Versions Compared

Old Version 12

changes.mady.by.user Former user

Saved on

compared with

New Version 13

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Kantara Initiative Health Identity Assurance WG Teleconference

...

Info

Meeting not quorate - Meeting notes follow

Date and Time

Date: Thursday, 6 June 2013 
Time: 10:00 PT | 12:00 CT | 13:00 ET
Dial in: TurboBridge Conferencing

Health Identity Assurance Working Group Home Page

...

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Leadership Nominations / Election
    4. Upcoming Events page: http://kantarainitiative.org/confluence/x/pYDWAw
    5. Report out from latest LC meeting
  2. Discussion
    1. New Mission Statement for the Group
    2. WG Charter 
    3. Aligning efforts with DirectTrust.org, EHNAC, and IDESG 
    4. Deliverables for on-boarding healthcare worker digital identities
  3. Presentation on “A Privacy Strategy for the United States Healthcare Industry” (see attached)  - Barry Hieb
  4. AOB
    1. (proposed for next meeting) Presentation on conducting risk assessments for apps dealing with PHI - Linda Goettler
  5. Adjourn

 Attendees

Info

As of 6 June 2013, quorum is 9 of 16

...

Presentation - Barry Hiebe

NOTE: Link to the Privacy whitepaper here: http://kantarainitiative.org/confluence/x/0oDWAw

  • The Privacy white paper proposes an approach for privacy in the US Healthcare environment
    • Published a few weeks ago by Global Patient Identifiers Inc. (GPII)
    • Healthcare Privacy environment is very complex
    • Some design considerations:
      • each individual has requirements
      • the system must be voluntary - if, when, how to participate
      • must be very simple
      • must be flexible
      • must work with existing systems - this is very challenging - no existing commonality wrt security, privacy, data segregation
      • patients and physicians must be empowered
      • concern has been raised that if there is good privacy, then standard of care will suffer - false dichotomy
      • allow for exceptions - e.g. break the glass scenario & its reversibility
      • make it as hard as possible to make errors, but as easy as possible to recover from errors
      • must be inexpensive to implement and operate
    • Accurate Patient Identification is essential
    • Suggest creating 2 types of identifier: Public and Private - give these to the patient and have them apply them as appropriate
    • This design concept is inherently simple and easy to explain
    • Currently doing proof of concept deployments
  • Questions
    • What path would be needed to standardize this in a way for vendors to implement?
      • Looking for ideas for best approach - engaging about 35 in the initial development stage of the whitepaper
      • This will have to be a grassroots approach - patient demand
      • e.g. if a patient pays for an encounter, then it must be segregateable from the data set & not reportable to the insurance company
    • Are there 'official' endorsements yet?
      • Looking to see if Kantara will endorse it
      • Would like to find some pilot sites to demonstrate how it works
    • Comment: Might be appropriate to send this out to the WG for comments, and possible sending to LC as a recommendation for approval/endorsement.
    • Most vendors have several identifiers in the system: external and internal. Is this approach similar? If so, the vendors would have to adopt this as the internal identifier, correct?
      • The whitepaper suggests methods that could be used to include the privacy identifiers into records for data segmentation
    • Have there been discussions with EHR vendors about what would be needed to implement this?
    • Comment: Perhaps look to Project VRM and similar initiatives for ideas around implementation
    • Comment: Perhaps reach out to Canada Health Infoway for ideas
    • Comment: Perhaps approaching EHNAC and Direct might help to get to vendors interested in working out some of the details
  • Please send comments on the whitepaper and potential connections to Barry.

...

privacywhitepaper5-21-13.pdf

Next Meeting

DateThursday, 20 June 2013 
Time: 10:00 PT | 12:00 CT | 13:00 ET
Dial in: TurboBridge Conferencing