Create a Compartment Security Label tag for CDS (Clinical Decision Support System) to support authorizing CDS to access information to which system end users may not be authorized due to restrictive privacy policies in order to enable patient safety alerts where e.g., an unauthorized provider may be ordering a medication or procedure, which is contraindicated based on masked information in the patient’s record.
From CDS 2019-11-13 Meeting Agenda minutes - CDS feedback on the CDS Compartment Proposal
Continued discussion focused on how the provider systems would know to use this label. The use case is within an HIE, satisfying consent use cases where participants have indicated the information can be shared but only in emergency (which averting a patient safety event would fall under emergency). It's still not clear how providers would know whether or not a given data element should be labelled with this.
The gist of this is that most of the use cases so far in CDS usually the access clearance in a particular instance is bound by the access token provided by the client. This is fundamentally trying to change that so that a CDS Server can have broader access and take into consideration that the client requesting the hook is not necessarily authorized to access.
Agree with the use case and intent, but provide the caveat that it will be difficult (if not impossible) in general to understand when to apply this, given that it's not possible in general to determine what data is required for CDS, because the specific CDS algorithms may not be known ahead of time. Committee also provides the feedback that there should be no expectation (and it should be clearly stated as such) that this has to be used in all cases. It should be a specific policy decision to enable use cases in particular environments. Also recognize that this is not the only mechanism to achieve this use case and implementations should be free to choose alternative mechanisms.
From: Kathleen Connor <email@example.com>
Sent: Friday, November 1, 2019 12:44 PM
To: 'John Moehrke' <firstname.lastname@example.org>; 'Kensaku Kawamoto' <email@example.com>
Cc: 'Bryn Rhodes' <firstname.lastname@example.org>; 'Guilherme Del Fiol' <email@example.com>; 'Howard Strasberg' <Howard.Strasberg@wolterskluwer.com>; firstname.lastname@example.org; 'Shawn, Christopher A.' <Christopher.Shawn2@va.gov>; 'Trish Williams' <email@example.com>; 'David Pyke' <firstname.lastname@example.org>; 'Suzanne Webb' <email@example.com>; 'Coleman, Johnathan P CTR (US)' <firstname.lastname@example.org>; 'Alexander Mense' <email@example.com>; firstname.lastname@example.org; 'Mohammad Jafari' <email@example.com>
Subject: RE: CDS related Harmonization Proposal