This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 13, 2012 CBCC Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(11 intermediate revisions by the same user not shown)
Line 31: Line 31:
  
 
==Meeting Minutes==
 
==Meeting Minutes==
'''RE:Security Work Group''' - Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling.
+
*'''RE:Security Work Group''' - Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling.
  
 
*Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information.  
 
*Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information.  
  
Discussion:  
+
'''Discussion:''' - Is Kathleen concerned about this because it is not in the requirements for the pilot for the DSTU? We need to find out what she is referring to here. Kathleen will be contacted today and asked to join the security call, so that she can provided additional information. 
There are other things that we may want to do other than redacting and masking -  
 
 
 
Questions:
 
#1.Is Kathleen concerned about this because it is not in the requirements for the pilot for the DSTU? We need to find out what she is referring to here.  
 
  
 
*Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label.  
 
*Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label.  
  
Discussion:  
+
'''Discussion:'''
 
For the notion that we have an update to the CDA consent directive. We want to talk about the ballot or the template for the CDA consent directive that would allow us to use the methodology to apply the labels. Our implementation guide is based on the composite and security privacy DAM.  
 
For the notion that we have an update to the CDA consent directive. We want to talk about the ballot or the template for the CDA consent directive that would allow us to use the methodology to apply the labels. Our implementation guide is based on the composite and security privacy DAM.  
  
Questions:  
+
'''Questions:'''
#1. Are you proposing that we need to update the implementation guide, and the DAM As well? Mike responded: Yes, the security people know that we need to update the DAM. Are these updates to the DAM required by the implementation guide?  
+
#Are you proposing that we need to update the implementation guide, and the DAM As well? Mike responded: Yes, the security people know that we need to update the DAM. Are these updates to the DAM required by the implementation guide?  
#2. You want to create a new template for the consent directive that takes into account the HSC and the vocabulary? Is this correct? The template would tell us how to implement this. We would write a draft and would need some help doing it. We would implement it during the HIMSS demonstration in March and ballot it in May.  
+
#You want to create a new template for the consent directive that takes into account the HSC and the vocabulary? Is this correct? The template would tell us how to implement this. We would write a draft and would need some help doing it. We would implement it during the HIMSS demonstration in March and ballot it in May.  
#3. Serafina – Are we talking about the CDA implementation guide for a consent directive that involves a structured representation of the construct consent? Mike responded:It is a template for the CDA R2. Mike would like to have Kathleen on the call before discussing this any further. Mike stated that we would like this work to be done in CBCC as we do not have resources to this work. This dealing with the CDA consent directive belongs in the CBCC. It is a new template for the CDA that will allow us to do the tagging.
+
#Serafina – Are we talking about the CDA implementation guide for a consent directive that involves a structured representation of the construct consent? Mike responded:It is a template for the CDA R2. Mike would like to have Kathleen on the call before discussing this any further. Mike stated that we would like this work to be done in CBCC as we do not have resources to this work. This dealing with the CDA consent directive belongs in the CBCC. It is a new template for the CDA that will allow us to do the tagging.
  
 
Wrap up - We will invite Kathleen to the Security meeting to hold a discussion around how to approach the proposed changes to the CDA Consent Directive. Serafina reminded everyone that the CBCC members agreed to attend the weekly security call to discuss these topics.  
 
Wrap up - We will invite Kathleen to the Security meeting to hold a discussion around how to approach the proposed changes to the CDA Consent Directive. Serafina reminded everyone that the CBCC members agreed to attend the weekly security call to discuss these topics.  
  
 +
*'''RE:DTSU CDA IG''' - Mike presented the short version of the HCS schema that will go to ballot in January. One of the changes the made is to what extent they want to put vocabulary into the document. Mike is not sure how much of the vocabulary information they want to make normative. The question was asked concerning where they will put the provenance of the data? Mike stated that the Provenance is considered to be part of the integrity of the data and will be entered on Table 1 of the document that he presented during the call today. The information in Table 1 on page 5 of the document is what is normative and everything that follows is the descriptive information. Mike says that essentially there are four things that will come out of this process:
 +
*Health Care Classification systems for security labels 
 +
*Vocabulary for those security labels
 +
*The Template
 +
*Implementation guide – This guide could happen post May. We do not have to have it completed in time for the May ballot. 
 +
 +
*'''RE:Behavioral Health Summary project - next steps''' - This topic was not discussed as the group ran out of time. The topic will be added to the agenda for the next CBCC call on November 20.
  
