This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

July 31, 2018 CBCP Conference Call

From HL7Wiki
Jump to navigation Jump to search

Attendees

Member Name x Member Name x Member Name x Member Name
x Johnathan ColemanCBCP Co-Chair x Suzanne Gonzales-Webb CBCP Co-Chair x Jim Kretz CBCP Co-Chair x David Pyke CBCP Co-Chair
x Kathleen Connor Security Co-Chair x Mike Davis x John Moehrke Security Co-Chair x Diana Proud-Madruga
x Chris Shawn . Neelima Chennamaraja . Joe Lamy . Greg Linden
x Irina Connelly . Saurav Chowdhury x Dave Silver x Francisco Jauregui
. Mark Meadows . Amber Patel x Becky Angeles . Jennifer Brush
. Mohammad Jafari . Ali Khan x Ken Salyards . Michael Gu
x David Staggs . Bonnie Young x Ioana Singureanu . Beth Pumo
. Lawless x Ken Lord . [mailto:] [mailto:]


Back to CBCP Main Page

Agenda

  1. Roll Call, Agenda Review
  2. Meeting Minutes approval: none to approve at this time
  3. eLTSS Update - Irina / Becky
  4. PSS - CBCP Approval (Ken Lord)
  5. Privacy - Is Privacy Obsolete update - Mike Davis
  6. FHIR Consent

Meeting Minutes DRAFT

Chair - Dave Pyke

eLTSS Last action - draft copy sent to CBCP listserve

  • please review and provide comment
  • changes are being made for flow (almost at final version)
  • Deadline: August 19 - for ballot content
  • please send information to Becky and/or Irina
  • Suzanne to follow up to Anne Wizauer regarding TSC / approval of PSS

PSS – Cross Paradigm To be a co-sponsor for SOA-

  • review of PSS
    • extending previous project (2016) across different domains
    • we have co-sponsors (SOA CIMI) when we went to steering committee, they asked we include a clinical WG
  • using this approach for interoperation in our organizations (long standing work); work done w SAMHSA
    • also working w Suzanne and Kathleen - came forward w/storyboard (specific) in moving this forward
    • KenL would like steering committee approval / resources committed
    • apologies for spelling errors shown PSS
  • Will work be done primarily in another WG or in CBCP - how will updates be given (question from JColeman)
    • There is a use case doc that is in process of finalizing/refining to make sure work is being completed (Suzanne, Kathleen KenL, Sean Muir)
    • sub workgroup will bring work to CBCP WG for recommendations/ feedback (others welcome) - add to CBCP agenda as appropriate, weekly if necessary—we’re happy to do that as well
    • Ioana suggested CBCP involvement, we already have a published cross-paradigm Implementation Guide. This project will elaborate the methodology of the cross paradigm; this will be a generic methodology, if you look up the EHR BH x-paradigm IG—we already have a cross-paradigm implementation guide, my understanding is that this project will elaborate the creation of Cross-paradigm—prior to, we had to document the methodology—if you look at the behavioral health EHR for interoperation, we described the use of BH with shaped data would be used in MU certify for EHRs. This is how you apply constraints in EHRs, …I hope that we can provide our own experiences on Cross-Paradigm constraints on transactions, documents and resources such that in the end we will have a methodology that works for clinical domains such as behavioral health—clearly we have several settings; lots of which is community health that requires a lot of exchanges.
  • Basically, a consistent methodology for cross-paradigm constraints
  • ((Johnathan supports the)) Motion to support CBCP to be a co-sponsor this PSS/Project HL7 SOA Cross-Paradigm Interoperability Project (re-stated by Ken Lord)
  • Motion: Ken Lord / second: Johnathan Coleman
    • No further discussion
    • Vote: Abstentions: Joe Lamy (1); Opposed: None Approval, Motion passes: 14

Is Privacy Obsolete

  • Internationally we review the laws, etc. Progress is being made in privacy but THIS WEEK it’s all going to hell in a handbasket
    • Artificial Intelligence (AI) has huge data privacy issues, information gleaned from AI can tell someone just about anything they need to know about you including correlating undefined individual info;
    • We also don’t know what we don't know...
    • We find that intelligence activities are doing things not in their charters—collecting huge amounts of information on citizens, foreign country intelligence agencies are doing the same thing—advertisers want to know certain things: geographical, income, race, age, educations, political party, locations, etc.; to the extent they can get this from big data. This includes facial recognition. Everything we know is collected something; devices are connected all the time wherein information is collected—these are choices we make
  • We are in more isolated/segment into populations for things that we know.
  • A positive note - Facebook stock plummeted because they are making choice to their information aggregation; awareness of watch lists
  • face book stock plummeted, north American users (Canada) fell by 3 million users
    • HIPAA certified amazon services and what it means for a small company - some company makes chose to publish PII without a password -
      • and this positive...?
    • they suck the soul of information, blunders, optimism that blunder another segment of the population wakes up; when company gets fined or sued out of existence... it’s a very slick way of reading and giving us what we want--this is where we are actually alerted, more awareness for the educated populous...
  • pendulum swings back and forth
    • taking Facebook as an example - daily active users in EU dropped, in US stayed flat (Johnathan Coleman)
  • (MikeD) we cannot underestimate the IOT of big data combined together. We as citizens have no significate weapons to guard in every way we are attacked---i.e. whack-a-mole; they don't need to know you individually...they need to know what your choices are---so they can market you (they market people as groups)…you will be anonymously targeted, even politically, socially, racially, … it’s still harassment you are not anonymous, you are known by your choices
    • (Ioana) We are the product; they are delivering us to their customers; it’s really education, I did not know of the significant drop in daily active Facebook users was in EU and Canada—that says something. In US I expect they will also wake up; customers will sell you products...whatever the business model they're in—Facebook is delivering us to some entity to manipulate the user behavior. Advertising on TV is on because it works to change people’s behavior but if people are forewarned they’ll be heartened toward it and make better decisions.

