Versions Compared

Old Version 12

changes.mady.by.user Nancy Lush

Saved on

compared with

New Version 13

changes.mady.by.user Eve Maler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Officially changed title of the report as agreed (need to supplant Confluence page title eventually)

...

  1. Intro/Scope statement - what this report will cover
    1. overall objective of the document, what we will cover, what the reader should understand by the end
      1. Julie's use-case... how it is complex but typical. how to solve it in a way that's: technically feasible, respects Julie's rights to privacy and access to her information, respects the legal/regulatory policy requirements of the health system
      2. understanding UMA's unique value to aid this use-case (why can't it just be OAuth??)
        1. don't have to use all  of UMA, parts can be used to address different challenges
        2. how to make hard problems easier though UMA
    2. What's not being covered - maybe hard to state at this point
  2. Description of concrete use-case (Julie)
    1. actors, data, systems (Primary care EMR, Specialist EMR, Pharmacy system, Payer system), identities *needs a diagram
    2. capabilities and responsibilities of actors (Julie, HCP, Organization) eg link to Policy?
    3. what's not being covered about this whole use case
  3. Policy that impacts the use-case
    1. risk/liability vs patient agency (
    2. tension between policies (eg obligations to protect data vs obligation to enable sharing)
  4. Core UMA/HEART overview
    1. why were even talking about UMA in this context
    2. how UMA's interacts with other protocols (OIDC, FHIR/SMARTonFHIR/HEART, OAuth, UDAP?)
  5. UMA application to use-case (steady state) *needs a diagram
  6. Delegation state changes,
    1. how the health journey affects state.
    2. concrete events that create changes (Nancy to confirm what transitions we want to discuss)
      1. Julie turns 17,
      2. Julie sees asthma specialist
      3. Father get's invoice from health provider, submits claim to insurance provider
      4. Julie get's medication to treat STI, Provide create Rx, Pharmacist fills Rx and needs access to record (ie to see drug interactions)
  7. Discussion? Tough corners, future topics
  8. Conclusion
  9. About this paper
    1. pp2pi and kantara blurbs
  10. References, learn more

Working Draft

...


Solving Data Sharing Challenges with UMA: The Julie Adams Healthcare Use Case from PP2PI (draft)

Introduction:

The Protecting Privacy to Promote Interoperability (PP2PI) Workgroup is a national multidisciplinary interest group of expert stakeholders across the industry assembled to address the problem of how to granularly segment sensitive data to protect patient privacy and promote interoperability and care equity. 

...