Versions Compared

Old Version 14

changes.mady.by.user Eve Maler

Saved on

compared with

New Version 15

changes.mady.by.user Eve Maler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Moved basic PP2PI description to the bottom, as discussed, along with a Kantara description (haven't deleted description up top yet)

...

Solving Data Sharing Challenges with UMA: The Julie Adams Healthcare Use Case from PP2PI (draft)

Version: 0.1

Editor: Nancy Lush

Contributors: Alec Laws (Chair), Eve Maler

Abstract: This Draft Report analyzes the "Julie Adams" use case for granularly segmenting personal health data, developed by Protecting Privacy to Promote Interoperability (PP2PI), and assessing ways the User-Managed Access (UMA) protocol can address this challenge.


Introduction:

The Protecting Privacy to Promote Interoperability (PP2PI) Workgroup is a national multidisciplinary interest group of expert stakeholders across the industry assembled to address the problem of how to granularly segment sensitive data to protect patient privacy and promote interoperability and care equity. 

...

  • Julie Adams, adolescent female, age 17, Black, Hispanic, English, Sex: Female, Gender Identity: Female, heterosexual (Sexual orientation is actually sensitive data)
  • Sue Adams, Julie’s mother and Proxy, 45 years old
  • Father does not have access to her clinical data, but pays the health bills
  • Providers
    • PCP
    • specialist – asthma
    • Pharmacy

About This Report

xx

About the Kantara Initiative

xx

About PP2PI

Quoting from its website: "The Protecting Privacy to Promote Interoperability (PP2PI) Workgroup is a national multidisciplinary interest group of expert stakeholders across the industry assembled to address the problem of how to granularly segment sensitive data to protect patient privacy and promote interoperability and care equity." It develops use cases, serves as the steward of a terminology value set (system of codes or keywords), provides implementation guidance, and works towards adoption.

PP2PI has created several use cases to illustrate both the challenges and the solutions to this complex problem.  User-Managed Access (UMA) is one standard that supports PP2PI’s core goal of securely sharing clinical data while protecting patient privacy.  This paper will delve into the specifics of the PP2PI ‘Adolescent’ use case and explain which specific problems can be best solved with UMA, including an explanation of how UMA adds value to this problem.

As can be seen, by the diagram above, the total problem will be solved from multiple directions.  As such, this paper will identify which specific aspects of the user story are ‘out of scope’, with the assumption that they will be solved in other ways.  As an example, this paper will not take a particular stance on what the policy is, but rather given a certain policy, this is how that policy will be enforced.  (It is understood that other workgroups will be exploring/resolving policy issues, etc.)This report is produced by the User-Managed Access (UMA) Work Group of the Kantara Initiative. It is intended to be the first of a series of short informative reports. Kantara Initiative, Inc. is an international ethics based, mission-led non profit industry ‘commons’ focusing on growing and fulfilling the market for trustworthy use of identity and personal data. UMA is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live.

The Protecting Privacy to Promote Interoperability (PP2PI) Workgroup "is a national multidisciplinary interest group of expert stakeholders across the industry assembled to address the problem of how to granularly segment sensitive data to protect patient privacy and promote interoperability and care equity." It develops use cases, serves as the steward of a terminology value set (system of codes or keywords), provides implementation guidance, and works towards adoption.

Although some members of the UMA Work Group take part in the PP2PI effort as well, this report has no formal relationship with PP2PI. We seek feedback from PP2PI and others on this report.






Transitions:

  • To really demonstrate UMA, it would be beneficial to start with Julie as a child, say age 8, who’s mother controls access to her health records
  • Then at age 13, Julie is an adolescent and has the right to control access to her health data
  • Then at age 18, Julie has full control over her data
  • Notes: The ages used here reflect the policies in effect in the state where the use case takes place.  But the correct age restrictions can be substituted to match the policies of each state.

...