This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

HL7 Data Provenance Project Space

From HL7Wiki
Revision as of 04:03, 4 January 2015 by Kathleenconnor (talk | contribs)
Jump to navigation Jump to search

Back to: Back to CBCC Main Page - Project Section


Meeting Info

  • Call start date: Jul 7, 2014 to Dec 29, 2014 3:00 PM - 4:00 PM EST
  • To join the calls, please register at:https://www3.gotomeeting.com/register/868770014
  • Once registered you will receive an email confirming your registration with information you need to join the Webinar. VOIP & Local Access Numbers provided.
  • NOTE - we will not be using the HL7 call line that is provided by default for this call.

Introduction

This page provides a focal point for the HL7 Data Provenance CDA Project: a hub for connecting to its artifacts, discussions, status and links to related projects and work groups. Most of the technical content for this project will be contained within its artifacts which will be linked via this page and stored on GForge.

Overview and Status

The US Office of the National Coordinator (ONC) in HHS, Office of the Chief Privacy Officer, has initiated the data provenance project within the ONC Standards and Interoperability Framework (S&I) to develop standards and guidance required to establish the means by which health information technology can be used to support clinical, organizational, and jurisdictional requirements to capture, manage, and convey provenance about health information. A key driver for this initiative that ONC references is the recommendation made in the President’s Council of Advisors on Science and Technology (PCAST)report “Realizing the Full Potential of Health Information Technology to Improve Healthcare for Americans: The Path Forward”, December 2010 that US healthcare more fully leveraging the value of provenance to optimize patient safety, privacy, and trust in nationwide health information exchange.

We recognize that there are existing literature and projects, which lend themselves to alignment and harmonization. This project will create a reusable building block that may serve as a core component for these projects going forward. The HL7 Data Provenance project has begun development of an implementation guide that constrains the CDA in support of the ONC Data Provenance Initiative use cases, which may be used in conjunction with other the HL7 CDA Implementation Guides. The project will consider and support future development of additional FHIR artifacts and HL7 codes and value sets as needed. Much of the technical development work, including use case artifacts, requirements documentation, vocabulary harmonization and new value sets, and CDA modeling, will be conducted under the auspices of the ONC Data Provenance Initiative within the Standards and Interoperability Framework [S&I]. Artifacts, project calendar, call logistics, and other resources are available on the S&I project page.

HL7 Data Provenance CDA IG Draft

The most current Draft Data Provenance CDA IG is available for review prior to the September 2014 ballot publication deadline:

HL7 Data Provenance Project Scope Statement

HL7 Data Provenance Project September 2014 Ballot Material

HL7 DPROV Resources: Presentations, Tutorials, & Data Provenance Papers and Articles

Pre-Publication Version

The Data Provenance ballot artifacts will be available for review prior to the September 2014 ballot publication deadline:

DPROV CDA IG September 2014 Ballot Spreadsheet

S&I Data Provenance All-Hands and Tiger Team calls

Use Cases

Related HL7 Projects and Work Groups

W3C PROV Project

Provenance refers to the sources of information, such as entities and processes, involved in producing or delivering an artifact. The provenance of information is crucial in deciding whether information is to be trusted, how it should be integrated with other diverse information sources, and how to give credit to its originators when reusing it. In an open and inclusive environment such as the Web, users find information that is often contradictory or questionable. People make trust judgments based on provenance that may or may not be explicitly offered to them. Reasoners in the Semantic Web would benefit from explicit representations of provenance to make informed trust judgments about the information they use. With the arrival of massive amounts of Semantic Web data (eg, Linked Open Data) information about the origin of that data, i.e., provenance, becomes an important factor in developing new Semantic Web applications. Therefore, a crucial enabler of the Semantic Web deployment is the ability to the explicitly express provenance that is accessible and understandable to machines and humans.

•Who played what role in creating the data. •Who owned the data. •Who contributed to the data. •How data was modified from its first revision. •How other data affected the current data. •What tools where used to generate each version of the data •etc. W3C Provenance Definition: "Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance."

DPROV Relationship of Provenance and Privacy

  • Helen Nissenbaum PRIVACY AS CONTEXTUAL INTEGRITY Paper is foundational for relationship between Provenance and Privacy by specifying a Privacy Framework that ties societal norms for appropriateness and disclosure of information to the context in which it was generated, and the normative expectation of actors that the context integrity of the domain and purpose of the information generated will dictate its further collection, access, use and disclosure: "The central thesis of this Article is that the benchmark of privacy is contextual integrity; that in any given situation, a complaint that privacy has been violated is sound in the event that one or the other types of the informational norms has been transgressed." "Norms of appropriateness dictate what information about persons is appropriate, or fitting, to reveal in a particular context. Generally, these norms circumscribe the type or nature of information about various individuals that, within a given context, is allowable, expected, or even demanded to be revealed." Norms of flow or distribution are the expectations of actors in a context about societal expectations about the appropriate flow/distribution/re-disclosure where doing otherwise is a violation of privacy. This paper underscores the importance of provenance in determining whether context integrity of collection, access, use, and disclosure maintain contextual integrity - the benchmark for privacy.
  • W3C Requirements

Dissemination Exemplar Use Cases: privacy, engineering

  • M-Diss-UR 1: Verify that data, disseminated to some entity for processing, was processed for a purpose which was valid under some generally applied rules of validity, or as stated by the entity upon requesting the data. (privacy)
  • M-Diss-TR 1.1: Represent purposes of using data in a way which can be compared against the provenance of its usage.
  • M-Diss-TR 1.2: Represent the provenance of disseminated data in a way which allows its usage to be checked against pre-stated purposes.
  • M-Diss-TR 1.3: Provide mechanisms to examine data's provenance to check for correct usage according to pre-stated purpose.
  • M-Diss-TR 1.4: Make the provenance representation non forgeable (non-repudation, no man-in-the-middle attack)
  • M-Diss-UR 2: Verify that data, disseminated to some entity for processing, was processed only by that entity. (privacy)
  • M-Diss-TR 2.1: Ensure that any data's provenance information includes the verifiable identity of the entities by which it has been received or has been processed.
  • M-Diss-TR 2.2: Provide mechanisms to verify that data was processed by a particular entity only, by examining the provenance of that data.
  • M-Diss-UR 3: Verify that all of a set of data, disseminated to some entity for processing, was used in that processing. (privacy)
  • M-Diss-TR 3.1: Provide mechanisms to parse provenance information and determine whether all of a set of data was used in a well-defined process


Back to: Back to CBCC Main Page - Project Section