IHE ITI Profile Development Health Date Service Access (aka XCA Query and Retrieve) Fraunhofer ISST epSOS Consortium epSOS Industry Team.

Slides:

Advertisements

Similar presentations

September, 2011What IHE Delivers Cross-enterprise Workflow Management (XDW profile) IT Infrastructure Planning Committee Luca Zalunardo, Arianna Cocchiglia.

Advertisements

XDS Link-Unlink Support Profile Proposal for 2011/12 presented to the IT Infrastructure Planning Committee José Mussi (JRS Partners – IHE Canada) Karen.

IHE ITI Profile Proposal XCA Query and Retrieve Fraunhofer ISST and Tiani Spirit on behalf of epSOS Consortium and epSOS Industry Team.

What IHE Delivers Basic Patient Privacy Consents HIT-Standards – Privacy & Security Workgroup John Moehrke GE Healthcare.

June 28-29, 2005IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross-enterprise Document Sharing for Imaging (XDS-I) Rita Noumeir.

IHE Electrophysiology Remote Implantable Rhythm Control Device Interrogation Eliot L. Ostrow November 2005 Rev 0.0.

IHE Profile Proposal: Dynamic Configuration Management October, 2013.

September, 2005What IHE Delivers 1 Karen Witting IBM Cross-Community: Peer- to-Peer sharing of healthcare information.

Extending XDW in Cross-Community Editor: Charles Parisot Notes for the March 19 th, 2013 – ITI Tech Committee.

XDS.b (Cross-Enterprise Document Sharing)

This presentation prepared for Now is the time to initiate the one change that will have the most leverage across your business systems Patient Identity.

Slide 1 Sharing Images without CDs, The Next Imaging Sea Change GE Healthcare Chris Lindop GE Healthcare Interoperability & Standards.

Austrian e-Medication project Approaches for „Medication list“ Jürgen Brandstätter.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Initial slides for Layered Service Architecture

S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.

IHE Radiology –2007What IHE Delivers 1 Christoph Dickmann IHE Technical Committee March 2007 Cross Domain Review PCC.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.

September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.

Configuration Management Issues in IHE Asuman Dogac, SRDC, METU, Turkey

What IHE Delivers Security and Privacy Overview & BPPC September 23, Chris Lindop – IHE Australia July 2011.

Publication and Discovery XDS IHE IT Infrastructure Webinar Series.

Cross-Enterprise User Assertion IHE Educational Workshop 2007 Cross-Enterprise User Assertion IHE Educational Workshop 2007 John F. Moehrke GE Healthcare.

1 IHE ITI White Paper on Access Control WP Review Cycle 1 Chapter 4: Actors and Transactions Chapter 6: Implementation Issues Dr. Jörg Caumanns, Raik Kuhlisch,

CS 493 Project Definition The project assignment is a simplified version of the Integrating Healthcare Enterprise (IHE) Cross-Enterprise Document Sharing.

OpenPASS Open Privacy, Access and Security Services “Quis custodiet ipsos custodes?”

“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review April 23, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.

Sharing Value Sets (SVS Profile) Ana Estelrich GIP-DMP.

METU-SRDCEUROREC Meeting, Geneva, October 10, 2006 RIDE Overview Asuman Dogac Middle East Technical University Ankara, Turkey.

Cross-enterprise Document Workflow (XDW) IT Infrastructure Technical Committee Editors: Luca Zalunardo, Arianna Cocchiglia, Arsenal.IT.

February 8, 2005IHE Europe Educational Event 1 Integrating the Healthcare Enterprise Basic Security Robert Horn Agfa Healthcare.

XDW in a multi-community environment and back-linking to Workflow Documents A high-level analysis to avoid design choices that would make XDW Trial Implementation.

Dynamic Document Sharing Detailed Profile Proposal for 2010 presented to the IT Infrastructure Technical Committee Karen Witting November 10, 2009.

Key Issues of Interoperability in eHealth Asuman Dogac, Marco Eichelberg, Tuncay Namli, Ozgur Kilic, Gokce B. Laleci IST RIDE Project.

