This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

September 2009 WGM Agenda CBCC Tuesday Q4

From HL7Wiki
Jump to navigation Jump to search

Community-Based Collaborative Care Working Group

Attendees

  1. Stephen Chu
  2. Steven Connolly
  3. Suzanne Gonzales-Webb
  4. Bruce Laidlaw
  5. Nancy LeRoy
  6. Galen Mulrooney
  7. Patrick Pyette
  8. Harry Rhodes
  9. Rob Savage
  10. Ioana Singureanu
  11. Chris Smith
  12. Sue Thompson
  13. Richard Thoreson Co-Chair
  14. Serafina Versaggi Scribe
  15. Max Walker Co-Chair

Updates

Healthcare, Community Services and Provider Directory – Ballot Reconciliation

  • Ballot 1 Normative
  • Only three comments on the entire ballot.
    • Line 6 – negative comment related to taking out references to HL7
  • Motion 1: Max – Motion to ask SOA for decision on what action to take on line 6 with a deadline for action two weeks following this working group meeting
    • Galen seconded
    • Vote:
      • 2 Abstained
      • 0 Opposed
      • 12 Approved
  • Motion 2: Max – Motion to approve the ballot reconciliation
    • Pat seconded
    • Vote:
      • 2 Abstained
      • 0 Opposed
      • 12 Approved

Composite Privacy Consent Directive DAM - Ballot Reconciliation

  • Second time this has been balloted
  • Around 60-70 comments; lots of affirmatives

Discussion on negative comments

  1. Use of the word Evaluation in the conceptual system "Consent Directive Evaluation Engine". Steve's recommendation is to change it to "Consent Directive Decision Engine"
    • Evaluation speaks to a more open ended process rather than a computed process - options are well defined and therefore Decision
    • Consent Directive Decision function is closer to the ISO definition of an Access Control Decision function; XACML and NIST use the term Policy Decision Points
    • Group agreed that Decision is a widely used term and that this change would not be substantive, therefore it was accepted as persuasive and changed to "Decision Engine"
  2. Need to clarify the definition for Personal Health Records (PHR). Lot's of confusion about the use of the generic term for a person's health records as Personal Health Records.
    • This was not meant to refer to the product Personal Health Records but to a person's electronic health record. We need to re-define the term PHR, since it was not meant to refer to records that are entered by the person/patient themselves
    • Also need to clarify the use of two terms PHI (Protected Health Information) and IIHI (Individually Identifiable Health Information). Decision to remove references to PHI because PHI is tied to particular US legislation and therefore is not universal. Instead the term IIHI will be used exclusively in the document. IIHI also being used by HITSP TP30 and in ARRA
    • How IIHI is entered into the "system" is not material to this ballot
  3. Figure 7 – Add Constraint Catalog (Security WG Request)
    • Disposition: Consider for future use
  4. Line 21: Changed multiplicity of result returned for getConsentDirective( ) to 0…* from 1
    • This brought up the question whether a person can have more than one consent directive for a specific purpose of use.
      • This is not the place to make implementation decisions
      • Zero or more Parameters for this operation allow this to be posssible
  5. Many comments that additional use cases were not considered
    • This specification deals only with Use Cases that appear in Appendix A
    • Any new Use Cases included in the comments will be investigated. Some may already be covered by existing Use Cases; new ones will be entered and considered for future use once validated by the Work Group as true Use Cases.
      • Pat: Taboo fields. This refers to Provider Directives as compared to Patient/Client Consent Directives, but it is just another flavor of Consent. This means, don’t disclose this information to the patient without the following conditions (or no under no condition).
        • Disposition: Consider for future use
    • Use Case submitted by Michele (Canada) related to research on population data was referred to Security Work Group for consideration, but disposition for this comment is determined to be out-of-scope for this ballot since population data is inherently de-identified data
    • Use Case: if you have the right to consent to anything, you also have the right of access and the right to correct
      • Probably out-of-scope for this DAM, but should it be considered
      • Harry: This brings up the challenges faced by Health Information Managers is complying with the Accounting of Disclosures mandated by HIPAA. Have you considered a Use Case using this information to track Accounting of Disclosures to give a patient an accounting of all disclosures made?
        • Ioana: The Override analysis could be re-used. What kind of information do you collect on Consents (who, for what purpose). Override Use Case was taken out of the DAM because it was considered out of scope
        • Pat: Let's forward this to PASS, since this is Audit. This particular Use Case will be referred to PASS and should be addressed by Audit Service re-using the Override Analysis
        • Aside: Harry submitted a proposal to create a Use Case for Accounting of Disclosures which will be considered by the CDA Implementation Guide project if passed
    • Transfer patient care: The DURSA - what happens if requestor is in different jurisdiction than sender. Jurisdiction of the sender applies


Action Item: Pat Pyette to meet with Michele and XXX to clarify/resolve negative comments

  • Reviewed up to line 48 in this quarter
  • Motion to approve the comments through line 48
    • Seconded
    • Vote:
      • 2 Abstained
      • 0 Opposed
      • 12 Approved
Retrieved from "https://wiki.hl7.org/w/index.php?title=September_2009_WGM_Agenda_CBCC_Tuesday_Q4&oldid=27545"