Healthcare Information Exchange - OASIS

Healthcare Information Exchange - OASIS

Improving Patient Trust In Healthcare Information Exchanges Identity Management Conference 2010 Washington DC Improving Patient Trust Identity Management Conference 2010 Washington DC Improving Patient Trust 330+ Unauthorized Access Events Identity Management Conference 2010 Washington DC Improving Patient Trust "Just six months ago the NHS were exposed when it was found that as many as 140,000 non-medical staff, including porters and housekeepers, had access to sensitive NHS patient files. When there is a problem, a responsible organization should be able to assess the scope of the damage" Amichai Shulman, Imperva's Chief Technology Officer NHS National Health Service, United Kingdom Identity Management Conference 2010 Washington DC Improving Patient Trust Fundamental breakdown of underlying security system and processes to limit access based on; Users identity and role Purpose-of-use

Patients privacy concerns Identity Management Conference 2010 Washington DC Improving Patient Trust Identity Management Conference 2010 Washington DC Improving Patient Trust Data Use and Reciprocal Support Agreement (DURSA) The DURSA is a comprehensive, multi-party trust legal agreement and is based upon a set of policy assumptions that bridge varying state and federal laws and regulations, as well as various policies. This legal contract, signed by all entities currently exchanging information via the NHIN, provides a framework of trust assurance to support multi-point health information exchange across the NHIN. Identity Management Conference 2010 Washington DC Improving Patient Trust Beacon Communities Identity Management Conference 2010 Washington DC Improving Patient Trust Beacon Communities The Beacon Community Cooperative Agreement Program provides funding to selected communities to build and strengthen their health information technology (health IT) infrastructure and exchange capabilities. The program supports these communities at the cutting edge of electronic health record (EHR) adoption and health information exchange to push them to a new level of sustainable health care quality and efficiency. The program also will show how other communities can use health IT to achieve similar goals. Identity Management Conference 2010

Washington DC Improving Patient Trust Patient Privacy HHS strongly believes that an individuals personal information is to be kept private and confidential and used appropriately by the right people, for the right reasons, said Pritts. Without such assurances, an individual may be hesitant to share relevant health information. Joy Pritts Chief Privacy Officer ONC HHS US Department of Health and Human Services ONC Office of National Coordinator Identity Management Conference 2010 Washington DC Privacy and Security Tiger Team Health Information Technology Policy Committee Consumer Choice Technology Hearing Improving Patient Trust Panel Members Dr. Deborah Peel Melissa Goldstein, J.D. Dr. Jim Walker Ioana Singureanu Dr. David Kibbe Tiger Team David McCallie Cerner Corp. Wes Rishel Gartner

Latanya Sweeney Carnegie Mellon Univ. Dixie Baker SAIC Ms. Rachel John Houston Univ. of Pittsburgh Medical Ctr. Sumit Rana Judy Falkner Epic Systems Corp. Joy Pritts Chief Privacy Officer ONC Technology Implementers HIPAAT VA/DoD VLER Tolven Institute Private Access e-MD Identity Management Conference 2010 Washington DC Intersystems CBMHS Improving Patient Trust Cross-Enterprise Security and Privacy Authorization (XSPA) Oasis Standards (November 2009)

Profile of Security Assertion Markup Language (SAML) v2.0 for Healthcare Version 1.0 Profile of eXtensible Access Control Markup Language (XACML) v2.0 for Healthcare Version 1.0 Committee Specifications (August 2010) Profile of WS-Trust for Healthcare (ready for ballot) Federal Adoption (September 2009) NHIN Authorization Framework XSPA Profile of SAML Identity Management Conference 2010 Washington DC Improving Patient Trust XSPA Demonstrations & Global Participants RSA 2008 Healthcare Security and Privacy as a Service Ditton Manor 2008 Extensions to Healthcare Security and Privacy Services HIMSS 2009 Advanced Security and Privacy in Healthcare RSA 2010 Protecting the Human Genome HHS ONC HITPC Consumer Choice Technology Demonstrations System and Participant Locations RSA 2008 San Francisco, CA Oasis XACML Interop Demonstration Ditton Manor, London, UK HIMSS 2009 Chicago, IL RSA 2010 San Francisco, CA HHS ONC HITPC Consumer Choice Technology hearings 2010 Washington DC Identity Management Conference 2010 Washington DC Improving Patient Trust SAML / XACML Profile Interop Glassfish Glassfish v2.1.1 v2.1.1 http://208.75.163.70/XACMLPatientPrivacy http://208.75.163.70/XACMLPatientPrivacy Clinical Application User