Implementing the XDS Infrastructure Bill Majurski IT Infrastructure National Institute of Standards and Technology.

1 Healthcare Information Technology Standards Panel Care Delivery - IS01 Electronic Health Record (EHR) Laboratory Results Reporting July 6, 2007.

Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee.

XDStarClient Presentation of a suite of tools developed by IHE Europe for healthcare community Abderrazek Boufahja Mai 25, 2012.

Cross-Community Patient Identification (XCPI) Brief Profile Proposal for 2009 presented to the IT Infrastructure Technical Committee Karen Witting November.

Dynamic Data Brief Profile Proposal for 2009/10 presented to the IT Infrastructure Planning Committee Karen Witting September 30, 2009.

Publication and Discovery XDS and DSUB IT Infrastructure Planning Committee Ilia Fortunov - Microsoft.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing Charles PARISOT GE Healthcare.

IHE ITI Profile Proposal XCA Query and Retrieve Fraunhofer ISST and Tiani Spirit on behalf of epSOS Consortium and epSOS Industry Team.

1 IHE ITI White Paper on Authorization Rough Cut Implementation Opportunities for BPPC Dr. Jörg Caumanns, Raik Kuhlisch, Olaf Rode Berlin,

Metadata By N.Gopinath AP/CSE Metadata and it’s role in the lifecycle. The collection, maintenance, and deployment of metadata Metadata and tool integration.

Draft Provider Directory Recommendations Begin Deliberations re Query for Patient Record NwHIN Power Team July 10, 2014.

XCPI - Cross-Community Patient Identification (likely to be renamed to something like XC Patient Location and Identification) Karen Witting.

1 IHE ITI White Paper on Access Control Outline of Chapter 4 Jörg Caumanns, Raik Kuhlisch, Olaf Rode TCon,

Draft Recommendations Patient Matching Power Team July 1, 2011.

IHE IT Infrastructure Domain Update Karen Witting – IBM IT Infrastructure Technical Committee co-chair.

September, 2005What IHE Delivers 1 IT Infrastructure Planning Committee Karen Witting – Ready Computing XDS & XCA: On-Demand Documents.

Dynamic/Deferred Document Sharing (D3S) Profile for 2010 presented to the IT Infrastructure Technical Committee Karen Witting February 1, 2010.

© 2005 IBM Corporation IBM Global Business Services 4/10/2006 | Casey Webster and Kevin Julier © 2006 IBM Corporation IBM NHIN Architecture Leveraging.

Cross-enterprise Basic eReferral Workflow Definition (XBeR-WD) Brief Profile Proposal for 2011/12 presented to the PCC Technical Committee Luca Zalunardo,

Provider Directories Tasking, Review and Mod Spec Presentation NwHIN Power Team April 17, 2014.

Cross-Enterprise User Authentication Year 2 March 16, 2006 Cross-Enterprise User Authentication Year 2 March 16, 2006 John F. Moehrke GE Healthcare IT.

What IHE Delivers Basic Patient Privacy Consents HIT-Standards – Privacy & Security Workgroup John Moehrke GE Healthcare.

XDS P2P (revised) Brief Profile Proposal for 2008/09 presented to the IT Infrastructure Planning Committee A. Kassner (IHE-D), J. Caumanns (eCR) 01 October.

September, 2005What IHE Delivers 1 Patient Index and Demographic Implementation Strategies IHE Vendors Workshop 2006 IHE IT Infrastructure Education Rick.

PIX/PDQ – Today and Tomorrow Vassil Peytchev Epic.

XDS Security ITI Technical Committee May, XDS Security Use Cases Prevent Indiscriminate attacks (worms, DOS) Normal Patient that accepts XDS participation.

Cross Community Access Profile Karen Witting IBM Co-chair ITI technical committee.

Integrating the Healthcare Enterprise Retrieve Information for Display (RID) Integration Profile Ellie Avraham Kodak Health Imaging IHE IT Infrastructure.

