Skip to end of metadata
Go to start of metadata

Chair:  @David Pyke

Scribe: @Suzanne Gonzales-Webb
 

Attendees

Present

Name

Affiliation


xNameAffiliation
xSRS
xVA (Book Zurman)
x

David Pyke  Co-Chair

Ready Computing

@Jim Kretz Co-Chair SAMHSA 
x

John Davis  aka Mike Davis

VA
xKathleen ConnorVA (Book Zurman)

Georgia Tech
xChris ShawnVA
xCarradora

VA (Electrosoft)

Iris Health Solutions

@David Staggs

Book Zurman

Altarum

@Francisco JaureguiVA (Electrosoft)
xGreg WhiteSRS
x@Pele Yu pele.yu@archildrens.org Children's Hospital
xByLight

@Dave Silver

dave.silver@electrosoft-inc.com

VA (Electrosoft)

@Amber PatelSRS
xSSA (Aegis)

Beth Pumo  Kaiser
x @Laura Bright laurabright4@gmail.com 
Altarum 
x

@Forrest White forrest.white@altarum.org

Altarum
 xJamie Parker   Carradora
 x @Matt Lord mrlord@mdixinc.comMDIX Inc
@Hanna Galvin hannah.galvin@lahey.org 




Create Decision from template


Agenda Topics

Agenda Item

Meeting Minutes from Discussion

Decision Link(if not child)
Minutes Approval

2019-06-04 CBCP Meeting Agenda/Minutes

VOTE: (motion) : 

Abstain: none / Opposed: none /  Approve: 18

ANNOUNCEMENT

eLTSS bi-Monthly report out
June 13 - Thursday 12:30-1:30 ET 

Please contact Johnathan Coleman or Becky Angeles for more information and meeting link!

information sent to group list with meeting information (contact Becky Angeles to be added)
Agenda items include:  latest happenings, ballot update

To join the meeting on 6/13:

URL: https://chiwebex1seats50.my.webex.com/chiwebex1seats50.my/j.php?MTID=m10965c2bbe754e5769f0e44b77c52087 <https://healthit.us19.list-manage.com/track/click?u=8d40fc226045608875374f0f1&id=76be3007da&e=177d086d0e>

Dial-In: + 510-338-9438;  Access code: 621 054 615

Meeting password (if needed): meet

NPRM Comments (overview) - Kathleen HL7 Response Letter ONC 21st Century Cures Act v05.27.19 presented by Kathleen - DISCUSSION

LINKS to Documents: https://confluence.hl7.org/pages/resumedraft.action?draftId=42994964&draftShareId=b2d7b264-aa23-45f6-8839-18c5ee243f1e&

from 5/28 meeting ---
Is security looking at the TEFCA doc as well? Kathleen will be tackling that as well and will bring forward to the WGs; if there are any specific concerns, Kathleen will take a look
security labeling at the document level; (ONC proposed rule wants to move away from per CraigN) "this is different than ONC..." it may be something where we introduce baby steps.

still refining the comments, they have not gone to the Board as of yet; extension of comment dates to June 3

Link to latest DRAFT:  https://confluence.hl7.org/display/SEC/TEFCA+2+Security+CBCP+Comments 

Discussion:  use-case of registering a Privacy Consent that authorizes a proxy - Feliano "Pele" Yu, David Pyke, John Moehrke

Proxy - we are currently try to advance xx; into the care plan as appropriate; most of what you are describing appears to fall under policy–policy under individuals/institutions

i.e.. Patient A - decided to not permit access to certain data elements as patients move in/out of certain facilities - putting a child at risk / for each data element which are deemed sensitive by the provider or individual can they put some sort of flag (i.e. security labeling) on the information 

there are two different models

  1. Data can be individually labeled; every instance of a fhir resource
  2.  In the consent resource itself the patient can express a list of specific resource by identifier that they want specific handling for; there are a couple of different model available; it may be useful to spend some individual time walking through so that we are both confident
  • the endpoint there - if the structures are in place; could we/opportunity a pediatric version IG of the process so that they are able to specify? (per JohnM : yes); 
  • jointly developed IG
  • off line meeting: to discuss use cases - // DP will send out a Doodle poll to set up meeting/bi-weekly basis/review use cases/IG (send to CBCP, Security WGs include Dr. Yu, Hannah Galvin; will proceed from there.

