[Openid-specs-heart] Draft HEART Meeting Notes 2015-08-03

Mon Aug 3 21:41:27 UTC 2015

Thanks Sarah!

Adding a few additions to the notes:

We will have a follow on meeting to continue the discussion Wed August 5th
- gotomeeting info sent in a separate email.

As  mentioned on the call today,  Adrian submitted a new use case
that builds upon - perhaps a compare contrast to the current use case:

https://docs.google.com/document/d/1V3e_fDH63fNDsV-WOGKcyg0ebuW165DOpjY_RcuMk4U/edit#heading=h.rzs774n0rsvs

*AI for Deb*: update wiki with past meeting notes

On Mon, Aug 3, 2015 at 5:03 PM, Sarah Squire <sarah at engageidentity.com>
wrote:

> Attending:
>
> Debbie Bucci
>
> Catherine Schulten
>
> Sarah Squire
>
> Justin Richer
>
> Adrian Gropper
>
> Glen Marshall
>
> Eve Maler
>
> Abbie Barbir
>
> Obi Ogbanufe
>
> Corey Spears
>
> Thompson Boyd
>
> Tom Sullivan
>
> Jeremy Maxwell
>
> Edmund Jay
>
> John Moehrke
>
> Jim Kragh
>
> Jeffrey Shultz
>
> Josh Mandel
>
> Chad Evans
>
> Next steps:
>
> 2pm EDT Wednesday, August 5th, a group will meet to discuss the technical
> profiles.
>
> The group will continue to work on this use case in the Google Doc.
>
> Next week we will discuss scopes and the next use case.
>
> Notes:
>
> We reviewed the “Alice Enrolls with PCP and Sets Up Two-Way Exchange of
> Personal Data [OAuth Only]” use case.
>
> We decided to use the term PHR rather than CFA. PHR is more specific and
> more commonly used.
>
> We decided to replace “cloud-based” with the more general
> “internet-facing” to describe Alice’s PHR in order to clarify without
> having to specify unnecessary details about service hosting.
>
> We discussed what the problem statement should be and decided that Bill
> should ultimately review that and contribute. Our rough idea is “EHR and
> PHR orgs know each other but require Alice’s consent to bridge them”
>
> We discussed the idea that consent is a two-way transaction, and that we
> have captured that in the use case by assuming that the EHR and PHR have a
> predefined agreement to allow Alice-to-Alice sharing.
>
> We decided not to include a suggested addition of a technical precondition
> to track Alice physically at her PCP. Every EHR has an MPI - master patient
> index. This registry includes all activity across providers using that EHR.
> All access management systems have the ability to identify a person and
> associate them with a record, so this does not need to be specifically
> addressed in this use case.
>
> Should we point to a reference to define OAuth entity roles? Or should we
> write out the definitions in every use case? We decided to write out the
> definitions.
>
> We decide to replace consumption and insertion with read and write.
>
> We discussed the definitions of EHR and PHR. A PHR is “untethered” in that
> it has no business relationship to a care provider, and it is controlled by
> the patient. An EHR is “tethered” in that it has a business relationship
> with a care provider, and it is controlled by the care provider.
>
> The group will continue to work on this use case in the google doc. We
> will move onto scopes and the next use case next week.
>
>
> Sarah Squire
> Engage Identity
> http://engageidentity.com
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150803/17b19d49/attachment-0001.html>