[Openid-specs-heart] (no subject)
Adrian Gropper
agropper at healthurl.com
Sat Sep 19 18:09:34 UTC 2015
Thanks, Glenn.
We now also have the benefit of the recently approved NIH Precision
Medicine Initiative (site http://www.nih.gov/news/health/sep2015/od-17.htm
and Sept 17 slides http://bit.ly/pmi-slides which are a good summary.) The
presentation and Q&A spent much time talking about the importance of
proxies for subjects that cannot give consent and about access to new data
created within the PMI network by the research subjects themselves. How
much of these two issues are of concern in PCOR initiatives?
I'm hoping we can take a take a stab at mapping your use-case into FHIR and
UMA and end up with a diagram like in the other two use-cases.
The essential common denominators of the PCOR and PMI cases seem to be:
1 - a copy of the Resource Server (EHR, PHR) data in a searchable database
- the Data Aggregator
2 - a consent gathering mechanism that controls access to the Data
Aggregator and the RSs
3 - an Authorization Server that controls Aggregator access of data from
the Resource Servers (EHR, PHR)
4 - a set of research-specific services associated with the Data Aggregator
that include:
1. IRB functionality to control access to the data
2. credentialing of research access
3. search and aggregation of results
4. de-identification of individual-level data
5. accounting for disclosures and maybe even notice to research subjects
6. re-consent or dynamic consent by the research subject
7. access to data in the Aggregator by the research subject or their
care team
How much of #4, if any, do we need to map into OAuth or UMA? 4-1 through
4-4 have nothing to do with FHIR or OAuth. 4-5 through 4-7 are all
transactions with the research subject or their proxy that might be
facilitated by the technology used for 1,2 and 3.
Here is my proposal for a diagram:
1 - The Data Aggregator uses FHIR and UMA to connect with the RSs (EHR and
PHR)
2 - Each RS adds some fields to their ROI Form
<https://docs.google.com/document/d/1biUqGwvOinf9Sj6eyh3hiiDzoccSEaz3ewOTa7WcwoY/edit>
(section 3) that identifies the Data Aggregator in the context of the
patient's record at the RS.
3 - The patient either has an account at the Aggregator or not:
- A registration process is begun where the Aggregator presents an
IRB-approved ROI Form and offers to register itself as a RS with the
patient's AS.
- If the patient signs the Aggregator's ROI Form, identity attributes
are transferred via FHIR from the clinical RS (EHR or PHR) that the
Aggregator uses to search their database for a patient match. The patient
and/or proxy are issued credentials to access the Aggregator.
- If the patient doesn't sign the Aggregator's ROI Form, no further data
is transferred from the RS to the Aggregator.
- If there's no match at the Aggregator, then the patient is
automatically enrolled as a new research subject based on the information
in the ROI Form they just signed.
- If there is a match at the Aggregator, then the EHR or PHR context
(step 2 above) is added as another data source to the research subject's
account at the Aggregator.
In summary, here's where this ends up:
- The patient can specify any AS they want.
- The patient can choose to use one or more PHRs or not.
- The Aggregator can offer any policies they want to the patient without
bothering or federating with the clinical RSs. This can help get research
data from non-HIPAA wearables or family members resource servers, etc...
All we need is UMA and a policy of accepting the patient-specified AS.
- There's no universal patient ID needed. Initial patient matching is
always done with the patient's (or proxy's) cooperation and as much context
provided by the RS as the patient wants to share. The patient can see or
set optional discovery parameters they want on the Aggregator's research
ROI Form in an IRB-approved way.
- The Aggregator has a relationship with the research subject and their
proxy that can be used for accountability, notice, and re-consent.
- The Aggregator is registered with the patient's AS and can provide
UMA-controlled access to the research-subject's resources via FHIR.
- The Aggregator's IRB can decide which research transactions will
involve the patient's AS and which ones will not.
Adrian
On Fri, Sep 18, 2015 at 1:09 PM, Glen Marshall [SRS] <gfm at securityrs.com>
wrote:
> Team,
>
> I have updated the use case to reflect last Monday's discussion and to
> more clearly align it with the PCORnet concept.
>
> The edited use case can be viewed here:
> https://docs.google.com/document/d/1BajiGx_68nrKvSUL1raItMwPkSFCZ_m-aSKUsdb9hzY/edit?usp=sharing
>
> Glen
>
> --
>
> *Glen F. Marshall*
> Consultant
> Security Risk Solutions, Inc.
> 698 Fishermans Bend
> Mount Pleasant, SC 29464
> Tel: (610) 644-2452
> Mobile: (610) 613-3084
> gfm at securityrs.com
> www.SecurityRiskSolutions.com
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>
--
Adrian Gropper MD
RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150919/941f26ad/attachment.html>
More information about the Openid-specs-heart
mailing list