Dynamic/Deferred Document Sharing (D3S) Profile for 2010 presented to the IT Infrastructure Technical Committee Karen Witting February 1, 2010.

IT Infrastructure Plans

Presented by: Gregorio Canal (Arsenàl.IT) to ITI Technical Cmte

IHE Workshop: Displayable Reports (DRPT)

Presentation transcript:

IHE ITI Profile Development Health Date Service Access (aka XCA Query and Retrieve) Fraunhofer ISST epSOS Consortium epSOS Industry Team

2 Background In the European epSOS project it was decided to use IHE XCA for cross-border data sharing During epSOS Service design and implementation several problems were discovered –policy enforcement and consent verification (missing attributes in the retrieve operation) –assessment of audit trails (what documents of patient X were accessed by whom?) –stateless responding gateway (esp. in case of dynamic/deferred document generation) Similar problems were discovered during design of the German PHR services and are reported by industry

3 Another Use Case A vendor of heart pacemakers allows a patient to run a diagnoses of the device. The diagnoses data is transmitted to a central server at the vendor. Authorized physicians may access this data. The vendor implements a service for physicians to access their patients diagnosis data. The idea is to use XCA/XDS for the implementation of Pacemaker::GetRecentDiagnosisData( pid ): –CrossGatewayQuery( patient-ID, pacemaker-data, CDA)  17 –CrossGatewayRetrieve( 17 )  CDA-coded diagnosis data Problems –how to enforce a patient policy on retrieve( 17 )? –why 2 transactions (incl. transmission, parsing, database access, security and audit overhead)? –when to render CDA from the diagnosis data while keeping the service stateless and IDs consistent? –what if new diagnosis data is written to the database between query and retrieve (implied semantics broken)?

4 Profile Development: Methodology Assumption is that these observations are just the symptoms for a deeper problem: Why does XCA fit for sharing data between healthcare enterprises and why does it cause problems in scenarios like epSOS? Methodology: –Assess the “real” problem –Discover typical examples –Analyze the symptoms (is the list complete?) –Assess whether the solution proposed by epSOS covers the problem and “heals” the symptoms

5 Problem Assessment XCA works fine for HIN connectivity (EHR sharing) –existing data of any kind  content agnostic –provider-specific EHR compilation  browsing metaphor –unstructured documents  need for metadata –participants are trusted  perimeter protection –access is semantic-neutral  no need to query on data semantics (“most recent” etc.) SOA Entity Services (Health Data Services) like in epSOS and other HIN-by-Design scenarios –known data types and formats (fixed data model) –bound to business/domain model –structured data (CDA) –trust brokerage; service discovery (health data locator) –fine grained, policy based access control –operations impose semantics (“getMostRecentCarePlan”) –discrete behavior (transactional semantics)

6 Example 1 XCAepSOS ePrescription Service Content agnosticConsumer can only process CDA coded ePrescriptions acc. to epSOS schema Browsing metaphorTargeted search for ePrescriptions (there is no assumption of a full EHR) Search by metadataAll information needed is implied or within the document (but may be content-specific for some operations and therefore not covered by metadata) Perimeter protectionEnforcement of domain security policy and patient privacy policy (XACML/BPPC) Semantic neutralConsumer wants “dispensable prescriptions”; only provider can assess whether a prescription is dispensable (shared semantics)

7 Example 2 XCAHeart Pacemaker Diagnosis Service Content agnosticConsumer expects diagnosis data in an agreed format and encoding Browsing metaphorTargeted search for most recent diagnosis data (again: no EHR, just very specific data) Search by metadataAll information needed is implied by the service and the operation Perimeter protectionEnforcement of domain security policy and patient privacy policy (XACML/BPPC) Semantic neutralConsumer wants “most recent data”; can be assessed at both sides if list of matching data objects is known (fits with XCA)

8 Conclusion 1 XCA is mainly addressing cross-community scenarios for sharing data between independent patient record managing entities. XCA characteristics do not match scenarios well where partners have agreed on the types, formats, business object models and semantics of specific data sharing services (SOA “entity services” acc. to IHE SOA White Paper; Health Data Services in common (European) terminology).