PEP Requesting Healthcare Organization Opensso Opensso PDP (IBM Australia) SAML SAML Callback Callback Handler Handler PAP XSPA Profile of SAML Healthcare Information Exchange XSPA Profile of XACML SAML SAML Assertio Assertio n n Validator Validator Glassfish V2.1.1 Request / Response n io at iz

n or io th at Au lid Va Previously demonstrated At HIMSS 2009 Opensso Opensso PEP PIP Sun. App. Srv. Service Provider 208.75.163.71 Identity Management Conference 2010 Washington DC Responding Healthcare Organization PDP (Jericho) Attribute Attribute Service Service Provider Provider PAP Improving Patient Trust WS-Trust Profile Interop Glassfish

Glassfish v2.1.1 v2.1.1 http://208.75.163.70/XACMLPatientPrivacy http://208.75.163.70/XACMLPatientPrivacy Requesting Healthcare Organization STS1 (IBM/SUN ) 3/4 User / Pwd ws-trust ws-trust client client Validate Validate (User (User // Pwd) Pwd) Mapping Mapping (groups/attrs.) (groups/attrs.) Issue Issue (SAML 2.0) 2.0) (SAML Opensso Opensso PEP User Draft XSPA Profile of WS-Trust Open Open

LDAP LDAP Clinical Clinical Application Application 5/6 0 2. ML SA 7 PAP User groups and attributes e dat t irec d e R Healthcare Information Exchange i Val STS2 (Sun) 2 est equ dr 1

PDP (IBM) 0 Validate Validate Issue Issue XSPA Profile of XACML Glassfish V2.1.1 Draft XSPA Profile of WS-Trust Initial request Responding Healthcare Organization Opensso PEP PIP Sun. App. Srv. Service Provider 208.75.163.71 Identity Management Conference 2010 Washington DC PDP (Jericho) Attribute Attribute Service Service Provider

Provider Previously demonstrated at HIMSS 2009 PAP Improving Patient Trust What is XSPA? The XSPA profiles of SAML, WS-Trust, and XACML describe the minimum set of attributes necessary to make an access control decision during a healthcare information exchange. Identity Management Conference 2010 Washington DC Improving Patient Trust Attributes use to enforce security and privacy in an XSPA cross-enterprise exchange of patient data. Organization Location SubjectID (User) Purpose of Use (POU) Role (S) Role (F) Permission 1 {Action, Object} Permission 2 {Action, Object} POU Permission 1 {Action, Object} POU Permission N {Action, Object} Described in XSPA

Unique identifier profiles and mutually specific to a given agreed upon by participating entities. entity. Structural Role Refer to [ASTM E1986-09 (2009)] Identity Management Conference 2010 Washington DC Functional Role Refer to ANSI-INCITS 359-2004 Compliant [HL7-PERM] Improving Patient Trust XSPA Profiles of SAML and WS-Trust for Healthcare Attributes Identifier Required Attribute Runtime Claim Assertion Claim Asserted Externally (WS-Trust Only) (WS-Trust Only) urn:oasis:names:tc:xacml:1.0:subject:subject-id M O P urn:oasis:names:tc:xspa:1.0:subject:organization-id

M O P urn:oasis:names:tc:xspa:1.0:organization M O P urn:oasis:names:tc:xspa:1.0:subject:hl7:permission O O P urn:oasis:names:tc:xacml:2.0:subject:role M O P urn:oasis:names:tc:xspa:1.0:subject:functional-role O P n/a urn:oasis:names:tc:xspa:1.0:subject:purposeofuse M

