Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Consent2Share

Published byTheodora Smith Modified over 6 years ago

Similar presentations

Presentation on theme: "Introduction to Consent2Share"— Presentation transcript:

1 Introduction to Consent2Share
A look at how we have arrived where we are The following introductory slides were made possible by the 2010 JASON report related to patients having the ability to segment their health information

2 Data Segmentation for Privacy Charter
Enable the implementation and management of disclosure policies that originate from the patient, the law, or an organization, in an interoperable manner within an electronic health information exchange environment, so individually identifiable health information may be appropriately shared for: Patient treatment and care coordination Third party payment Analysis and reporting for operations, utilization, access quality and outcomes Public health reporting Population health, technology assessment and research

3 What is Data Segmentation for Privacy? DS4P
The HL7 DS4P Implementation Guide (IG) is a HL7 International ANSI normative standard developed under the authority of the ONC Standards and Interoperability project. The DS4P IG defines how to implement segmenting a health record based on a patients’ consent directives. DS4P defined two segmentation methods: 1) meta-tagging; and 2) redaction. Meta-tagging leaves the data in the record and information not to be shared is tagged using sensitivity codes Meta-tagging is not universally supported by current EHR health record systems Redaction is currently the method used for data segmentation

4 Bias, Stigma, and Prejudice: Ongoing Concerns in Behavioral Health
A Mom in recovery had her 2-month old infant removed from her custody after a hospital reported that she had legally prescribed methadone in her system. A young man in recovery was refused work reinstatement despite successful treatment for alcoholism and his physician’s clearance. Legal Action Center, June 2014 ABA Journal June 2014

5 GOVERNING PRINCIPLE: COERCED CONSENT IS NOT CONSENT
Consent cannot be valid if people can only obtain essential services by providing it. -- James Willis, British Journal of GP Br J Gen Pract September 1; 54(506): 725 ;

6 Overview of SAMHSA/ONC’s collaboration around DS4P and integration
ONC initiated the DS4P project through the S&I Framework ONC and SAMHSA continually look for ways to integrate behavioral health information across the continuum of care ONC and SAMHSA have participated in the HIMSS Interoperability Showcase – SAMHSA participated in the HIMSS 2016 Interoperability Showcase ONC provides opportunities on an ongoing basis for SAMHSA to highlight technology to support interoperability for HIEs ONC is creating a Behavioral Health Roadmap with SAMHSA input ONC provided oversight in the development of Consent to Share

7 SAMHSA’s integration/consent efforts – Consent2Share (C2S)
C2S was developed using the DS4P IG Currently, C2S supports CCD (C32 variant and C-CDA) C2S V1 implemented in a HIE for Prince Georges County, MD ONC provides opportunities on an ongoing basis for SAMHSA to highlight technology to support interoperability for HIEs

8 Consent2Share The Patient Journey

9 Patient-Centered Exchange: Patients Control Their Data

10 Continuity of Care Problem
Sally lives in Richmond, Virginia. She is in opioid addiction recovery. She wants to visit relatives for a week in Prince George’s County, 100 miles away. She must make arrangements with her treatment provider to ensure that her methadone treatment will be uninterrupted. It will take a lot of coordination and time to review and sign the proper paper forms before she can travel.

11 Continuity of Care Solution: Consent2Share Connected to HIE
Sally uses an online consent system connected to the local Health Information Exchange to give her local OTP advanced authorization to share her medical information with an alternative provider. Her methadone treatment will continue uninterrupted. Sally Health Information Exchange Consent2Share

12 Consent2Share using an HIE
Sally Share Sally’s Primary Care Provider Sally’s Local Opioid Treatment Provider 1 3 Consent to Disclose Alternate Treatment Program Dose Display Documents 2 Consent2Share using an HIE

13 High Level C2S Architecture
Health Information Exchange (HIE) Patient Identity Cross-Referencing (PIX) Patient Demographics Source (PDQ) Cross-Enterprise Document Sharing (XDS) Audit Trail and Node Authentication (ATNA) Information Exchange Hub (IExHub) Interoperability Search/Add Patient (PIX, PDQ) Add/Retrieve Documents (XDS) Account of Disclosures/Audit Trail (ATNA) Secure Node/Transport Level Security (ATNA) Consent2Share Application Architecture User Management Register Patient Manage Consent Retrieve/Add Documents Segment/Redact Records

14 Consent2Share Architecture Diagram
Display C2S Architecture Detailed Diagram

15 Consent2Share V2 Demo Demonstration of the C2S V2 User Interface
The Github url:

16 Consent2Share V3 Thoughts
Use OAuth and possibly UMA to decouple C2S Expose endpoints of the various services Provide much more flexibility for implementation options Implementations not tied to specific technology E.g., use FHIR Server for health information instead of xds.b HIE repository Use SMART on FHIR Implement ACS behind enterprise firewalls

17 HIMSS Privacy on FHIR Demonstration 2015
Previous proof of Concept (Privacy on FHIR) separated them Patient decision was UMA (OAuth profile) Enterprise was interception Provide federated decision capability between Enterprise and Patient Controlled Consent Server Migrate the Enterprise Control to OAuth

