This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

FHIR Consent December 16, 2015

From HL7Wiki
Jump to navigation Jump to search

Back to CBCC Wiki: Meetings

Back to HL7 FHIR Consent Directive Project

Attendees

Member Name x Member Name x Member Name
x Johnathan ColemanCBCC Co-Chair x Kathleen Connor FM Co-Chair x Tarik Idris
William Kinsley Russell McDonell x John Moehrke Security Co-Chair
x Marty Prahl Diana Proud-Madruga Pat Pyette
Suzanne Gonzales-Webb CBCC Co-Chair x David Staggs x Glen Marshall
Rob Horn Beth Pumo [1]

Agenda

  • Do we hold meeting next week?
  • Update from FM on Contract
  • Ready to Vote
    • 6861 2015May sdc #78 - What is subject? (James Kretz) Considered - Question Answered
    • 7691 2015May core #982 - Is "subject" supposed to identify the data covered by the consent? (Ioana Singureanu)
    • 6864 2015May sdc #81 - Only one mandatory element in consent directive (James Kretz) Considered - Question Answered
    • 7531 2015May core #822 - ConsentDirective ballot status (Grahame Grieve) Persuasive with Mod
  • Comments on first draft of Privacy Consent Directive IG
  • Further examples??
    • Tarik
    • Research use-case from Dan Russler
    • John's use-cases
    • other?
  • discuss layout of IG.
    • Outline for the content we want to include
    • Value-Sets
      • Invent example value-sets?
      • Create value-sets from real vocabulary?
    • discuss Profile Actors
      • systems that would have conformance requirements
      • Not humans, not legal

Minutes

  • FHIR Consent Directive call cancelled for 12/23 and will resume 12/30. There won't be a call on 12/9 due to WGM. Kathleen to send out notice.
  • Call time change discussion - after the WGM, we will be surveying the active members to determine a better call time.
  • Block vote on FHIR Consent Directive call minutes 10/28 - 12-9. Approved 5-0-0
  • Block vote approved -- Glen Marshal / John Moehrke : 6-0-0
    • 6861 2015May sdc #78 - What is subject? (James Kretz) Considered - Question Answered
    • 7691 2015May core #982 - Is "subject" supposed to identify the data covered by the consent? (Ioana Singureanu)
    • 6864 2015May sdc #81 - Only one mandatory element in consent directive (James Kretz) Considered - Question Answered
    • 7531 2015May core #822 - ConsentDirective ballot status (Grahame Grieve) Persuasive with Mod
  • Update from FM on Contract - FM WG approved CBCC requested changes and in addition, approved name changes for two Contract elements. See FM 12-11-15 call minutes
    • Add Contract.subject defined as "the entity impacted by or of interest to the contract", which supports easy query for a Patient's Consent Directive, even if the same information is included in the ConsentDirective.actor.
    • Change the name of Contract.actor to Contract.party
    • Change the name of current Contract.subject to Contract.topic, and keep current definition.
  • For specifics, see FM 12-11-15 call minutes
  • John asked for comments on his notes on the IG. His preferred method for receiving feedback and proposed additional documentation is by cutting and pasting from the IG into Word and making changes with track changes on.
  • Tarik walked through questions and issues he found when creating a FHIR Consent Directive instance based on a German use case where the default HIE policy is opt-out, so a patient must opt-in to grant access to a specific provider organization.
  • Tarik wasn't sure how to use ConsentDirective.authority vs. ConsentDirective.domain. He and John were not sure about the datatypes for these elements. However, after checking the descriptions of the Organization and Location Resources, John surmised that Tarik had used these two elements correctly. Here's Tarik's example [excerpted from the full instance below], the element definitions, and the Resource descriptions: <authority>
     <reference value="Organization/Good+HIE"/>
   <display value="Good+HIE"/>
  </authority>
   
 <domain>
     <reference value="Location/FederalRepublicOfGermany"/>
     <display value="Germany"/>
  </domain>
 <domain>
     <reference value="Location/Hamburg"/>
     <display value="Hamburg"/>
  </domain>

