May 2017 CBCC Working Group Meeting - Madrid, Spain
Contents
DRAFT 2017 May Working Group Meeting - Madrid, Spain - CBCC WORKING GROUP
Community Based Collaborative Care (CBCC) WORKING GROUP SESSIONS
Agenda and Meeting Minutes
Day | Date | Qtr | Time | AGENDA ITEMS | Session Leader | Room |
SUN | MAY 07 | Q1 | 9:00-10:30 | No Meeting | . | |
Q2 | 11:00-12:30 | No Meeting | . | |||
Q3 | 1:45 -3:00 | No Meeting | . | |||
Q4 | 3:30 -5:00 | No Meeting | . | |||
MON | MAY 08 | Q1 | 9:00-10:30 | No Meeting | . | |
Q2 | 11:00-12:30 | No Meeting | . | |||
Q3/ Q4 | 1:45 -3:00 / 3:30-5:00 | @CBCC Joint CBCC-Security
New Joint Project review, (if any)
|
CBCC | Room TBD | ||
TUE | MAY 09 | Q1 | 9:00-10:30 | No Meeting | . | . |
Q2 | 11:00-12:30 |
|
CBCC | Room TBD | ||
Q3 | 1:45-3:00 | @CBCC Joint w/Security, Mobile Health
|
CBCC | Room TBD | ||
Q4 | 3:30 - 5:00 | @CBCC Joint w/FHIR Infrastructure
|
. | Room TBD | ||
Q5 | 5:15-6:15 | Birds of a Feather: | . | Room TBD | ||
Q5 | 5:15-6:15 | Birds of a Feather: | . | Room TBD | ||
WED | MAY 10 | Q1 | 9:00-10:30 split-meeting | @EHR Joint w/Security, CBCC, SOA, FHIR
See EHR Agenda for topics Electronic Health Records Hosting |
EHR Hosting | Room TBD |
Q2 | 11:00-12:30 | @CBCC Joint w/FHIR Infrastructure
|
CBCC | Room TBD | ||
Q3 | 1:45 -3:00 |
|
CBCC | Room TBD | ||
Q4 | 3:30 -5:00 |
|
CBCC | Room TBD | ||
THU | MAY 11 | Q1 | 9:00-10:30 | @Security Joint CBCC-Security | ||
Q2 | 11:00-12:30 | No Meeting | . | |||
Q3 | 1:45 - 3:00 | No Meeting | . | |||
Q4 | 3:30 - 5:00 | No Meeting | . | |||
FRI | MAY 12 | Q1 | 9:00-10:30 | No Meeting | . | |
Q2 | 11:00-12:30 | No Meeting | . | |||
Q3 | 1:45 -3:00 | No Meeting | . | |||
Q4 | 3:30 -5:00 | No Meeting | . |
Q1=9:00 – 10:30 am; Q2=11:00 – 12:30 pm; Q3=1:45 – 3:00 pm; Q4=3:30 – 5:00 pm
Meeting Minutes Draft
2017 – CBCC Working Group Meeting, Madrid Spain
CBCC Monday Q3
Attendees:
- David Pyke (david.pyke@readycomputing.com)
- Danielle Friend (dfriend@epic.com)
- Ardon Toonstra (a.Toonstra@furore.com
- Trish Williams (patricia.williams@flinders.edu.au)
- John Moehrke (johnmoehrke@gmail.com)
- Alexander Mense (mense@technikum-wien.at)
- Bernd Blobel (bernd.blobel@klinik.uni-regensburg.de)
Agenda: CBCC & Security Report Out International Report Out
CBCC Report Out
SPIA Continues to be stalled until Mike Davis or appointee can take over as editor
John Moehrke willing to be responsible for SPIA. Talk to Mike Davis to have it turned over or at least the most recent version submitted to the committee.
FHIR Consent
- Consent to share as stable as possible
- Advance Directive showing promise with several directives able to be covered without significant change
- Research stalled without input from BRR. DP to visit BRR to gain attendees
- Treatment in initial stages
- Workflow to be covered this week with FHIR-I including potential for a ConsentRequest resource for gaining consent where none currently exists
Security Report out
- Reconciliation of trust framework specification – taking place later – dynamically creating trust frameworks (possibly via policy)
- Only defined trust elements and framework
- Selection of policies
FHIR Security
- Audit, Provenance, security labels Need test scenarios
- Some open issues
- Interest from use case regarding SUBSET regarding update
- Two mechanisms – security tags and Summary
- How will server know if the push is the result of a subset, that missing are not to be removed – potential for profile/dynamic profile to manage
- How to request SUBSET (e.g., w/o gender or race)
- If message with SUBSET, how would be dealt with
- Redacted state for FHIR returned data
- Purpose of use is potential use case
- A profile that creates a subset is only one form of de-id, and that starts a bigger problem that may break profiles
- FHIR Data model is limiting and causing profiles to break the model
- ICT ontology should be examined as an issue (Bernd)
- SMART on FHIR and Oauth are moving into HL7.