18 New Composite Framework HIMSS Demonstration 2017
Cascading OAuth Servers OAuth Server for Enterprise Policies and Tokens OAuth Servers for Patient Policies and Consent Access Tokens Consent Access Tokens are exchanged for Enterprise Access Tokens If Consent is not required Enterprise Access Token is issued Client always gets a Token for Reuse Resource Server (Interceptor) always gets an Enterprise Access Token which it trusts Integration to ACS framework is done by Enterprise Authorization Server (decision to issue a token)

19 Proposed Demonstration Architecture
Custodian Org Resource server FHIR API Check Overarching Policies 4 OAuth Interceptor PPS/SLS CDMS Patient Overarching Policies OAuth enabled FHIR client Submit Consent Request for Data 1 Redirect to CO AS 2 Patient Consent Authz Server PC AS Custodian Org Authz Server CO AS Request for Token 3 Redirect to PC AS 5 6 PC Token 8 Label/Transform Data 14 Verify, Introspect 10 13 Check Consent 7 Request for Token + PC Token 9 CO Token 11 Request for Data + CO Token 12 Labeled/Transformed Data 15 C2S UI

20 Questions Questions?

21 For Additional Information
Kenneth Salyards Information Management Specialist Center for Substance Abuse Treatment Substance Abuse and Mental Health Services Administration

Download ppt "Introduction to Consent2Share"

Similar presentations

Integrating the Healthcare Enterprise IHE Overview Keith W. Boone Interoperability Architect, GE Healthcare Co-chair, IHE Patient Care Coordination PC.

Integrating the Healthcare Enterprise IHE Overview Keith W. Boone Interoperability Architect, GE Healthcare Co-chair, IHE Patient Care Coordination PC.
New Care Paradigms Require Health Information Exchange Combining IHE interoperability profiles to enable interoperability between care providers.

New Care Paradigms Require Health Information Exchange Combining IHE interoperability profiles to enable interoperability between care providers.
A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.

A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.
HEALTH HOMES HEALTH HOMES TECHNOLOGY SIMULATION WORKSHOP Ron HendlerNish Thakker.

HEALTH HOMES HEALTH HOMES TECHNOLOGY SIMULATION WORKSHOP Ron HendlerNish Thakker.
Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.

Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.

SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.
Project Proposal to IHE: Implementation Guide for Data Segmentation For Privacy (DS4P) over REST Submitted by S&I Framework Data Segmentation for Privacy.

Project Proposal to IHE: Implementation Guide for Data Segmentation For Privacy (DS4P) over REST Submitted by S&I Framework Data Segmentation for Privacy.
Direct Implementation Perspective 0 Mark Bamberg, Vice President Research & Development MEDfx.

Direct Implementation Perspective 0 Mark Bamberg, Vice President Research & Development MEDfx.
Massachusetts: Transforming the Healthcare Economy John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.

Massachusetts: Transforming the Healthcare Economy John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.
A Primer on Healthcare Information Exchange John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.

A Primer on Healthcare Information Exchange John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.

User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.
Copyright 2012 Delmar, a part of Cengage Learning. All Rights Reserved. Chapter 13 Health Information Systems and Strategy.

Copyright 2012 Delmar, a part of Cengage Learning. All Rights Reserved. Chapter 13 Health Information Systems and Strategy.
NextGen Interoperability – Leading the Charge Presenter – David Venier DISCLAIMER: The views and opinions expressed in this presentation are those of the.

NextGen Interoperability – Leading the Charge Presenter – David Venier DISCLAIMER: The views and opinions expressed in this presentation are those of the.
EsMD Background Phase I of esMD was implemented in September of 2011. It enabled Providers to send Medical Documentation electronically Review Contractor.

EsMD Background Phase I of esMD was implemented in September of It enabled Providers to send Medical Documentation electronically Review Contractor.
CONNECT as an Interoperability Platform - Demo. Agenda Demonstrate CONNECT “As an Evolving Interoperability Platform” –Incremental addition of features.

CONNECT as an Interoperability Platform - Demo. Agenda Demonstrate CONNECT “As an Evolving Interoperability Platform” –Incremental addition of features.
HIE Implementation in Michigan for Improved Health As approved by the Michigan Health Information Technology Commission on March 4, 2009.

HIE Implementation in Michigan for Improved Health As approved by the Michigan Health Information Technology Commission on March 4, 2009.
T EXAS C OUNCIL OF C OMMUNITY C ENTERS : D ATA W ORK G ROUP M ARCH 14, 2013 Healthcare Intelligence Partners, LLC.

T EXAS C OUNCIL OF C OMMUNITY C ENTERS : D ATA W ORK G ROUP M ARCH 14, 2013 Healthcare Intelligence Partners, LLC.
Initial slides for Layered Service Architecture

Initial slides for Layered Service Architecture
IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.

IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.
Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.

Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.

Similar presentations

Ads by Google