 
[[Community-Based_Collaborative_Care|Back to CBCC Main Page]]
 
[[Community-Based_Collaborative_Care|Back to CBCC Main Page]]
Line 58: Line 61:
 
==Action Items==
 
==Action Items==
  
#1.All: Please join the Security Work Group calls - Tuesday 5 PM Eastern
+
#All: Please join the Security Work Group calls - Tuesday 5 PM Eastern
#2.Track down Kathleen and asked her to present the proposed changes to the CDAr2 Implementation Guide for Consent Directives during the Security Work Group call at 5 PM Eastern today.  
+
#Track down Kathleen and asked her to present the proposed changes to the CDAr2 Implementation Guide for Consent Directives during the Security Work Group call at 5 PM Eastern today.  
  
 
[[Community-Based_Collaborative_Care|Back to CBCC Main Page]]
 
[[Community-Based_Collaborative_Care|Back to CBCC Main Page]]

Latest revision as of 20:39, 13 November 2012

Community-Based Collaborative Care Working Group Meeting

Back to CBCC Main Page

Meeting Information

Attendees


Back to CBCC Main Page

Agenda

  1. (05 min) Roll Cal, Approve Minutes & Accept Agenda
  2. (35 min) Security Work Group
    • Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling
      • Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information
      • Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label
  3. (05 min) DSTU CDA IG - Update
  4. (15 min) Behavioral Health Summary project - next steps

Meeting Minutes

  • RE:Security Work Group - Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling.
  • Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information.

Discussion: - Is Kathleen concerned about this because it is not in the requirements for the pilot for the DSTU? We need to find out what she is referring to here. Kathleen will be contacted today and asked to join the security call, so that she can provided additional information.

  • Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label.

Discussion: For the notion that we have an update to the CDA consent directive. We want to talk about the ballot or the template for the CDA consent directive that would allow us to use the methodology to apply the labels. Our implementation guide is based on the composite and security privacy DAM.

Questions:

  1. Are you proposing that we need to update the implementation guide, and the DAM As well? Mike responded: Yes, the security people know that we need to update the DAM. Are these updates to the DAM required by the implementation guide?
  2. You want to create a new template for the consent directive that takes into account the HSC and the vocabulary? Is this correct? The template would tell us how to implement this. We would write a draft and would need some help doing it. We would implement it during the HIMSS demonstration in March and ballot it in May.
  3. Serafina – Are we talking about the CDA implementation guide for a consent directive that involves a structured representation of the construct consent? Mike responded:It is a template for the CDA R2. Mike would like to have Kathleen on the call before discussing this any further. Mike stated that we would like this work to be done in CBCC as we do not have resources to this work. This dealing with the CDA consent directive belongs in the CBCC. It is a new template for the CDA that will allow us to do the tagging.

Wrap up - We will invite Kathleen to the Security meeting to hold a discussion around how to approach the proposed changes to the CDA Consent Directive. Serafina reminded everyone that the CBCC members agreed to attend the weekly security call to discuss these topics.

  • RE:DTSU CDA IG - Mike presented the short version of the HCS schema that will go to ballot in January. One of the changes the made is to what extent they want to put vocabulary into the document. Mike is not sure how much of the vocabulary information they want to make normative. The question was asked concerning where they will put the provenance of the data? Mike stated that the Provenance is considered to be part of the integrity of the data and will be entered on Table 1 of the document that he presented during the call today. The information in Table 1 on page 5 of the document is what is normative and everything that follows is the descriptive information. Mike says that essentially there are four things that will come out of this process:
  • Health Care Classification systems for security labels
  • Vocabulary for those security labels
  • The Template
  • Implementation guide – This guide could happen post May. We do not have to have it completed in time for the May ballot.
  • RE:Behavioral Health Summary project - next steps - This topic was not discussed as the group ran out of time. The topic will be added to the agenda for the next CBCC call on November 20.

Back to CBCC Main Page

Action Items

  1. All: Please join the Security Work Group calls - Tuesday 5 PM Eastern
  2. Track down Kathleen and asked her to present the proposed changes to the CDAr2 Implementation Guide for Consent Directives during the Security Work Group call at 5 PM Eastern today.

Back to CBCC Main Page