May 25th CBCC Conference Call
Community-Based Collaborative Care Working Group Meeting
- Tabitha Albertson
- Jim Buckner
- Steven Connolly
- Mike Davis Security Co-chair
- Suzanne Gonzales-Webb CBCC Co-chair
- Rob Horn
- Michelle Johnston
- Don Jorgenson
- John Moehrke Security Co-chair
- Milan Petkovic
- Pat Pyette
- Ioana Singureanu
- Richard Thoreson CBCC Co-chair
- Serafina Versaggi scribe
- Tony Weida
- Craig Winter
- (05 min) Roll Call, Approve minutes May 11th CBCC WG meeting, Call for additional agenda items & Accept Agenda
- (55 min) CDA R2 Implementation Guide for Consent Directives ballot reconciliation - negative comments entered by those on the call will be the first to be addressed
1. Action Items
- Serafina: Send invitation announcing CDA R2 ballot reconciliation on 1 June to Keith Boone who requested “In Person” ballot reconciliation
- Also email to Doug Pratt informing of proposed resolutions to negative comments with invitation to attend June 1st meeting if he would like to discuss
2. Resolutions - none
CDA R2 Implementation Guide for Consent Directives - Ballot Reconciliation
Today’s meeting focused on ballot reconciliation. Comments flagged “In Person” resolution were addressed first.
Additional items were added to the consolidated spreadsheet since this version was reviewed on May 25. As the result, item numbers in parenthesis reflect the item number in the current spreadsheet which will be reviewed on June 1
- Keith Boone submitted comments and requested “In Person” resolution but was not present on the call.
- Action Item: Serafina to send invitation to Keith inviting him to attend the CBCC June 1st WG meeting to address his comments.
- Definition for Client as “someone who is eligible for health care” was noted to be too narrow by two reviewers.
- Definition for Client will be expanded to incorporate anyone who may be, may have been or may become a consumer of health care services.
- Item #56 (15): The CDA R2 for Consent Directives is intended to support representation for Consent Directives in multiple ways:
- The Guide will be updated to clarify that the CDA is intended to provide a standard that has multiple options for expressing privacy preferences and for exchanging privacy policies that can be enforced by consuming systems
- to submit a scanned document in the structured body of the document
- to submit structured content
- to submit specific access control mark up language or digital rights management expressions
- Item #62 (21): Figure 3 diagram shows the Consent Directive view of the Composite Privacy DAM. The wrong classes were picked up when trying to show where the header information is represented in the diagram. The diagram will be updated to remove the rectangles and fix the error.
- Item #66 (25): The usage note for Custodian participation in the header could be confusing to implementers.
- The Custodian in this CDA IG is the Custodian of the CDA document (Consent Directive), not the Custodian of the information being protected.
- The usage comment indicates that sometimes the custodian of the Consent Directive may be the same as the Custodian of the IIHI referred to by the Consent Directive, but this is not useful information to the implementers
- The correction is to use the default CDA definition for Custodian.
- Item #67 (26): The statement referred to in this comment was not meant to overload the meaning for Information Recipient. Information Recipient refers to the recipient of the Consent Directive document, not all of the information referred to in the Consent Directive.
- The usage note provides this clarification.
- Items #69-71 (28-30) submitted by John Moerhke require addition information. These items refer to specific items within the BPPC and John wants to make sure that the CDA Consent Directive is consistent with BPPC. John will provide the additional information and these items will be discussed during the next CBCC WG meeting.
- Item #72 (31): The CDA IG will be updated to reflect the recommendation that the XML digital signatures wrapper wraps the CDA document according to local policy
- Item #5: The use of the term Action versus Operation was used inconsistently throughout the document. There was discussion as to which term is most clear to implementers of the CDA Implementation Guide as well as those who thinking about Policy (including patients).
- The RBAC standard uses the term Operation, yet the Privacy bias is to use the term Action.
- Action is a business term while Operation is more of an engineering viewpoint. An action is derived based on the physical type of operation(s) allowed on certain information items.
- The group decided to use the term Action because it is the more Privacy-Policy friendly term.
- A definition for Action will be included in the Implementation Guide so it is unambiguous that Action refers to a certain type of operation on a protected object and that it is clear how the term Action used in the CDA IG correlates to the term Operation used in the Information Model specification.
Motion to adjourn meeting by Serafina; seconded by Richard. Ballot reconciliation will resume on June 1 during the next CBCC Work Group Meeting.
Meeting was adjourned at 3:00 PM EDT
No significant motions or decisions were made