Community-Based Collaborative Care Working Group Meeting

Back to CBCC Main Page

Meeting Information

Attendees

Back to CBCC Main Page

Agenda

1. (05 min) Roll Call, Approve Meeting Minutes from March 08, 2016 CBCC Conference Call
2. (15 min) Ballot Reconciliation for Consent Directive
3. (10 min) - Vote on CBCC sponsor approval of PSS
   • Link to Project Scope Statement
   • Joint project team meetings (CBCC and ARB) are held weekly on Wednesdays at 4 p.m. Eastern.
   • CBCC members who are interested in this work are encouraged to attend.
4. (10 min) Review HL7 2017 ONC Interoperability Standards Advisory Cover Letter and HL7 2017 ONC Interoperability Standards Advisory draft recommendations
5. (05 min) CBCC co-sponsorship of HL7 v.2.9 v2.5 and v2.9 Consent Segment Use Cases and Elements
6. (15 min) FHIR Change Requests #8526- Discontinued medications, reason code/text
7. (01 min) Healthcare Security and Privacy Access Control Catalog - Update post ballot
8. (05 min) PASS Access Control Services Conceptual Model - (Standing agenda item) update (Diana)
9. (05 min) Joint EHR, Security, Privacy Vocabulary Alignment - (Standing agenda item) update (Diana/Mike)

**New**  
FHIR Security Topics  in support of FHIM
Meeting Information:  Tuesdays 2:00PM PT/5:00PM ET
Phone: +1 770-657-9270, Participant Code: 994563 hosted by Security
Web meeting Info:   https://global.gotomeeting.com/join/520841173  
Discussion includes: Security - Audit, Provenance, Labels, Signature

**New Day Time!!** 
FHIR Consent Profile (FHIR Privacy IG)  FRIDAY 10AM PT / 12NOON ET hosted by CBCC
GoToMeeting information: https://global.gotomeeting.com/join/520841173 
Phone: +1 770-657-9270, Participant Code: 994563 

Meeting Minutes (DRAFT)

Meeting Minutes for March 8

Unanimously approved (10 approve / 0 object / 0 abstain)

Ballot Reconciliation for Privacy Consent Directives

• Ioana requested the most recent ballot reconciliation sheet (some items have already been resolved/approved by CBCC WG)
  • ACTION ITEM: Suzanne (or Johnathan) to follow up and provide spreadsheet to Ioana
  • Ioana will attempt to provide resolutions offline and present during the CBCC meeting to expedite the resolution process

Healthcare Privacy and Security by Design IG

Not enough consensus was reached on today’s CBCC call that the PSS touches all the salient points of the discussion that was held. The discussion on today's call dealt with the following:

There are two different worlds involved here:

1. Much of what was discussed during today’s call – the idea of taking a PASS-type approach leveraging the recently balloted HL7 Security Labeling Service (SLS), or other privacy-related capabilities, and specifying whether we’d want to take this to OMG or just leave it as a conceptual model – is already covered by an open PSS owned by the Security WG: Privacy and Security Framework PSS2.docm Privacy and Security Architecture Framework revised and renamed Project 914 Scope Statement from 2015
2. This particular PSS (Healthcare Privacy and Security by Design) is proposing a set of processes by which WGs within HL7 would include, in their specifications, considerations for Privacy and/or Security by Design, much like we started under the Security Risk Assessment Cookbook and what is available in IETF, W3C, and DICOM. This falls more into the bucket of creating a process by which WGs would follow. Whichever HL7 product (i.e., specification) is produced, the WG has considered privacy and security to the best of its ability.

The end product of World #2 might be an informative guide for internal HL7 projects AS OPPOSED TO a design implementation guide. Privacy by Design is a guide for an organizational system that, when followed, ensures you have considered privacy as fundamental to the design. Privacy by Design does not at all mandate service-oriented architecture (SOA) or even have in it services built. It has processes.

THE CHALLENGE:

SAIF has different layers of specificity. Where do you want to be? At the logical level? The process specific level? The conceptual level? If you want to provide guidance to implementers to consider Privacy by Design in their applications, you’re going to have the implementation of SAIF as conceptual in nature. We need to tease out what exactly are the testable criteria; how high level are they going to be?

• We want to be at the platform-independent level where we give guidance to groups who are going to create test scripts for their product line.
  • Let’s then say in the PSS that we want to be at the platform-independent level that illustrates how Privacy by Design is incorporated in clinical information systems.
• We still need to name the specific product that’s going to be produced from the PSS.

ACTION ITEM: Rick to consult with ARB WG to answer the questions above, and streamline/clarify the PSS. He will then bring the updated PSS back to CBCC and ask for an approval vote during next week's meeting.

Review HL7 2017 ONC Interoperability Standards Advisory Cover Letter and HL7 2017 ONC Interoperability Standards Advisory draft recommendations

• Kathleen sent out the most recent close-to-final draft. It incorporated some issues that John and Ioana brought up and comments on the overarching approach.
• We don't have to vote on the recommendations. If they interest CBCC members, they are asked to contact Kathleen or Jim by the end of the week.

FHIR Change Requests #8526- Discontinued medications, reason code/text

• This CP emerged from work on the BH DAM.
• Confirmed it was a requirement not only for BH providers to specify reason why a medication has been discontinued, but also for specialists.
• The BH DAM team submitted that change request against the FHIR Medication Resource.
• Discussed issue with Pharmacy WG. They said the medication list is best means through which to specify why a medication may have been discontinued, but typically, medication orders that have been discontinued are not necessarily sent out by the organization.
• We recognized it would be useful to convey the reason why a medication was discontinued in a medication statement. Right now these statements do not have an explicit way to denote that a medication was discontinued, but there are coded concepts (reason medication was not taken). This is tricky. Can you use the "reason medication was not taken" as a substitute for "reason medication was discontinued?"
• Pharmacy WG suggested we could create the FHIR Profile on Medication Statement that would explicitly guide people who are trying to use "reason medication was not taken" as a way to convey the reason why a medication was discontinued by a provider (convey this to another provider).
• ACTION ITEM: Ioana to send feedback on resolving this issue to Pharmacy before the deadline.

Healthcare Security and Privacy Access Control Catalog - Update post ballot

• Suzanne received an email from Nancy Orvis and the other negative voters from DoD. Suzanne showed her the ballot reconciliation sheet and the updated ballot document. We are still waiting for DoD to withdraw their negative.

PASS Access Control Services Conceptual Model

• Diana is still waiting to hear from Alex Mense on whether he's been able to talk with Bernd Blobel.

Joint EHR, Security, Privacy Vocabulary Alignment update

• Meetings have been on hiatus. We should be starting again next week per Reed Gelzer's email. ISO 21089, which provides a lot of the definitions that have been discussed in the meetings, has been submitted to ISO/TC 215 in preparation for the meeting in Amsterdam in May. Diana is still waiting to hear from the TC 215 Secretary on what the process is for folks outside of TC 215 to make comments on standards. There are a few things in ISO 21089 that are of concern to CBCC in terms of provenance and to Security in terms of the FHIR AuditEvent Resource.

Meeting adjourned at 1158 Arizona Time