P n/a urn:oasis:names:tc:xacml:1.0:resource:resource-id M P n/a urn:oasis:names:tc:xacml:1.0:action:action-id O P n/a O P n/a urn:oasis:names:tc:xspa:1.0:environment:locality M O n/a urn:oasis:names:tc:xspa:2.0:subject:npi O O P (ASTM E1986-09 (2009) Structured Role Value)

(HL7 Permission Catalog Resource Action Value) urn:oasis:names:tc:xspa:1.0:resource:hl7:type (HL7 Permission Catalog Object Value) Identity Management Conference 2010 Washington DC Mandatory Optional Preferred Improving Patient Trust Demonstrable Patient and Organization Policy Functionality Demonstrate the Enforcement of Patient Consent Directives Opt-In / Opt-Out Allowed Organizations Confidentiality Codes (Directive Template) Deny Access based on Role and Purpose of Use Deny Access to Specific Providers Masked Results based on Role Masked Results for Specific Providers Masked Results based on Medical Data Object/Resource requested Demonstrate the Enforcement of Organizational Policies Limit access to specific organizations Limit access during specific hours of the day Require certain roles based on purpose of use and service/resource requested Require certain permissions based on purpose of use and service/resource requested Identity Management Conference 2010 Washington DC Improving Patient Trust XACML Policy Examples - Organization Allowed Organizations Hours of Operations Organizational Policy

Required Roles Required Permissions - The organization denies the request if the subject is attempting to access a resource and is not a member of the allowed organizations. - Evaluates the allowed-organizations (if available) against the subject's locality. - - - - - 0 - - Determine if organization is allowed access to specific resource. Identity Management Conference 2010

Washington DC Improving Patient Trust XACML Policy Examples - Organization Allowed Organizations Hours of Operations Organizational Policy Required Roles Required Permissions The organization denies the request if the subject is attempting to access a resource and they are not a member of the required role(s). - Evaluates the organization roles (if available) against the subject's role. - - - - - 0 - -

DataType="http://www.w3.org/2001/XMLSchema#string" /> Determine if subject is allowed access to specific resource based on ASTM role. Identity Management Conference 2010 Washington DC Improving Patient Trust XACML Policy Examples - Organization Allowed Organizations Hours of Operations Organizational Policy Required Roles Required Permissions The organization denies the request if the subject does not have adequate permissions to access the resource. - Evaluates the required permissions (if available) against the subject's permissions. - - - - -

0 - - Determine if subject is allowed access to specific resource based on their HL7 Permission valueset. Identity Management Conference 2010 Washington DC Improving Patient Trust XACML Policy Examples - Patient Opt-IN Blacklisted Organizations Confidentiality/Sensitive Data Patient Policy Blacklisted Provider Role Based Denial Blacklisted Provider Unique ID Based Denial

Data Redaction Provider Role Data Redaction Provider Unique Identifier Demonstrated Advanced Concepts of Obligations Genomics Denies the request if patient has opted-out of healthcare information exchange. This policy is acting as the "Catch-All". - - - - urn:oasis:names:tc:xspa:1.0:reso urce:hl7:type:medical-record - Evaluates opt-in flag. - - - false

Denial if patient choses to opt-out of the healthcare information exchange. Identity Management Conference 2010 Washington DC Denies the request from the subject if their locality is not permitted by the patient. - - - - urn:oasis:names:t Opt-IN c:xspa:1.0:resource:hl7:type:medical-record Blacklisted Organizations Confidentiality/Sensitive Data - Evaluates the allowed-organizations (if available) against the subject's locality. Blacklisted Provider Role Based Denial - - - Blacklisted Provider Unique ID Based Denial - -

0 - Genomics - Identity Management Conference 2010 Washington DC Improving Patient Trust XACML Policy Examples - Patient Patient Policy Demonstrated Advanced Concepts of Obligations Denial if subject organization is member of list. Improving Patient Trust XACML Policy Examples - Patient Opt-IN Blacklisted Organizations Confidentiality/Sensitive Data

