Introduction to Consent2Share

Slides:



Advertisements
Similar presentations
Integrating the Healthcare Enterprise IHE Overview Keith W. Boone Interoperability Architect, GE Healthcare Co-chair, IHE Patient Care Coordination PC.
Advertisements

New Care Paradigms Require Health Information Exchange Combining IHE interoperability profiles to enable interoperability between care providers.
A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.
HEALTH HOMES HEALTH HOMES TECHNOLOGY SIMULATION WORKSHOP Ron HendlerNish Thakker.
Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.
Project Proposal to IHE: Implementation Guide for Data Segmentation For Privacy (DS4P) over REST Submitted by S&I Framework Data Segmentation for Privacy.
Direct Implementation Perspective 0 Mark Bamberg, Vice President Research & Development MEDfx.
Massachusetts: Transforming the Healthcare Economy John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.
A Primer on Healthcare Information Exchange John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.
Copyright 2012 Delmar, a part of Cengage Learning. All Rights Reserved. Chapter 13 Health Information Systems and Strategy.
NextGen Interoperability – Leading the Charge Presenter – David Venier DISCLAIMER: The views and opinions expressed in this presentation are those of the.
EsMD Background Phase I of esMD was implemented in September of It enabled Providers to send Medical Documentation electronically Review Contractor.
CONNECT as an Interoperability Platform - Demo. Agenda Demonstrate CONNECT “As an Evolving Interoperability Platform” –Incremental addition of features.
HIE Implementation in Michigan for Improved Health As approved by the Michigan Health Information Technology Commission on March 4, 2009.
T EXAS C OUNCIL OF C OMMUNITY C ENTERS : D ATA W ORK G ROUP M ARCH 14, 2013 Healthcare Intelligence Partners, LLC.
Initial slides for Layered Service Architecture
IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.
Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review April 9, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
S&I Public Health * We will start the meeting 3 min after the hour October 7 th, 2014.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review April 23, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.
1 Developing and Implementing Electronic Health Records for Behavioral Health Services Strategic Planning for Providers to Improve Business Practices October.
“Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review April 16, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
0 Connectathon 2009 Registration Bob Yencha Webinar | August 28, 2008 enabling healthcare interoperability.
20 Oct 2014.
Larry Wolf Certification / Adoption Workgroup May 13th, 2014.
Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee.
Draft Provider Directory Recommendations Begin Deliberations re Query for Patient Record NwHIN Power Team July 10, 2014.
The Patient Choice Project Project Kickoff December 14 th, 2015.
Justin Richer The MITRE Corporation October 8, 2014 Overview of OAuth 2.0 and Blue Button + REST.
Creating an Interoperable Learning Health System for a Healthy Nation Jon White, M.D. Acting Deputy National Coordinator Office of the National Coordinator.
HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.
© 2005 IBM Corporation IBM Global Business Services 4/10/2006 | Casey Webster and Kevin Julier © 2006 IBM Corporation IBM NHIN Architecture Leveraging.
Medicaid/SCHIP Technical Assistance for Health IT/HIE 2008 AHRQ Annual Conference Presented by: Linda Dimitropoulos, RTI International.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review April 30, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.
XDS Security ITI Technical Committee May, XDS Security Use Cases Prevent Indiscriminate attacks (worms, DOS) Normal Patient that accepts XDS participation.
Kentucky eHealth Summit Michael R. Lardiere, LCSW Vice President Health Information Technology and Strategic Development The National Council for Community.
“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review November 5, 2013 Presented by: David Staggs JD, CISSP Jericho Systems Corporation.
Automate Blue Button Initiative Pull Workgroup Meeting December 13, 2012.
© 2014 By Katherine Downing, MA, RHIA, CHPS, PMP.
COMMUNITY-WIDE HEALTH INFORMATION EXCHANGE: HIPAA PRIVACY AND SECURITY ISSUES Ninth National HIPAA Summit September 14, 2004 Prepared by: Robert Belfort,
Juvenile Legislative Update 2013 Confidential Records and Protected Disclosures.
Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage.
Our pledge: reliability, integrity and trust
Project Proposal to IHE IHE ITI Representational State Transfer (REST) Transport Implementation Guide for Data Segmentation for Privacy (DS4P) Submitted.
IT Infrastructure Plans
Clinical Management for Behavioral Health Services (CMBHS)
Sales Proposal for Prospect
Clinical Management for Behavioral Health Services (CMBHS)
Saturday, January 27 & Sunday, January 28
Confidential Records and Protected Disclosures
Regional Health Information Exchange: Getting There
Online Approvals Standard Department Transition Meeting
Care Connect API Overview & Roadmap presented by Richard Kavanagh.
Omnibus Care Plan (OCP) Care Coordination System
Get Real Health and FHIR®
HL7 FHIR Connectathon Care Planning & Management Track
SharePoint Online Authentication Patterns
SMART on FHIR for managed authorised access to medical records
THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,
A Training For Multidisciplinary Addiction Professionals
ONC Update for HITSP Board
Basic Data Provenance April 22, 2019
US Core Data for Interoperability (USCDI): Data Provenance IG
Health Information Exchange for Eligible Clinicians 2019
Validated Healthcare Directory Connect-A-Thon
Veterans Health Administration
Presentation transcript:

Introduction to Consent2Share A look at how we have arrived where we are The following introductory slides were made possible by the 2010 JASON report related to patients having the ability to segment their health information

Data Segmentation for Privacy Charter Enable the implementation and management of disclosure policies that originate from the patient, the law, or an organization, in an interoperable manner within an electronic health information exchange environment, so individually identifiable health information may be appropriately shared for: Patient treatment and care coordination Third party payment Analysis and reporting for operations, utilization, access quality and outcomes Public health reporting Population health, technology assessment and research