FHIR Consent

  • CP – for people coming in late--background given on consent statement
    • several weeks ago, at the request of Kathleen - David P went to FMG (Lloyd, Grahame) for documentation on the use of contract vs consent for consent registrations and consent interoperability (see statement); a statement was given to DavidP to bring back to CBCP.
    • Ioana – (comment) we don't have guidance on using consent w provenance; to identify clearly the signatory for a consent (that's what I'm hearing...bouncing around by contract; with contract as a signed document)
 Statement presented by DavidP:
I've been asked to put forward this statement for voting as a motion to the group clarifying our stance on consent in FHIR
<start>
  1. The Consent resource is the correct (and best) way to store and exchange computable consent agreements in a FHIR environment
  2. Formal consent documents are contracts and you may use the Contract resource to capture that aspect of them for attachment to the Consent resource as a source document.
  3. While Consent information may sometimes be found in DocumentReference, Binary, Contract and other resources, Consent is the principle resource for representing consent-related information and is the endpoint where systems should expect to find this information
<end >

Ioana – re: #2 - This would be a Medical records management question – health information management so, if formal consent are contracts that would have to be confirmed by SMEs, in my experience with the VA health, Ioana has not heard that and is questioning the statement in the second bullet, ‘’where formal consents are contracts’’

Johnathan – is questioning 3rd bullet – particularly the ‘’endpoint where systems should expect to find this information’’; if the information is in the contract then the contract is WHERE we should find the information - where in the consent resource might just be an expression of the fact is a contract on file

Point of information (DP)-- Information on consent including granting and denying of access to information for specific purpose is computable via the consent resource. The background given to DP the contract resource was too complex for developers/implementers to feel comfortable with, therefor the information would be captured and brought into the consent resource and then the consent resource would be point of contact of interoperability

(Kathleen) There is a governance issue – that has been discussed among others. Which is one work group is proposing to shape the way implementers will use the resource that is scoped to another WG—which shapes the way that other WGs use it. This has some large implications across all work groups including x-paradigm, contract would be the wrapper for any consent that doesn't have a patient for proposed use of MOU, this needs to have a governce process in place from the TSC. Recommend that we should defer the discussion until the TSC reviews and provides for the proper approach.

Mike would like to suggest clarification of bullets being shown, does not have problem with bullet 1, second bullet would be understandable ‘’ Formal consent documents are contracts ‘’- and would consider the consent to be useful by provider needs to be signed --- and that is a contract. if I give you this consent to sign and you sign it... that's a contract, you agree to these conditions. I do think it is a contract. You can use this as the contract in addition to consent resource

Johnathan - its specific to (sounds like) consent to disclose, that may be expressed with contract. As another note, there are other projects are using FHIR DSTU 2 that are using contract... I still object to last bullet, it might be the principle resource for the developers, but may not be the principal resource for the projects already out there, and again, I cannot confirm the endpoint---we need to hear from the implementers

Per Dave Pyke and we have that why the consent resource is as it is. the implementers around the world there are multiple beyond privacy, general privacy , treatment...

Johnathan- We should hear from people using contract/contract resource and should factor in those who chose to not use consent resource and find out why. supporter of the consent resource, but do not believe that there is a one size unilateral way to do this.

DPyke - To address Kathleen’s point - this is the first stage; the result to be passed on the FMG for reivew and TSC for review and appropriate action will be taken once review is complete

Kathleen - similar actions can occur and put forward items in a way—its problematic across the board governance across, ‘’we need process first’’ before moving forward, where WGs might in turn do the same proposal on consent., this isn’t a good process--we need the process first

DP – I don’t have a process first—I was only asked to bring these statements forward. K – If we don’t have a process to do this—we should bring this up to the TSC

  • Ken Salyards - has question is contract using the STU3 consent?
    • Kathleen - it can reference it – if you wanted to do a contract in—this is recorded as a consent in another artifact.

If we have an update in STU4, it doesn’t need a past contract reference, it can stand on its own. K You can embed the policy element in the contract and not reference the consent Ken

DPyke – current issue given is consent, based on results of motion and vote, I will bring the governance back up to the FMG

  • is it appropriate to move forward without a process in place (jumping the gun) - do we need a governance process first? (we will bring up the governance issue in a separate motion/discussion)
    • can we put that notion on here to the three bullets - in the process of developing we will approach the TSC for proper governance – then we will need to create a governance process for conflicting motions
      • friendly amendment – in the process of developing this we will need to review/create a governance process for conflicting motions; a formal process (DP unsure if this is an appropriate amendment---but do agree that it does need to be addressed)

---concur this is a separate motion.

(Original motion is shown on the screen )

  • first bullet

original motion - is still on the screen and discussion is not complete and we should defer

  • what is the impact of the motion if it passes
    • there is significant confusion in the market - unhappiness in the community ; this is a clarifying motion so that this moves forward in the current/current build and be used as a reference point and beyond
    • language as written - Johnathan cannot support it
  • Additional questions/comments before moving to a vote
    • Mike agrees with Johnathan that further discussion is needed and recommend deferring the vote; further wordsmithing is needed.
  • DP is unsure since there are no other amendments why we need to defer the vote. We need to vote on the current language—we can vote it down, we can adjust/create our own language after that; I’m just trying to move this forward---if there is further question/comment (I have not heard further discussion)
  • JP – will start the discussion with ‘’I disagree with the first bullet and the third bullet and further discussion is needed’’
    • DPyke I have not heard a discussion started
 Consent motion is tabled until next week. 
== separate motion needed for governance process concerns ==

Meeting adjourned