------

e-mail string below

5/15 - (JMoehrke) added Dave Pyke (to e-mail string), he is the co-chair of the committee that owns the Consent resource in FHIR, and is the one that leads that effort. His committee meets Tuesday mornings. 

I would say that the Consent Resource alone is not enough. You certainly can provide implementation guidance on how the FHIR Consent resource would be used in your environment with your policies. But even this is not sufficient to address all of the issues contained in your policies. You would also need to identify other functionality that would be needed to assure the rules recorded in a Consent are adhered to. You would also need to require that AuditEvent be recorded so as to track uses of data for those patients, so that reports could be supplied with various use and disclosure actions. There would also need to be controls around verifying that the system is working as defined.

What you are after is a layer of specification that more specific to your policy and setting than would be written by HL7. There is a need for this kind of specification, but it is not possible to write these kinds of implementation guides without understanding the setting and the policies. Thus this kind of a specification is often done on a per-project basis.


Pele Yu: FHIR-enabled “proxy” access to patient portals for pediatric patients/specific FHIR that could be very useful pediatrics, and this is related to “proxy” access to patient portals.  

We are exploring this opportunity in the peds community and I am attaching our ONC comment/response to define the problem space. As you can see, the use cases below “proxy”, “forbidding access”, among others are part of the problem space.

JMoehrke:  For the use-case of registering a Privacy Consent that authorizes a proxy. Use-cases for any authorized designate. Also for emancipated minor elevation of rights. Also for forbidding access to otherwise recognized (abusive spouse).. .. that is in the Consent resource... 

I am not sure what else is intended by proxy. I can imagine so many things.



 eLTSS Use Case - Craig (15-20 min)

Display of Forrest screen;  

  • continue to work the details of the use case
  • reach out to patient care, FHIR whomever fits hosting the appropriate track, etc.
  • reconvene next week, continue to massage use case (POC CraigN for questions )

-----

(Altarum) working on an eLTSS use case for exchanging data between a beneficiary and a care coordinator.

Review use case/s to make sure it matches what the eLTSS team was envisioning. Altarum is interested in this use case as being part of the Connectathon track in Atlanta. Note:  still working on the documentation, but will provide to the CBCP listserv ahead of time for folks to take a look at.


eLTSS FHIR IG Project - Becky, Johnathan

Final negative withdrawn

reconciliation complete, no outstanding comments

changes approved during reconciliation are in process - or already implemented.  there will be some reivew of the updates to confirm the updated mappings are in the right place

  • depend on the UScore4, will submit the publication request

Question: the updated IG is on the fhir.build.org (wills stay there until the publication is sent/approved)

  • once we're done that the changes are agreed/correct and mappings are done, then submit publication request. 
  • official notification will be e-mailed when completed

CBCP FHIR Consent CPs-DavidPfor 6/11 - if time permits
 Provenance DAM - Mike Davisfor 6/11 - if time permits 
 DS4P FHIR IG

updates, if time permits

PSS Approved 6/4/2019: FHIR Data Segmentation for Privacy (DS4P) Implementation Guide PSS


 September 2019 WGMif time permits
Additional Agenda Items

Adjournment Meeting adjourned at Arizona Time: (Johnathan) meeting adjourned at 1001 Arizona TimeTemporary Meeting Recording:  https://fccdl.in/fKN5l03Pcs

Supporting Documents

Outline Reference

Supporting Document

Minute Approval


Action items Suzanne Gonzales-Webb