Rationale and related efforts Brief Progress Report

Slides:

Advertisements

Similar presentations

HIT Implementation Assistance ARRA Section 3012 (Public Health Service Act)

Advertisements

Institute of Medicine Report:

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

University of Houston Health Science Center Initiative.

2002 Quality Report Presented to the Board of Trustees March 2003.

Capacity Task Force Virginia Health Reform Initiative January 14, 2011

GOLD/GALILEO Users Group Conference August 1, 2008 Rita Smith, MLIS, AHIP Anna Krampl, MLIS, AHIP Mercer University Medical Library.

Georgia Institute of Technology. Georgia Tech is an innovative intellectual environment with more than 900 full-time instructional faculty and more than.

State Alliance for e-Health Conference Meeting January 26, 2007.

AMERICAN RECOVERY AND REINVESTMENT ACT OF 2009 Health Information Technology for Economic and Clinical Health Act (HITECH Act) Regina.

Internet2 Health Sciences Security Jere Retzer, OHSU March 7, 2001.

A STANDARDISED ASSESSMENT SYSTEM FOR ENGLISH FOR MEDICAL PURPOSES TO ACHIEVE INTERNATIONAL EDUCATIONAL HARMONISATION.

State HIE Program Chris Muir Program Manager for Western/Mid-western States.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

This material was developed by Oregon Health & Science University, funded by the Department of Health and Human Services, Office of the National Coordinator.

FEDERATIONS Clair Goldsmith, Ph.D., Associate Vice Chancellor and CIO September 27,

HIPAA LAWS.  Under the privacy rule, the patient must give consent to use his or her Protected Health Information.  Examples in which consent must be.

EHealth Progress Across the States in 2007 Results of a Survey of State Officials AcademyHealth National Health Policy Conference State Health Research.

Kevin W. Ryan JD, MA Associate Director – ACHI Assistant Professor – UAMS COPH Rural TeleCon ’06 10th Annual Conference of the Rural Telecommunications.

10/29/2000 Internet2 Health Sciences Security Working Group Planning Jere Retzer,

Taking a Fresh Look at the AAMC Faculty Practice Plan Survey (FPPS) Mary Patton Wheatley Hershel Alexander November 4, 2011.

Configuring Electronic Health Records Privacy and Security in the US Lecture a This material (Comp11_Unit7a) was developed by Oregon Health & Science University.

The U. S. Health Care System Challenges, Opportunities and Solutions Fifth National HIPAA Summit Clinical Data Standards and the Creation of an Interconnected,

State Alliance for e-Health Michelle Lim Warner, MPH Senior Policy Analyst NGA Center for Best Practices

MedMid Working Group Steve Olshansky, Internet2 28 October 2002 Medical Middleware.

Services Information University Project Sentinel: A Response to Bio-Terrorism funded by the National Library of Medicine Common Solutions Group University.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

An Unprecedented Opportunity: Using Federal Stimulus Funds to Advance Health IT in California Testimony of Sam Karp, Vice President of Programs California.

The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law

Mary Trauner Senior Research Scientist Georgia Institute of Technology Middleware for Video.

HIPAA Transactions and Code Sets LA County Department of Mental Health Solution June 5, 2003.

Health Information Exchange: Alaska’s Health Pipeline Alaska Bar Association Health Law Section February 2, 2012 Carolyn Heyman-Layne.

STFM 41st Annual Spring Conference April 30 – May 4, 2008 Baltimore, MD.

Refuah Community Health Collaborative (RCHC) PPS

A medical services company

Round Table August 25, :00am - 1:00pm AK

Denise Chrysler, JD Director, Mid-States Region

Audit Trail LIS 4776 Advanced Health Informatics Week 14

Student Broad-Based Fee Proposal

Trust Profiling for Adaptive Trust Negotiation

AGENDA Introductions Topics for discussion Questions Activity Review.

MULTI DISPLINARY CARE.. . PATIENT PHYSICIANNURSESOTHERSDIETITIANPHYSIOTHERAPIST.