9 Conclusion 2 XCA can as well be used to implement health data services, but –makes security very complex –imposes overhead and complexity on the business level (browsing metaphor) –imposes restrictions on the agreed semantics as metadata is fixed and content agnostic; does not allow to search within structured documents of known format From a technical perspective the content-aware data access to health data services is much simpler than a very flexible, content- agnostic data sharing setting: –the requirements have an overlap with QED, but this has other problems (see XCA supplement) –many of the XCA features are just overhead and cause complexity  benefit of standard solution may get lost! newly designed eHealth solutions (SOA, CDA,...) often follow the Health Data Service paradigm by focusing on specific data and building upon a shared domain/information model

10 Actors and Transactions 2 Actors –Health Data Service Consumer –Health Data Service Provider 1 Transaction –listData( patientID, infoModelReference, specificQueryParams ) Features –perfectly matches SOA principles and entity service requirements –single transaction simplifies security and handling of dynamic/deferred documents in SOA –content-awareness allows for binding the service to a business/domain/information model

11 Standards Options ebRS, ebRIM (as in XCA/XDR/XDM/XDS) –Advantages very low implementation effort for vendors who already support XCA XDR comes for free as a provide-operation –Disadvantages content agnostic (content awareness must be added) OMG/HL7 RLUS (+ HL7 CDA query profile) –Advantages perfectly matches all requirements through the notion of semantic signifiers –Disadvantages new standard not in use for IHE profiles (high effort) conflicts with existing profiles (XCA, XDR) Draft Specs are available from epSOS for both standards

12 XCA XGateway-Query Extension

13 XCA Extension The query request message XML is syntactically identical to that of IHE Cross Community Query request with two extensions:. –The is “urn:ihe:iti:2010:CrossGatewayQueryRetrieve” –Inside the returnType “LeafClassWithRepositoryItem” MUST be used. This value, specified by ebRS version 3.0, indicates that both the full metadata plus the document contents are to be returned.

14 XCA Extension The query response includes metadata and documents wire-format as for retrieve response message (MTOM/XOP)

15 Benefits Approach does work for each registry and repository implementation that works with current XCA –existing infrastructure not affected Simplification of security means –policy is enforced only once –all attributes for policy decision are available –only one audit trail entry with all information

16 Open Issues including a reference to the business (domain/information) model with the query –may be expressed through the class code (or combination of classCode and typeCode) content-model specific query arguments –exisiting slots should correspond to CDA header schema –syntactically it is easy to add additional entries –specific slot names and parameter types could be defined together with the respective CDA implementation guideline or domain/information model –vendors MAY query into documents or extract metadata for querying --> implementation dependend and invisible to the consumer minimization of metadata overhead –refer to Minimum Metadata Profile or make fully optional

17 Metadata in result set Metadata (ebRIM names)Health Data Service usage convention statusimplied mimeTypeimplied NameNo processable, otherwise implied. creationTimeEncoded within the document hashCan usually be omitted (integrity protection during transmission) languageCodeEncoded within the document repositoryUniqueIdNot needed in Health Data Provider scnearios serviceStartTime, serviceEndTime Encoded within the document sizeImplied (document is available) sourcePatientIdEncoded within the document sourcePatientInfoEncoded within the document classCodeImplied eventCodeListRelevant information is within the document authorEncoded within the document confidentialityCodeNot needed if policy is enforced at the provider formatCodeImplied or encoded within the document healthcareFacilityTypeCodeUsually not needed (it’s just a service...) otherwise within the document practiceSettingCodeUsually not needed (it’s just a service...) otherwise within the document XDSDocumentEntry.uniqueIdNot needed XDSDocumentEntry.PatientIdEncoded within the document

18 Next Steps Agreement on a storyline for Part 1 and use cases (next TCon on Jan. 31st) Agreement on the standard (next TCon) Draft of Part 1 and 2 for the f2f in Toronto Discussion on open issues (Toronto)