November 13, 2012 CBCC Conference Call
Contents
Community-Based Collaborative Care Working Group Meeting
Meeting Information
Attendees
- Daniel Crough
- Mike Davis Security co-chair
- Adrianne James
- Ken Salyards
- Ioana Singureanu
- Richard Thoreson CBCC Co-chair
- Serafina Versaggi
- Kate Wetherby
Agenda
- (05 min) Roll Cal, Approve Minutes & Accept Agenda
- (35 min) Security Work Group
- Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling
- Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information
- Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label
- Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling
- (05 min) DSTU CDA IG - Update
- (15 min) Behavioral Health Summary project - next steps
Meeting Minutes
RE:Security Work Group - Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling.
Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information.
Discussion:
There are other things that we may want to do other than redacting and masking -
Questions:
- 1.Is Kathleen concerned about this because it is not in the requirements for the pilot for the DSTU? We need to find out what she is referring to here.
Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label. Discussion and Update: For the notion that we have an update to the CDA consent directive. We want to talk about the ballot or the template for the CDA consent directive that would allow us to use the methodology to apply the labels. Our implementation guide is based on the composite and security privacy DAM.
Questions:
- 1. Are you proposing that we need to update the implementation guide, and the DAM As well? Mike responded: Yes, the security people know that we need to update the DAM. Are these updates to the DAM required by the implementation guide?
- 2. You want to create a new template for the consent directive that takes into account the HSC and the vocabulary? Is this correct? The template would tell us how to implement this. We would write a draft and would need some help doing it. We would implement it during the HIMSS demonstration in March and ballot it in May.
- 3. Serafina – Are we talking about the CDA implementation guide for a consent directive that involves a structured representation of the construct consent? Mike responded:It is a template for the CDA R2. Mike would like to have Kathleen on the call before discussing this any further. Mike stated that we would like this work to be done in CBCC as we do not have resources to this work. This dealing with the CDA consent directive belongs in the CBCC. It is a new template for the CDA that will allow us to do the tagging.
Wrap up - We will invite Kathleen to the Security meeting to hold a discussion around how to approach the proposed changes to the CDA Consent Directive. Serafina reminded everyone that the CBCC members agreed to attend the weekly security call to discuss these topics.
Action Items
- 1.All: Please join the Security Work Group calls - Tuesday 5 PM Eastern
- 2.Track down Kathleen and asked her to present the proposed changes to the CDAr2 Implementation Guide for Consent Directives during the Security Work Group call at 5 PM Eastern today.