The Ethics of Telepsychology

Organizational Profile

The Essentia Institute of Rural Health (EIRH) is

Educause/Internet 2 Computer and Network Security Task Force

Designing Effective Accommodation Plans in Clinical Placement & Internship Settings

Electronic Health Records (EHR)

CHAPTER 4 LEGAL AND ETHICAL PRINCIPLES

Oncology Update June 3rd, 2000

William Hersh, MD Professor and Chair

Health Information Security and Privacy Collaborative (HISPC) Overview

Building A Community of Trust to Transform Medicines Development

Refuah Community Health Collaborative (RCHC) PPS

RISK MANAGEMENT and PATIENT SAFETY PROGRAM BASICS

Prior authorization and patient cost-sharing are least likely to be seen as effective in reducing unnecessary care. “How effective do you think each of.

Health Care: Privacy in a Digital Age

Centralization Listening Session

HIMSS National Conference New Orleans Convention Center

HIT Legal Issues: Legal Structure and Tax Status

THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,

Identity and Trust Management Platform in DICOM

Auditing Compliance with the Privacy Rule

11 iii. Define management and supervision roles and responsibilities

Workforce Change Project in Long Term Conditions

Uniform Guidance and Grants Accounting

Nursing informatics Lecture (11).

Overview of HHS/CDC Construction Authorities

Health Information Exchange for Eligible Clinicians 2019

Presentation transcript:

Rationale and related efforts Brief Progress Report Meduperson Rationale and related efforts Brief Progress Report

Eduperson Eduperson is an LDAP (directory) schema which is: Designed to describe people in an educational institution. Designed to define roles and privileges within an institution and for authentication and authorization to them. Designed to provide a basis for transfer of this information between institutions in a secure, standard, fashion.

Meduperson At one level, Meduperson is a extension of Eduperson to the health affairs campus. Defines whether residents get football tickets. Will include credentialing information appropriate to Health Science role. Data from licensure boards, AAMC, AMA, other professional associations, as needed to define role in institution.

Meduperson But, stakes are higher in this world! We do need to know who should have a library card and who should pay tuition. We also need to know a lot more: Who is making entries in the medical chart? Who is prescribing medication? Who is otherwise treating patients? What is their authority to do so, and how was that authority derived? How can we preserve that authority over time and space? (I.e. non-repudiation; between entities)

Meduperson The practice of medicine, even in a single academic institution, involves multiple entities: Universities Hospitals Practice Plans Patients Payers Contractors and Subcontractors

Meduperson HIPAA, plus other evolving law, says an entity is not only responsible for the security and privacy of the patient record with respect to its own acts, but also with regard to the acts of all its business partners, including clinical collaborators. In an electronic world, is each entity going to individually credential every player, including every contract nurse or ward clerk, and keep up with those credentials on a dynamic basis?

Meduperson In the academic world, Meduperson, like Eduperson, is about library access, student health, and football tickets. In the Patient Care environment, it provides a potential framework for authorization, authentication, non-repudiation within an entity. It also provides a basis for secure and private transmission of this information to business partners, including clinical collaborators, within and between institutions.

Meduperson In HIPAA terms, if implemented correctly, Meduperson provides a mechanism to meet not only the patient security and privacy requirements within an entity, but also the HIPAA chain-of-trust and need to know requirements which apply to entities and their business partners.

Meduperson Even if current events cause a relaxation or delay of some HIPAA requirements, these events also highlight: The extreme vulnerability of our present clinical information systems. Our general inability to extract information in a secure, private, timely fashion from a population of patients. Such information may be clearly relevant to national security as well as to individual patient welfare.

Meduperson Activities: Attempting to better define attributes and ultimate purpose—discussions with AAMC, OMG, AMIA, NCHICA, others. Wrote unsuccessful NSF CISE grant under network centered middleware program. Internet2 Consortium Los Alamos National Labs Oregon Health and Science University University of Tennessee Health Science Center Virginia Tech A different, more generic, I2 application was funded.