2019-10-08 Meeting notes
- Noreen Whysel
Date
Attendees
Jeff Brennan
Bev Corwin
Sal D’AgostinoÂ
Mary Hodder
Tom Jones
Jim KraghÂ
Noreen Whysel
Agenda
- NIST Privacy Framework
Discussion items
| Time | Item | Who | Notes |
|---|---|---|---|
NIST Privacy Framework | Jeff Brennan | ONC job is to deliver a common operating agreement, not necessarily to provide patient info in a single lookup. Expects another draft next month. RCE funded by Sequoia but run by ONC though address and at emails are Sequoia. EHealth Exchange is at the same address and suite number. Sequoia liaison to VA, DoD, Social Security; Mitre and Cerner are board members. Measurable goal: PCP can get information on patient with one Tom sense from meeting is that Sequoia defers to ONC experts on all policy questions. Bev notes that Vista Project at VA not at the table; Bev has contacts with Science & Technology Advisors (S&Ts) at National Institutes of Health (NIH). Military Open Source (mil-oss.org) discussion lists have quite a bit of info about Vista, a Military Open Source (mil-oss.org) project with VA. The mil-oss.org discussion lists also discuss Cerner when news articles come out about Cerner's contracts with VA. Cerner is a member of the Sequoia Project. (Vista is not). The contention is generally between the proprietary "lock in" issues with Cerner vs. open source issues with Visa. Jeff: ONC/Sequoia focus is not patient rights, they are more interested in blocking access to data. Jeff isn’t surprised. OCS: information blocking ties into common agreement. As much about patient right to access to health data as control of their data. Different states have different levels of access to and clarity of data available to patients. Could make it difficult to impose a national standard. Sal comments to TEFCA Draft: https://www.healthit.gov/sites/default/files/webform/tefca_comment_form/response-to-comments---xpressrules-fei-openconsent.pdf Sal: Sandbox with vetted IDEF framework can fill gap. Good goal for funding. Bev suggested Linux foundation, but Tom is skeptical. Tom propose using our model to prototype showing patients how they can see information. Current use cases are more technical, not patient facing. Sal suggests looking at user governance capability of NIH Patient Portal. Bev knows some S&T Advisors there and can look into potential partnerships, SBIR grants.  http://cc.nih.gov/followmyhealth Android 9: (Pie) Working on transferring secrets (migrating protection) between devices, can hold data in more than one place | |
Action items
- Bev to connect with S&T Advisors at NIH, VA's VistA Data Project and mil-oss.org, and can look into potential partnerships, SBIR grants.
- All to share review of Patient Registration with Distributed AttributesUse Case Draft:Â
https://wiki.idesg.org/wiki/index.php/Patient_Registration_with_Distributed_Attributes