- FHIR-I is hosting, but Security is asking for comment
- Smart should not be seen as the one way.
- Some constraints are in there but the meet only a subset of FHIR use-cases
- Digital signature vocabulary only has ASTM as a source
- Use ASTM to add to vocab despite ASTM no longer meeting or use HL7 vocabulary
- DSG [IHE] is final text
International report out
Some work concluded regarding specifications
- ISO25237 Health info Add to dictionary
- Approved IS which has been published.
- Accepted for use by EU parliament
- Guidance on health information education
- ISO 21298 HI Functional and structural Roles
- Organizational relationships
- Functional relationships
- Global overview how assignments are in various countries
- Includes international coding
- PKI 17090 Part 5 using PKI creds – Launched by Japan
- Completing the framework
- Tooling underway
- TC215 WG4 extended scope to new technology
- Cloud – usage, risk assessment, frameworks
- TS11633 Remote for medical devices (Japan)
- Not ready for publication
- Framework stated 2008, Published by TR.
- Audit trail 27789 changed relationship with DICOM and HL7
- DICOM passed audit trail proposal with part 16 with vocabulary fixes
- Part 15 added patient record or codes same implementation model
- Supplement 95 incorporated
- System review attempted start to discuss ADA
CBCC Monday Q4 Presentation by Bernd Blobel on Ontology based standards and effect on current Trust Framework work by Security (to be attached, Kathleen video/audio recorded)
Attendees:
- David Pyke, Co-chair
- Ed Hammond
- Hideyuki Miyohara
- David Booth
- Richard Esmark
- Trish Williams
- Alexander Mense
- Mark Shafarman
- Pat Van Dyke
- Steve Hofnagel
- Gora Datta
- Bernd Blobel
- Kathleen Connor
- Stan Huff
- Susan Matney
- Galen Mulrooney
- David Booth
- Claude Nanjo
- Lori Reed-Forquet
- Nancy Orvis
- Muhammad Asim
Coverage of the Trust Framework was minimal due to large numbers of questions on the base concept of Ontological-based system design. Examples and more detail to be added to the presentation deck
Tuesday Q2
No Quorum
Tuesday Q3
Attendees:
- David Pyke, Co-chair
- Hideyuki Miyohara
- William Jones
- Alexander Mense
- Reinherd Egelkraut
- Karl Wolzer(?)
- Matthew Graham
- John Moehrke
- Frank Ploeg
- Gora Datta
- Mobile Health – cMHAFF update (Presentation deck to be attached)
- 200,00 Consumer Heath Apps, 90% in question, 12% potentially deadly
- MH looking for assistance on what to add for privacy/security
- Consensus on who cMHAFF was for is missing. Large amounts are US only. It was moved back to the reliability and safety of exchanged data.
- Mheath subset of the EU eHealth requested that MH stops work and moved to mHealth. All publication stopped.
- Guidelines were considered suggestions for app developers entering the space. Consumer decides if they want to use the app.
- Moving to a conceptual framework. Has an aspirational aspect for app development
- Would like guidance for concepts and terms for risk assessment for privacy and security. What are the layers for best/moderate/minimal adherence
- Certification standards exist, created with Privacy by Design, risk based security
- App devs, users may not care when recommending
- Trust frameworks may be needed and calculated. Adds social and environment aspects
Tuesday Q4
CBCC FHIR Consent Issues
- FHIR Consent Issures
- Creation possibilities for ConsentRequest resource and mapping to handle use care for gaining treatment or other consent where not existing, across organisations
Wednesday Q2
Attendees
- David Pyke, Co-chair
- David Hay
- Ardon Toonstra
- Alexander Henket
- FHIR Consent Comment Resolution
- Reviewed comments: 12666, 13313, 13358, 13360, 13361
- Discussed potential for source to link to physical location, awaiting use case to see if actually needed. Potential to have location added to document reference or attachment type
Wednesday Q3
No quorum
Wednesday Q4
Attendees
- David Pyke, Co-chair
- John Moehrke
- Marten Smits
- Ashley Duncan
FHIR Consent review Reviewed comments:
- 12666 (Add Consent V2 mappings)
- Test mappings added. Further review at the Weekly meetings
13313 (Add note / comment to Consent)*
- Awaiting use case
- 13358 (Make Policy and PolicyRule a codeableconcept instead of URI)
- Implementers confused by the two example links, recommended to change
- Further review at Weekly meeting
13360 (Remove invariant “Either a Policy or PolicyRule”)
- Unlikely due to requirement for consent. Further review required.
13361 (Add option to allow for specifying whether a consent was verified by the patient or his/her family))
- Useful for all treatment and advanced directives
- Voted to accept 13361 4-0-0