/
2019-10-08 Meeting notes

2019-10-08 Meeting notes

Dec 28, 2019

Date

Oct 8, 2019

Attendees

  • Jeff Brennan

  • Bev Corwin

  • Sal D’Agostino 

  • Mary Hodder

  • Tom Jones

  • Jim Kragh 

  • Noreen Whysel

Agenda

  • NIST Privacy Framework

Discussion items

Time

Item

Who

Notes

Time

Item

Who

Notes

NIST Privacy Framework

Jeff Brennan

ONC job is to deliver a common operating agreement, not necessarily to provide patient info in a single lookup. Expects another draft next month.

RCE funded by Sequoia but run by ONC though address and at emails are Sequoia. EHealth Exchange is at the same address and suite number.

Sequoia liaison to VA, DoD, Social Security; Mitre and Cerner are board members.

Measurable goal: PCP can get information on patient with one 

Tom sense from meeting is that Sequoia defers to ONC experts on all policy questions. Bev notes that Vista Project at VA not at the table; Bev has contacts with Science & Technology Advisors (S&Ts) at National Institutes of Health (NIH). Military Open Source (mil-oss.org) discussion lists have quite a bit of info about Vista, a Military Open Source (mil-oss.org) project with VA. The mil-oss.org discussion lists also discuss Cerner when news articles come out about Cerner's contracts with VA. Cerner is a member of the Sequoia Project. (Vista is not). The contention is generally between the proprietary "lock in" issues with Cerner vs. open source issues with Visa.

Jeff: ONC/Sequoia focus is not patient rights, they are more interested in blocking access to data. Jeff isn’t surprised. OCS: information blocking ties into common agreement.

As much about patient right to access to health data as control of their data. Different states have different levels of access to and clarity of data available to patients. Could make it difficult to impose a national standard.

Sal comments to TEFCA Draft: https://www.healthit.gov/sites/default/files/webform/tefca_comment_form/response-to-comments---xpressrules-fei-openconsent.pdf

Sal: Sandbox with vetted IDEF framework can fill gap. Good goal for funding. Bev suggested Linux foundation, but Tom is skeptical. Tom propose using our model to prototype showing patients how they can see information. Current use cases are more technical, not patient facing. Sal suggests looking at user governance capability of NIH Patient Portal. Bev knows some S&T Advisors there and can look into potential partnerships, SBIR grants.

 http://cc.nih.gov/followmyhealth

Android 9: (Pie) Working on transferring secrets (migrating protection) between devices, can hold data in more than one place









Action items

Bev to connect with S&T Advisors at NIH, VA's VistA Data Project and mil-oss.org, and can look into potential partnerships, SBIR grants.
All to share review of Patient Registration with Distributed AttributesUse Case Draft: 
https://wiki.idesg.org/wiki/index.php/Patient_Registration_with_Distributed_Attributes