Saturday, April 28, 2012
He has had growths on the eyelid of his left eye before. They irritate the eye. When they have been on the outside of the eyelid, I scrape them off with a q-tip. He had surgery on this eye a couple of years ago to remove a growth when I could not remove it by myself.
He had an issue with this eye two months ago and it did get better after treatment. I left him with my folks while I was out of town on business, and the eye got worse during that time.
I had intended to take him to his regular vet this week, but I will have to be out of town. So, we went to an emergency clinic today to have it looked at. They gave me some fluids to apply to his eye and some drugs to try to reduce the swelling and help with the pain.
I adopted Sonny from Brittany Rescue twelve years ago. He is my best buddy.
I still remember looking at his picture on the BR website before I met him. He looked very happy. I thought he was covered in mud, but realized later that it was just brown spots on his front paws.
When I went out to adopt him, he knew that if he passed the audition, he would get the gig and get to leave his foster home. He was out in the back yard by himself, while the rest of the dogs looked on jealously from their kennels. He was so happy to be loved. He was two years old then. He had been adopted by a family as a puppy, but they gave him up because he was too energetic for them. If I recall the story correctly, he had been placed in at least one other home and was returned because he was too rambunctious for them.
He is a house dog, but acts like a hunting dog when we are outside. He would point bunnies and birds. I had never seen a dog point before. He looked just like the pointing scenes that you see in paintings.
He loved to go camping and hiking throughout the woods in Michigan's forests. And, of course, whenever we got to a lake or a stream or a river he would dive right in. He knew what it meant when I would start packing the camping gear in to the car and would leap in to the front seat in eager anticipation of the long car ride to the adventures to come.
He was very afraid of loud noises, like fireworks or thunder until he got older and deafer. He would curl up at my feet and shiver with fear during thunderstorms.
Sonny loved popcorn and would sit next to me while I watched a movie or a hockey game. I would put a few kernels in my hand and he would eat quite happily eat them.
I'm trying to focus on remembering the wonderful life that Sonny has had with me. I am worried about losing my buddy.
Tuesday, April 24, 2012
I met with the Data Segmentation for Privacy (DS4P) workgroup. These are my notes from the meeting.
ONC S&I Framework face to face
Wednesday Q4 3-6
IG….what will this look like?
Reference Implementations are planned for this summer. Need to make a case back at the office for us to participate. Which projects might be a good fit?
Tiger Team Report=out
Consent management transactions
CDA Consent Directive DSTU (selected)
Draft IG outline is available on the wiki. http://wiki.siframework.org/Data+Segmentation+Information+Interchange
Metadata in context
Use the cda r2 privacy and security vocabularies
How do we explain this so that the user understands it? Is this a requirement? How would we do this? No.. Focus on the technology…..let someone else educate patients.
42 CFR Part 2 requires hiding information and not letting the user know that something is being masked. This is policy. The technology will support other policies.
Alignment of data segmentation with the ehr functional model.
How to identify and annotate protected clinical information.
Don’t be perfect. This is a draft.
The IG will reference the Use Case document. It will not include the UC doc.
The IG will reference the Use Case document. It will not include the UC doc.
See the presentation for more details.
Interesting dynamic between the technical folks and the policy wonks.
Reviewing the IG.
“Push” is an unsolicited transaction.
DSUB – Document Subscription
Walter Suarez presented on HITSC and Privacy Metadata (Pcast)
Tagged data elements (atoms)
HIT Standards Committee Meta data tiger team
- · Patient Identification
- · Provenance
- · Privacy
PCAST called for metadata on every element. HITSC narrowed the focus.
- · Content medadata
- o Datatype (category from a clinical perspective)
- o Sensitivity (special handling instructions)
Three components necessary to enforce privacy:
· Metadata about the content
· Metadata about the requestor.
External Policy Registry, but no implementation specifics
“Policy” is both regulatory (42cfr) and specific (patient does not want data shared with dr. smith)
EU regulation contains “a right to be forgotten” in it. Did HITSC consider this? Issues with lawsuits (how do I defend a decision based on data that no longer exists). Record retention requirements (term of employment plus 30 years).