Contract.authority(ConsentDirective.authority) is defined as A formally recognized grouping of people, principals, organizations, or jurisdictions with legal standing to promulgate, administer, and enforce privacy policies and applicable Consent Directives. 0..* Reference(Organization) Contract.domain(ConsentDirective.domain) is defined as Recognized governance framework or system operating with a circumscribed scope in accordance with specified principles, policies, processes or procedures for managing rights, actions, or behaviors of parties or principals relative to privacy protection and control of the collection, access, use and disclosure of resources. 0..* Reference(Location) with alternate name = scope of governance jurisdiction 5.5.2 Boundaries and Relationships The Organization resource is used for collections of people that have come together to achieve an objective. The Group resource is used to identify a collection of people (or animals, devices, etc.) that are gathered for the purpose of analysis or acting upon, but are not expected to act themselves. The Organization resource often exists as a hierarchy of organization resources, using the part-of property to provide the association of the child to its parent organization. This organizational hierarchy helps communicate the conceptual structure, whereas the Location resource provides the physical representation of the hierarchy. The linkage between Organization and Location is from each point in the location hierarchy to the appropriate level in the Organization hierarchy. These links don't all have to be to the top level Organization. When populating the organization and location hierarchies there is often not a clear distinction between these 2, however to assist in making the decision, Locations are always used for recording where a service occurs, and hence where encounters and observations are associated. The Organization property on these resources may not be the location where the service took place. 5.15.2 Boundaries and Relationships Locations and Organizations are very closely related resources and can often be mixed/matched/confused. The Location is intended to describe the more physical structures managed/operated by an organization, whereas the Organization is intended to represent the more conceptual hierarchies, such as a ward. A Location is valid without an address in cases where it could be purely described by a geo-coded location in remote areas, or when recorded by a device. Locations with a mode = "kind" would also likely not have an address, as they are just a type of location, but could also have an address where they can be found at the address. Another use of location could be for describing a Jurisdiction. This jurisdiction may be considered a classified boundary which could be a combination of a physical boundary, and some other discriminator(s): • Nation - Country wide community or Federal Government (Ministry of Health) • Province or State (community or Government) • Business (throughout an enterprise) • Business scope (CDC/FDA) • Business segment (UK Pharmacy)

  • Tarik wasn't sure when to use Contract.applies and Contract.term.applies. He stated that he decided to just put the contract period in a term about the HIE consent directive policy. However, after discussing the use case, Kathleen stated that the Contract.applies is the overarching time period of the contract. John stated that queries on Contract.applies would be more efficient than on Contract.term.applies. Questions about whether the Contract.applies should be the time boundaries for all the terms or not. Kathleen said that there might be an overarching period that is overridden by a term that has no expiry date. John said that FHIR anticipates open ended periods as a use case for the Period datatype. Tarik's example is a period that applies to the Consent Directive as a whole, and should be at the header ConsentDirective.applies, although there's nothing precluding repetition at the term level even if the primary use of the ConsentDirective.term.applies is for overriding the header period. Needs further discussion as to whether the ConsentDirective.term.applies should be limited for overrides, and how to deal with header periods that are not the boundaries for the term periods, e.g., where the ConsentDirective is effective for 5 years but the term allows the use of certain information for research purposes for a longer period once it's disclosed.
  • Tarik asked about how to reference an XACML version of the HIE ConsentDirective policy. He used a ConsentDirective.term.identifier as the place to put the policy reference. After some discussion Kathleen stated that this policy should be in ConsentDirective.legal, which can reference an Attachment or a Composition, Document and the XACML rule should be in ConsentDirective.rule
  • Tarik also had questions about use of ConsentDirective.type, ConsentDirectives.subtype, ConsentDirective.term.type, and ConsentDirective.term.subtype, which were not fully addressed and seem to concern use of action.reason rather than the types: "what if the policy expressly forbids marketing access while at the same time allows? The referenced policy should determine effect, in many cases it cannot easily be summarized." This needs follow up. It should be supported by action.reason but the Purpose of Use codes are all positives, so do we need a Boolean = Not this POU?
  • Another Tarik question that needs more discussion is the following:

<signer>

 <type>
   <system value="http://hl7.org/fhir/contractsignertypecodes"/>
   
   <display value="AuthorID" />
 </type>
  <party>
   <reference value="Patient/f002"/>
   <display value="P. German"/>
  </party>
  <signature value="The signature is required; in my example I just wanted to express that the Patient himself signed the paper consent form. Do I need to use actor instead? but what would the actor.role.code be?" />
</signer>

Contract.signer.type (ConsentDirective.signer.type) is defined as "Role of this Consent Directive signer, e.g. patient who is Consent Directive Grantee, the Substitute Decision Maker such as a person with Power of Attorney to whom the patient has granted or delegated rights to execute a Consent Directive on the patient's behalf, a notary public or witness."

  • There are other questions regarding this example that we need to continue working on.

