This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

February 21st, 2012 CBCC Conference Call

From HL7Wiki
Jump to navigation Jump to search

Community-Based Collaborative Care Working Group Meeting

Back to CBCC Main Page

Meeting Information

Attendees

Back to CBCC Main Page

Agenda

  1. (05 min) Roll Call, Approve Minutes & Accept Agenda
  2. (5 min) ONC Privacy & Security Mobile Device Roundtable Input
  3. (40 min) Behavior Health CCD Vocabulary Analysis (continued)

Meeting Minutes

ONC Privacy & Security Mobile Device Roundtable Input

  • Discussion held between attending members including possible scenario use cases of mobile devices being used to introduce fraud in healthcare as well as new innovations such as the ability to turn on phone camera from a remote area.
  • Of pertinent interest: are there capabilities defined in the EHR functional model that may need to be looked at specifically from the perspective of being performed on a mobile device? For example, what are the requirements for authentication? Perhaps there is a need for a functional profile (of the EHR-FM) for a mobile device.
  • Narender Reddy: from eCompubill.com reported that the company is already providing access to some billing information to customers via mobile devices. For example, they are able to download OBR segments that have been reformatted to display a radiology report on an iPad or Mobile device. **Narender asked whether the OBR segment can be placed in “security mode” since while the OBR segment does not include the patient identification information, it still has references to provider information that may require security and may also have the patient name as part of the narrative.
  • Probably the biggest concern is the ease and frequency of which mobile devices can be misplaced or stolen. How do you protect the information that may be stored on that device?
    • Are we going to require that authentication of the client is duplicated at the application level as well?
  • Erin Fitzsimmons raised a number of issues that make this a relevant question for the CBCC work group.
    • Mobile devices can be controlled by outside entity via the carrier’s network to be turned into a camera, recording device, or to control another device (laptop, etc.).
    • Is there some minimum level of authorization and authentication that is necessary for mobile devices to lock out some of the potential hacking that could take place?
  • Decision:
    • There is concern that the issue is primarily security related than privacy related and that security should also provide input. **CBCC input will be headed by Erin Fitzsimmons and assisted by Serafina and Ioana. Erin Fitzsimmons will develop a wiki page to capture discussion, issues and information related to this topic.

e-mail to HL7 Co-Chairs:

ONC's Office of the Chief Privacy Officer in cooperation with the HHS Office for Civil Rights (OCR) launched a Privacy & Security Mobile Device project. HL7 may have an opportunity this Spring to provide input into this project during a public roundtable. Although the focus is on privacy and security and many of those elements may be outside of HL7's domain as they are managed through lower level protocols, operating systems, etc., there is a sense that some of our standards may be, or may need to be applicable and sensitive to the context of a mobile device where the data exchanged is consumed.


We would like to get your input whether your workgroup already has, is planning to develop, or would believe there should be HL7 standards and/or guidance to enhance on the privacy and security of mobile devices. For example, are hardware/OS/network solutions sufficient to achieve appropriate privacy & security levels unique to mobile devices, or should additional data be available at the application level to enable appropriate restrictions by the application at that mobile device, or should we be completely agnostic to that context? Are there capabilities in the functional model that should be further defined uniquely to mobile devices, or is that context irrelevant?

A further question may be whether with the expansion of mobile devices there are other aspects beyond privacy & security in particular and that are unique to mobile computing that HL7 workgroups are already focusing on, have plans for, or should be considering. Although the primary focus of this question is on the Security, Healthcare Devices, EHR, CIC, and CBCC workgroups, other workgroups may have some perspectives as well that we should consider. We would appreciate your feedback by March 31 to help us determine how HL7 should respond to a request to contribute to the public roundtable.

You may post this on the PAC wiki page for Privacy & Security for Mobile Devices, or forward to either John Speakman or Hans Buitendijk.

Policy Advisory Committee Co-Chairs:

Hans J. Buitendijk Siemens Medical Solutions USA, Inc. Standards & Regulations Manager

John Speakman Chief Program Office NCI Center for biomedical Informatics and Information Technology

Behavioral Health CCD Terminology Analysis - discussion continued

The remainder of the meeting focused on continued review of the BH CCD terminology mapping.

  • Current version of the terminology analysis
  • The terminology analysis will be updated based on today's review and will continue during next Monday's BH CCD Terminology meeting (held each week on Monday @ 2 PM Easter using CBCC Meeting info) and during next week's CBCC meeting on Feb. 28th

Meeting was adjourned at 3:10 PM Eastern

Back to CBCC Main Page

Retrieved from "https://wiki.hl7.org/w/index.php?title=February_21st,_2012_CBCC_Conference_Call&oldid=59737"