This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "201801 Direct Track"

From HL7Wiki
Jump to navigation Jump to search
Line 25: Line 25:
 
*Don Jorgenson -  Inpriva
 
*Don Jorgenson -  Inpriva
 
*Jim Fisher — MedAllies
 
*Jim Fisher — MedAllies
*Michael Mall
+
*Michael Mall — iShare
  
 
==Scenarios==
 
==Scenarios==

Revision as of 18:41, 4 December 2017

Return to Jan 2018 Proposals

Direct

FHIR is a new standard that defines a web API and related specifications for health data exchange. Direct is an existing federal standard that is widely used in the USA for the exchange of healthcare data. Within the Direct community, Direct Trust provides scalable security and a trust framework through legal contracts, formal policies, accreditation, and a PKI-based trust authority. Because there is such expenditure involved in planning, setting up and maintaining trusted distribution networks, there is strong incentive to leverage existing networks as much as possible. Therefore, this track will explore two possible models of leveraging DirectTrust’s trust framework.

They are:

  • Sending FHIR resources within a Direct Message as an attachment
  • Utilizing DirectTrust certificates with the FHIR RESTful API to enable trust relationships to scale

Pre-Requisites

For all levels of testing the required pre-requisite is the fundamental requirement that all FHIR servers SHALL support the capabilities interaction.

In addition for track 1, participants will need a Direct implementation that can send / receive direct messages with attachments.

Track Administration

  • Coordinator: Luis Maas, EMR Direct - lcmaas at emrdirect dot com
  • Coordinator: Calvin Beebe, Mayo Clinic - cbeebe@mayo.edu
  • Management & Communications: Dr. David Kibbe - DirectTrust President and CEO - david.kibbe@directtrust.org

Expected participants

  • Luis Maas – EMR Direct
  • Bruce Schreiber – MaxMD
  • Don Jorgenson - Inpriva
  • Jim Fisher — MedAllies
  • Michael Mall — iShare

Scenarios

The following scenarios will be exercised within the track:

  1. Sending FHIR resources within a Direct Message as an attachment
    1. Suggested workflow #1: standardized message structure to trigger a FHIR query at receiving end and return result
    2. Suggested workflow #2: encapsulated FHIR queries using Context IG
    3. Suggested workflow #3: FHIR bundles as content to be loaded by receiving FHIR server (as per FHIR Connectathon 16)
    4. Tasks will be documented after approval of use case
  2. Utilizing Direct Trust certificates with the FHIR RESTful API to enable trust relationships to scale
    1. Tasks will be documented after approval of use case

Use Cases for Scenario 1

  1. By law every patient has a right to receive their medical record. To support this, Stage 3 of the CMS Meaningful Use program is further expanding how a patient can gain electronic access to their health information. In addition to view/download/transmit through patient portals, the measure can be fulfilled by patients retrieving their record within 24 hours of its availability via ONC-certified API in a third party application.
    1. MaxMD developed the DirectOnFHIR™ solution demonstrated below for a patient to query their medical record simply by sending a Direct Message to a Direct Address associated with a FHIR interface. Therefore any hospital or provider organization utilizing a FHIR enabled EHR can meet the MU3 requirement by implementing the DirectOnFHIR™ solution and providing Direct Addresses to their patients. Consolidation of login credentials from multiple patient portals to a singular Direct Address with a familiar mail interface could help overcome adoption challenges.
    2. TODO: whose responsibility is it to authorize the query? how are the identity assertions carried in the message validated and secured?
    3. Applications for this patient and consumer Direct Messaging extend use cases beyond the new Stage 3 measure. Patient Direct Addresses also open up a secure and scalable channel for chronic disease management, medication reminders, and most importantly it empowers patients to manage their health electronically.
  2. A simple use case that includes pouring clinician information into a workflow using FHIR as a resource. Specifically, state – FHIR Resources (give the names), problem list, medication list, allergies – and transport these as attachments. Grahame has already demonstrated this use case in his Wiki.

Use Cases for Scenario 2

  1. DirectTrust’s Security Trust Framework and Certificates are used in the first step of identity verifications to the FHIR authorization servers (sign the JSON Web Token).
  2. Dynamic registration backed by trusted certificate ecosystem
  3. Mutual TLS client-server authentication

Help Links

Here are some links to assist implementers:

TestScript(s)

TBD

Results

FHIR Connectathon 17 will be held on January 27-28, 2018 in New Orleans. A link to download the report will be available after the conclusion of the Connectathon

References

Direct, DirectTrust, and FHIR: A Value Proposition