PCC Minutes - December 4th
Attending
Keith Boone, Audrey Dickinson, Laverne Palmer, Thom Kuhn, Larry McKnight, Anne Diamond, Marcia Veenstra, John Moehrke
Discussion
Query for Dynamic Clinical Data
Go forward with the profile, restrict scope to problems, allergies, vitals, labs, and demographics. Push on HL7 to address issues with missing queries for patient medications. Meet with HL7 Clinical Statements group to discuss our approach with queries in January.
Antepartum Care Summary
We prioritized ACOG forms in this order: C, A, B, D, E We would look at form C first. The PPHP profile seems to address the needs of Form A. The XD*-LAB profile would address labs. We need to find appropriate vocabulary for folders.
Research Data Capture Clarification
Not sure where to go with this. On one side, there is a very simple answer to this problem using secure e-mail with a link to a specific form. On the other hand, looking at the wider scope, to meet the needs of others using RFD, then we need to look at the broader set of use cases. One thought is to move this process into the white paper on case management.
One reason for this profile is to keep Clinical Trial vendors engaged in IHE processes. However, the Query for Dynamic Clinical Data might also keep them engaged.
Landen will update the profile. We will discuss this in more detail with ITI regarding use of other Web Services profiles, e.g. BPEL and Orchestration.
Update on HITSP
Starting immediately on Privacy and Security. Glen Marshall was participating in this discussion. Setting up a cross-TC workgroup to work on the issues tabled for previous specifications.
They have identified the following areas:
- Security and Privacy
- Basic Consents
- Node Authentication
- Audit Trails
- Verify Authenticity of Contents
Identify everything that is out there, what other groups need to be brought into the process, relationship of groups like CCHIT, et cetera, what are there approaches.
Initial scope of work will be on sharing of documents transaction package.
Some initial comments:
- Reference NCVHS letter published recently -- recommendations to RHIOS.
- CCHIT Security and Privacy Roadmap
- RFC-3881
- IHE might have a few profiles in these areas
The key here is going to be related to patient related issues, rather than underlying technical security issues. Intractible without some policy changes and clarifications. A lot of the state regulations in these areas conflict and would need to be dealt with.
The HISPC is currently in the process of consolidating their 35 responses into a somehow coordinated set of issues to identify opportunities and to develop requirements. This is going to be a tough problem. The ultimate goal is to map the requirements will be mapped to the standards.
Bob Dolin presented a report on where things stand with CCD, what the timeline looks like. Gary Dickerson, reported on ASTM meeting which he attended, and that CCR was going to continue on. John Halamka said that over the wire should be CCD. Alan Zuckerman indicated that CCR might still be feasible.
There is now a joint working group between CCHIT and HITSP, which starts next week.
Lab Reporting is going to be the big one that they work on first.
Change Proposals
Add Registry Actor for filtering by consent -- BPPC-PCC-CP-0001
This was the change proposed after the HIMSS Demonstration workshop. We decided to postpone decision on this until we have had a chance to discuss this at connectathon.
Fix Technical CDA Glitch -- BPPC-PCC-CP-0002
If Keith wrote it, it has to be right ;-)
Changes Proposals to Write
Requirement for Scanned Documents -- BPPC-PCC-CP-0003
The issue is whether or not we require a scanned document.
Clean up Places where Digital Signature is Required -- BPPC-PCC-CP-0004
Review Use of Digital Signature because the document doesn't change much -- BPPC-PCC-CP-0005
Discuss Minimum Number of Consent Policies supported by each Actor -- BPPC-PCC-CP-0006
Provide an Example of the Documents -- BPPC-PCC-CP-0007
Provide an Example of the Documents -- XPHR-PCC-CP-0008
Provide an Example of the Documents -- PPHP-PCC-CP-0009
Provide an Example of the Documents -- EDR-PCC-CP-0010
This is a requirement of each new profile that it must have an example document. Where this goes is under discussion.
Move XDS-MS to CCD ? MS-PCC-CP-0011
Discussion to occur tomorrow afternoon.
Make Format Codes apparent in the TF and Supplements
Editorial issues in XPHR with Pharmacy Contact
Trying to validate a CDA with the elements as shown in Figure 5.4-5 I found the following issues:
* unexpected serviceEvent in documentationOf
my mistake, I think: this was the second serviceEvent in the documentationOf...
apparently there may be multiple performers within the single serviceEvent
* unexpected associatedPerson - changed to assignedPerson
* unexpected scopingOrganizarion - changed to representedOrganization
* classCode of assignedEntity cannot be CON - changed to the fixed value ASSIGNED
* performer has to have a typeCode - ? which one to use ? PPRF, PRF, SPRF
XDS-MS HTTPS Issues
If network communications are protected via TLS in your affinity domain, then use HTTPS only, and do not use HTTP. Why? Because the stylesheet is used to display PHI, and so the display of PHI can be trashed and/or altered by an attacker who is doing a man in the middle attack if you use HTTP.
If network communications are protected by physical security then you can use HTTP. Why? Because presumably you've reduced the risk of the MITM attack by physical security.
We already had a CP for this last year, and missed it in this cycle. Looks like it goes back into the hopper for next year.
Case Management White Paper
- Problem (Take the following from RFD Use Cases, also look at Query for Dynamic Clinical Data)
- Clinical Trials
- Public Health Reporting
- Notifyable/Reportable Conditions
- Immunizations
- Chronic Disease Management
- Quality Reporting
- Market Need
- Use Case
- Requirements
- Actors
- Transactions
- Standards