* patientConsentDirective example by Tarik:

<Contract xmlns="http://hl7.org/fhir">
  <id value="pcd-example-org-access"/>
  <text>
    <status value="generated"/>
    <div xmlns="http://www.w3.org/1999/xhtml">This scenario is based on existing jurisdictional policy and are realized in
       existing systems in Germany. 
  There is no implied consent in these scenarios and therefore the default policy is one that generally does not allow access 
  and usually does not allow publishing either. 
    <p>
  This consent expresses the patient's agreement to grant access to a specific provider organization
  </p>
  <p>
    Patient "P. German" is currently being treated at Oldtown Hospital but will be transferred to Good Health Clinic.  P. decides
   that he would like to grant temporary access to his cross-enterprise record to Good Health Clinic
   </p>
   </div>
  </text>

  <issued value="2015-11-18"/>
  <subject>
    <reference value="Patient/f002"/>
    <display value="P. German"/>
  </subject>

  <!--   The example uses policies defined by the HIE, which we will call "GoodHIE"; these policies are code representations 
      of the legal text defined by the HIE's lawyer; the lawyer made the rules in this example 
      according to the data privacy laws of Germany and the german federal state of Hamburg - I'm not sure 
      what the authority and domain should be here
 Technical Question: + or %20 encoding for spaces in references?
 -->
  <authority>
      <reference value="Organization/Good+HIE"/>
    <display value="Good+HIE"/>
   </authority>
    
   <!--   and/or would this [also] go into Contract.domain as a Jurisdiction?? (see the example
   on UK Pharamacy Juristiction)   -->
  <domain>
      <reference value="Location/FederalRepublicOfGermany"/>
      <display value="Germany"/>
   </domain>
  <domain>
      <reference value="Location/Hamburg"/>
      <display value="Hamburg"/>
   </domain>
   
  <type>
  <!-- generic code for privacy consent directive -->
     <coding>
      <system value="http://loinc.org"/>
     <code value="57016-8"/>
   </coding>
  </type>

  <!--   what if the policy expressly forbids marketing access while at the same time allows? 
    the referenced policy should determine effect, in many cases it cannot easily be summarized -->
  <!--subType>
     <coding>
     <system value="http://www.infoway-inforoute.ca.org/Consent-subtype-codes"/>
     <code value="Opt-In"/>
     <display value="Default Authorization with exceptions."/>
   </coding>
  </subType-->
 <signer>
  <type>
  <!-- Not sure whether to use authorId or consent for this (in this example the patient himself signed the paper consent) 
  also, the coding element failed during validation, it works when I put system and code directly under type-->
   <!--coding-->
    <system value="http://hl7.org/fhir/contractsignertypecodes"/>
    <code value="1.2.840.10065.1.12.1.1"/>
    <display value="AuthorID" />
   <!--/coding-->
  </type>
   <party>
    <reference value="Patient/f002"/>
    <display value="P. German"/>
   </party>
   <signature value="The signature is required; in my example I just wanted to express that the Patient himself signed the paper consent form. Do I need to use actor instead? but what would the actor.role.code be?" />
 </signer>
 <term>
  <!-- I'm trying to reference an existing policy which is identified by a OID 
   and is coded into a XACML policy definition which is available through Good HIE's policy repository;
   1. is it OK to use the term identifier for this? the other information in this term is not identified by the OID, 
     it applies on top of the referenced policy. 
   2. I would have prefered to use a proper reference, which (assuming the policy repository has a REST interface) could be retrieved 
     by the client via a GET, with the response being the XACML content -->
   <identifier>
    <value value="2.999.9.5.4.3.2.1" />
   </identifier>
    <!-- I could have put the duration up into the top Contract element as well, 
   but I decided to keep the additional constraints to the referenced policy in one place -->
   <applies>
    <start value="2015-11-18" />
    <end value="2016-11-17" />
   </applies> 
   <!-- I don't need a type, since I have referenced a much more precise XACML definition -->
     <!--type>
      <coding>
        <system value="http://hl7.org/fhir/consent-term-type-codes"/>
       <code value="withhold-from"/>
       <display value="Withhold all data from specified actor entity."/>
      </coding>
   </type-->
   <actor>
       <entity>
         <reference value="Organization/2.16.840.1.113883.19.5"/>
           <display value="Good Health Clinic"/>
       </entity>
       <!-- I left out the patient, since he is already defined as the subject and it allows me to leave out the role as well -->
   </actor>
   <!-- left out the text, the policy description and the friendly text are enough -->
  </term>
   <!--   the terms of the consent in friendly consumer speak   -->
  <friendly>
     <contentAttachment>
     <!-- can I use longer text in here? How would this be displayed - is it different from the div on top? -->
     <title value="Patient P. German agrees to grant access to his longitudinal health record in Good HIE for treatment purposes to Good Health Clinic, as long as they don't use it for marketing purposes"/>
   </contentAttachment>
  </friendly>
  <legal>
     <contentAttachment>
     <title value="The terms of the consent in lawyer speak."/>
     <!--   likely use url pointer to common text   -->
   </contentAttachment>
  </legal>
</Contract>