Proposing to add sensitivity codes
- · Substance abuse (eth)
- · Reproductive health
- · Sexually transmitted disease (HIV)
- · Mental Health (PSY)
- · Genetic Information
- · Violence (SDV)
- · Other
Thursday Q2 -- 1055
Disclosed metadata is recursive? No. Create as much metadata as possible.
Use a rules engine to apply the rules on the clinical data prior to sending the document out.
Thursday Q3 – 1330
Focus on the push transaction and the metadata.
How do you convey multiple policies….repeating structure? There may be more than one policy applied to this document. This metadata will have to be added to XD*
Then we go through the xs* transactions…..very similar.
Thursday Q4 1600
Bundle XDS and XUA to retrieve the document and authenticate who the request is from.
Need to understand the consent directive ig. Go back and read this on the plane.
Where does segmentation happen?
Realized that CDA does not support confidentiality at the entry level (in R2). Will limit segmentation to the document and section level. Plus, there is no reliable way to remove content from the narrative.
Friday Q1 -- 0800
Need to write up a strawman for Donna, Joe and Peter to see if they are interested in being a pilot. Propose Tulsa and Detroit Beacon as potential pilots. Need to engage Mirth and Apelon. Possibly IHIE? Not really. They do not support CDA.
We could do the direct as transport protocol. Generate CCD from Mirth and send it on.
There are pilots of CCDA in the ToC initiative. Need to look at who is involved.
How to pilot? XD* and the exchange of CCDA should already exist. We just need to test the segmentation part of the project.
Need pilots that have different architectures and transport protocols, as it is very unlikely that any one pilot will have all of them.
We already have the use cases. No need to create new ones. Need to pick a pilot that meets some use cases, not all of them.
VA pilot. Using a standard CDA. Working with Apelon. Using standard terminology from Apelon and Value sets to look at the documents. Access control system (ACS). Trying to adapt CCDA to behavioral health. Rules engine to determine what to suppress. GUI for 42CFR Part 2 and Title 38 Section 7332 consent form (one and only one).
Epic has a network of their systems. Care Everywhere. No central repository. Each Epic system is a trusted entity with the others. 56million patients.
Organizations decide how to handle consent. Either opt-in or opt-out. No re-disclosure. Patient has to issue consent to each organization.
Withheld information can be in several categories: Organizations can configure sharing. Some departments can be withheld. Some types of notes can be withheld. Physician flags the note as “sensitive.” Patients who opt out.
Friday Q2 – 1030
Mitre and hData
What is hData
Organizing data. Metadata. Pub.sub model for data exchange. They have their own transport and network api.
hData and green cda are friends. Simpler xml.
Record – section – section document
How does this fit with the use cases and the technologies that we have discussed?
http put, get, etc.
Transforms to and from cda, etc.
Security concerns with this approach. Using xaml with http can be done, but it is cumbersome.
Good applications in mobile health, rendering to a mobile phone.
Data Segmentation for Privacy is similar to Data Segmentation for Security (Intelligence Community). Tagging documents. Similarities between security classification and phi.
Objectives for the pilot.
· Open Dialogue
o Standards and scope
o Requirements – functional and scope
o Landscape survey
· Defining expectations for the pilot
· Success metrics
Are the success criteria complying with the law, or improving patient care?
The default position since the fifth century bc is that the provider discloses only the information that the patient wishes.
The ONC has an eConsent project that connects with patients for feedback. Pilot in western New York.
There is a movement to standardizing consent language. See Ohio.
What are consumer expectations? That we comply with the law!
Pick an environment that is already exchanging and add the segmentation capabilities to that. Trusted exchange!
We will need specific patient buy-in before proceeding.
Test cases only. No legal implications to failure! Whew!!
Friday Q3 – Wrap-up
I love it when the policy wonks work with the geeks.
Two priorities for the next year. Acceleration of mu and S&I