concluded that the FHIR methodology discussion outcome is aligned with PoF approach. Josh – FHIR communication happens at the Resources. May be use cases for intra-Resource sub-parts but that should not be made standard before the tagging at the Resource level. Bill of Lading discussion: David stated that Jericho would not be prepared to implement several of the components. Josh raised concerns about whether the open source components will necessarily fit together – e.g., the Consent2Share application. Adrian asked about how this pilot will solve the multiple portal problem. Jericho would like to demonstrate the CDMS as a centralized portal for the patient using FHIR. Duane asked if Jericho would be making that code open source. Adrian asked about whether there’s an UMA AS? Duane stated that he’s building oxAuth and Gluu Ox UMA AS the UMA component in the pilot. Call adjourned at top of the hour. Next week may have a demo of Duane’s open source AS. Agenda Page 5 of 7 Privacy on FHIR Agenda Page 6 of 7 Privacy on FHIR Agenda Page 7 of 7