What is Data Segmentation for Privacy? DS4P The HL7 DS4P Implementation Guide (IG) is a HL7 International ANSI normative standard developed under the authority of the ONC Standards and Interoperability project. The DS4P IG defines how to implement segmenting a health record based on a patients’ consent directives. DS4P defined two segmentation methods: 1) meta-tagging; and 2) redaction. Meta-tagging leaves the data in the record and information not to be shared is tagged using sensitivity codes Meta-tagging is not universally supported by current EHR health record systems Redaction is currently the method used for data segmentation

Bias, Stigma, and Prejudice: Ongoing Concerns in Behavioral Health A Mom in recovery had her 2-month old infant removed from her custody after a hospital reported that she had legally prescribed methadone in her system. A young man in recovery was refused work reinstatement despite successful treatment for alcoholism and his physician’s clearance. Legal Action Center, June 2014 ABA Journal June 2014

GOVERNING PRINCIPLE: COERCED CONSENT IS NOT CONSENT Consent cannot be valid if people can only obtain essential services by providing it. -- James Willis, British Journal of GP Br J Gen Pract. 2004 September 1; 54(506): 725 ; http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1326097/pdf/bjpg54-725.pdf

Overview of SAMHSA/ONC’s collaboration around DS4P and integration ONC initiated the DS4P project through the S&I Framework ONC and SAMHSA continually look for ways to integrate behavioral health information across the continuum of care ONC and SAMHSA have participated in the HIMSS Interoperability Showcase – SAMHSA participated in the HIMSS 2016 Interoperability Showcase ONC provides opportunities on an ongoing basis for SAMHSA to highlight technology to support interoperability for HIEs ONC is creating a Behavioral Health Roadmap with SAMHSA input ONC provided oversight in the development of Consent to Share

SAMHSA’s integration/consent efforts – Consent2Share (C2S) C2S was developed using the DS4P IG Currently, C2S supports CCD (C32 variant and C-CDA) C2S V1 implemented in a HIE for Prince Georges County, MD ONC provides opportunities on an ongoing basis for SAMHSA to highlight technology to support interoperability for HIEs

Consent2Share The Patient Journey

Patient-Centered Exchange: Patients Control Their Data

Continuity of Care Problem Sally lives in Richmond, Virginia. She is in opioid addiction recovery. She wants to visit relatives for a week in Prince George’s County, 100 miles away. She must make arrangements with her treatment provider to ensure that her methadone treatment will be uninterrupted. It will take a lot of coordination and time to review and sign the proper paper forms before she can travel.

Continuity of Care Solution: Consent2Share Connected to HIE Sally uses an online consent system connected to the local Health Information Exchange to give her local OTP advanced authorization to share her medical information with an alternative provider. Her methadone treatment will continue uninterrupted. Sally Health Information Exchange Consent2Share

Consent2Share using an HIE Sally Share Sally’s Primary Care Provider Sally’s Local Opioid Treatment Provider 1 3 Consent to Disclose Alternate Treatment Program Dose Display Documents 2 Consent2Share using an HIE

High Level C2S Architecture Health Information Exchange (HIE) Patient Identity Cross-Referencing (PIX) Patient Demographics Source (PDQ) Cross-Enterprise Document Sharing (XDS) Audit Trail and Node Authentication (ATNA) Information Exchange Hub (IExHub) Interoperability Search/Add Patient (PIX, PDQ) Add/Retrieve Documents (XDS) Account of Disclosures/Audit Trail (ATNA) Secure Node/Transport Level Security (ATNA) Consent2Share Application Architecture User Management Register Patient Manage Consent Retrieve/Add Documents Segment/Redact Records

Consent2Share Architecture Diagram Display C2S Architecture Detailed Diagram

Consent2Share V2 Demo Demonstration of the C2S V2 User Interface The Github url: https://bhits.github.io/consent2share/

Consent2Share V3 Thoughts Use OAuth and possibly UMA to decouple C2S Expose endpoints of the various services Provide much more flexibility for implementation options Implementations not tied to specific technology E.g., use FHIR Server for health information instead of xds.b HIE repository Use SMART on FHIR Implement ACS behind enterprise firewalls

HIMSS Privacy on FHIR Demonstration 2015 Previous proof of Concept (Privacy on FHIR) separated them Patient decision was UMA (OAuth profile) Enterprise was interception Provide federated decision capability between Enterprise and Patient Controlled Consent Server Migrate the Enterprise Control to OAuth

New Composite Framework HIMSS Demonstration 2017 Cascading OAuth Servers OAuth Server for Enterprise Policies and Tokens OAuth Servers for Patient Policies and Consent Access Tokens Consent Access Tokens are exchanged for Enterprise Access Tokens If Consent is not required Enterprise Access Token is issued Client always gets a Token for Reuse Resource Server (Interceptor) always gets an Enterprise Access Token which it trusts Integration to ACS framework is done by Enterprise Authorization Server (decision to issue a token)

Proposed Demonstration Architecture Custodian Org Resource server FHIR API Check Overarching Policies 4 OAuth Interceptor PPS/SLS CDMS Patient Overarching Policies OAuth enabled FHIR client Submit Consent Request for Data 1 Redirect to CO AS 2 Patient Consent Authz Server PC AS Custodian Org Authz Server CO AS Request for Token 3 Redirect to PC AS 5 6 PC Token 8 Label/Transform Data 14 Verify, Introspect 10 13 Check Consent 7 Request for Token + PC Token 9 CO Token 11 Request for Data + CO Token 12 Labeled/Transformed Data 15 C2S UI

Questions Questions?

For Additional Information Kenneth Salyards Information Management Specialist Center for Substance Abuse Treatment Substance Abuse and Mental Health Services Administration Kenneth.Salyards@samhsa.hhs.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.