Patient Policy Blacklisted Provider Role Based Denial Blacklisted Provider Unique ID Based Denial Data Redaction Provider Role Data Redaction Provider Unique Identifier Demonstrated Advanced Concepts of Obligations Genomics Denies the request from the subject if the confidentiality code is set to "Sensitive". This policy is acting as the "Catch-All". - - - - urn:oasis:names:t c:xspa:1.0:resource:hl7:type:medical-record - Evaluates the HL7 confidentiality-code. - -

- S Catch-all denial if patient wishes to mask sensitive data. Identity Management Conference 2010 Washington DC Improving Patient Trust XACML Policy Examples - Patient Opt-IN Blacklisted Organizations Confidentiality/Sensitive Data Patient Policy Blacklisted Provider Role Based Denial Blacklisted Provider Unique ID Based Denial Data Redaction Provider Role Data Redaction Provider Unique Identifier Demonstrated Advanced Concepts of Obligations Genomics

PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting:role" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combiningalgorithm:deny-overrides"> Denies the request from the subject if their role is not permitted by the patient. - - - - urn:oasis:names:t c:xspa:1.0:resource:hl7:type:medical-record - Evaluates the dissenting-role (if available) against the subject's role. - - - Denial based on subjects ASTM structured role. Identity Management Conference 2010 Washington DC Improving Patient Trust

Denies the request from the subject if the NPI is not permitted by the patient. - Evaluates the dissenting-subject-id (if available) against the subject's NPI. Opt-IN - - - - urn:oasis:names:t c:xspa:1.0:resource:hl7:type:medical-record Blacklisted Provider Role Based Denial - - Blacklisted Provider Unique ID Based Denial - - - Data Redaction Provider Role Data Redaction Provider Unique Identifier 0

Genomics - Identity Management Conference 2010 Washington DC XACML Policy Examples - Patient Patient Policy Demonstrated Advanced Concepts of Obligations Denial based on subjects Unique Identifier. Denies the request for medications from the subject if the NPI is not permitted by the patient. - - - - urn:oasis:names:t c:xspa:1.0:resource:hl7:type:medical-record Opt-IN

Blacklisted Organizations - Evaluates the dissenting-roles for medications (if available) against the subject's role. Blacklisted Provider Role Based Denial - - - - Blacklisted Provider Unique ID Based Denial - 0 - Genomics Identity Management Conference 2010

Washington DC - Improving Patient Trust XACML Policy Examples - Patient Patient Policy Demonstrated Advanced Concepts of Obligations Generates obligation to redact data based on subjects ASTM structured role. Denies the request for medications from the subject if the NPI is not permitted by the patient. - - - - urn:oasis:names:t c:xspa:1.0:resource:hl7:type:medical-record Blacklisted Organizations Confidentiality/Sensitive Data -

RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications: dissenting-subject-ids:permit"> Evaluates the dissenting-subject-id's for medications (if Blacklisted Provider Role Based Denial available) against the subject's NPI. - - Blacklisted Provider Unique ID Based Denial - - - Data Redaction Provider Role Data Redaction Provider Unique Identifier 0 Genomics - Identity Management Conference 2010 Washington DC Improving Patient Trust XACML Policy Examples - Patient

Patient Policy Demonstrated Advanced Concepts of Obligations Generates obligation to redact data based on subjects Unique Identifier. Improving Patient Trust XACML Policy Examples - Patient Opt-IN Blacklisted Organizations Confidentiality/Sensitive Data Patient Policy Blacklisted Provider Role Based Denial Blacklisted Provider Unique ID Based Denial Data Redaction Provider Role Data Redaction Provider Unique Identifier Demonstrated Advanced Concepts of Obligations Genomics Denies the request for immunizations from the subject if the NPI is not permitted by the patient. -

- - - urn:oasis:names:t c:xspa:1.0:resource:hl7:type:genomic-profile - Evaluates the dissenting-subject-id's for immunizations (if available) against the subject's NPI. - Generates obligation for provider to re-evaluate against most recent GWAS mappings and redact SNPs accordingly. Identity Management Conference 2010 Washington DC Improving Patient Trust Demonstration video Identity Management Conference 2010 Washington DC Improving Patient Trust Lessons Learned Identity Management Systems Healthcare centric user provisioning Cross-Enterprise Exchange of Patient Consent Directives

