[Openid-specs-heart] HEART AGENDA 2015-08-24

Aaron Seib (NATE) aaron.seib at nate-trust.org
Sun Aug 23 19:48:12 UTC 2015 

I might ask a question that may eliminate one of the options.

Is there any case where Alice can share with Dr. Bob where the EMR used by Dr. Bob for his relationship with Alice isn't that isn't a chained delegation?  

Even in the case of a single user for a given EMR instance does any known EMR constrain the displaying of data to the user whonhas the patient-provider relationship?  Even in the small specialty practices you usually have a case where other members of the practice cover for one another when one is on vacation.  

Does anyone offer an EMR that manages access in the way they would need to in order to support the Direct model?  How would a consumer know one from the other?




Sent from my Verizon Wireless 4G LTE smartphone

<div>-------- Original message --------</div><div>From: Eve Maler <eve.maler at forgerock.com> </div><div>Date:08/23/2015  12:22 PM  (GMT-05:00) </div><div>To: Debbie Bucci <debbucci at gmail.com> </div><div>Cc: openid-specs-heart at lists.openid.net </div><div>Subject: Re: [Openid-specs-heart] HEART AGENDA 2015-08-24 </div><div>
</div>Some commentary on these that may help us decide...

https://docs.google.com/document/d/1V3e_fDH63fNDsV-WOGKcyg0ebuW165DOpjY_RcuMk4U/edit

https://docs.google.com/document/d/1biUqGwvOinf9Sj6eyh3hiiDzoccSEaz3ewOTa7WcwoY/edit

https://docs.google.com/document/d/17-C7nyI-ZiL4_LsFNrXXrM2MSPx4sCqXSEui2pwhVe8/edit

The "Only 4 Ways to Share Data" are four design patterns/proto-use cases that are not mutually exclusive. They can perhaps help us identify which scenarios are of most interest or are most useful in the near term. Here's how I'd summarize:
Alice-to-Alice N: The OAuth model is “pairwise” between each service and client app. UMA, by contrast, allows Alice to aggregate the records of all of her consents.
Alice-to-Custodian: This is about the ability to delegate to the custodian for further sharing -- what my company has been referring to as chained delegation.
Alice-to-Bob Directed: This is sharing with Dr. Bob, party-to-party.
Alice-to-Bob HIE: This involves an extra layer of discoverability of Alice's resources.
Some observations:

Alice-to-Alice N would probably be a very straightforward exploration of a key value of UMA. It would be important to get specific about the use case details.

Alice-to-Bob Directed would be a very interesting contrast to the use case we've already done. It sounds like it would be similar, but it might differ in a lot of ways depending on which ways we want to take it: a) the sharing might be directly to "Dr. Bob" rather than to "the PCP's EHR system" (or that might even involve chained delegation), b) it might happen through proactive policy or through an attempted access that results in an access approval rather than a run-time consent experience, and c) there might be other subtleties that show up in UX or in back-end flows. That could be a heavy lift for a first time out.

Elderly Mom with Family Caregiver is a mix of both Alice-to-Alice N and Alice-to-Custodian. A bit complex, but easier to take on if Alice-to-Alice N were already in the bag.

ROI Perspective: I don't detect much enthusiasm in this one, despite the usefulness of the annotated ROI form for other purposes. :-)

Eve Maler
ForgeRock Office of the CTO | VP Innovation & Emerging Technology
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
Join our ForgeRock.org OpenUMA community!


On Sun, Aug 23, 2015 at 8:36 AM, Debbie Bucci <debbucci at gmail.com> wrote:
When: 1 PM PST/4 PM EST
Where: Gotomeeting – https://global.gotomeeting.com/join/785234357

US phone number: +1 (619) 550-0003. Access Code 785-234-357

   



Agenda :

semantic profile development - how will use cases inform?
Choose next Use case - as posted by Adrian:
Elderly Mom with Family Caregiver
A heartwarming true story of love and devotion. It's all about Alice!
ROI Perspective on health information sharing
A true story based on paving the current cow path. It's all about the institution.
Only 4 Ways to Share Data
From Alice's perspective. Not a full use-case but a useful way to understand why UMA
AOB

_______________________________________________
Openid-specs-heart mailing list
Openid-specs-heart at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-heart


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150823/78b91cd2/attachment.html>

More information about the Openid-specs-heart mailing list