- Standards Based - Computable Healthcare data must be semantically constrained. EHR systems need to be able to define and identify sensitive data if security systems are to enforce consumer choice regarding data sensitivity and other aspects under the control of the EHR. Identity Management Conference 2010 Washington DC Improving Patient Trust Moving Forward. Standards are in place New standards are being development to meet gaps Underlying technologies are sound and scalable Patient participation and trust is a function of Accessibility, Ease-of-use, and Accountability Identity Management Conference 2010 Washington DC Improving Patient Trust Protecting the Human Genome - RSA 2010 Patient PHR Service Patient has ability to view their Genotype and determine whether to deny access to all or portions of it.

Policy Patient Policy Constrains access to specific AT-RISK SNPs based on characteristics and/ or disease grouping Access Control System PIP PDP PEP Provider Constraints Visibility To Patient Assertion Consumption Obligation Clinical Adaptive Services XSPA Enabled Service Provider Request for Patients genotype Response Continuous Re-validation of Patient Policy Intent Original Mapping

Patients Genotype Genome Wide Association Studies Service GWAS New diseases and characteristics are mapped Multiple Organizations Contribute Findings Identity Management Conference 2010 Washington DC 34 Improving Patient Trust Closing video Identity Management Conference 2010 Washington DC

Recently Viewed Presentations

  • Sample Title Slide Standard Template

    Sample Title Slide Standard Template

    Of course, it can also protect servers in the data center that have bandwidth constraints. [BUILD 7] PureDisk data for any client can be recovered in the data center. [BUILD 8] To protect the PureDisk environment in the data center,...
  • Weaving Words - SCILT

    Weaving Words - SCILT

    Weaving Words Liz Lochhead's poem "Kidspoem, Bairnsang" has been described as bilingual. What do you think the term bilingual means? ... Katie Bairdie had a dug... Do you think you could try to write a verse using some Gaelic words?...
  • Nominating Presidential Candidates A Public Process Conducted by

    Nominating Presidential Candidates A Public Process Conducted by

    ballot box. This process is almost exactly what most people think of when we think of VOTING. The simplicity of this process makes it the prominent method used in the Presidential Primary process. In the 2008 Presidential Election 37 of...
  • lasp.colorado.edu

    lasp.colorado.edu

    : Targeted stellar occultations that capture ring structure at unprecedented resolution at certain locations or observe azimuthally varying structure not previously observed at UVIS resolution. The former are "particle tracking occs" where the speed of the stellar footprint in the...
  • Post-Cardiac Arrest Care

    Post-Cardiac Arrest Care

    synchronized with a peak of the QRS complex lower energy level. ... If you are unsure, be aware that most wide-com- plex (broad-complex) tachycardias are ventricular in origin. • If a patient is pulseless, follow the Cardiac Arrest Algorithm.
  • James L. Roark Michael P. Johnson Patricia Cline Cohen Sarah ...

    James L. Roark Michael P. Johnson Patricia Cline Cohen Sarah ...

    James L. Roark Michael P. JohnsonPatricia Cline Cohen Sarah StageSusan M. Hartmann. CHAPTER 23. From New Era to Great Depression, 1920-1932. The American Promise ... Secretary of the Treasury Andrew Mellon reduced the government's controls over the economy and cut...
  • Open Access: Threats and Promises of Scholarly Communication

    Open Access: Threats and Promises of Scholarly Communication

    ARROW and Swinburne's Repository Partner in the ARROW project from 2004 to 2008 Funding from Australian Government - about $8 million Led by Monash University, with three other partners - Swinburne, University of NSW, National Library of Australia Developed repository...
  • Dokumentum címe - FATOSZ

    Dokumentum címe - FATOSZ

    Helyi Vidékfejlesztési Stratégia - Tisza- menti LHK "Lenn az alföld tengersík vidékin..."- avagy a LEADER lehetőségei a Közép-Tisza mentén.