<div dir="ltr"><div><div>The current EHR-PHR use-case has been useful in educating us on the things that OAuth alone can't do. To prepare for the next use-case, I suggest that all healthcare use-cases for UMA will fall into one of the four categories below: Alice-to-Alice N; Alice-to-Custodian; Alice-to-Bob Directed; Alice-to-Bob HIE.<br><br></div>The categories: begin with a single patient problem today; avoid introducing federation and trust frameworks prematurely; and avoid the patient ID problem.<br><br></div><div>These four categories are from the patient perspective. SMART-on-FHIR and Argonaut are not patient-perspective use cases and may be distracting in developing the HEART profiles. <b>I suspect that FHIR can be designed to support both the institutional and the patient perspective, if they choose to. It is imperative that HEART lead from the patient perspective to help them do that.<br></b></div><div><br></div>I've tried to avoid jargon as much as possible and reuse terms we have already discussed. <br><div><div><div><div><br><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"></span></p><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice-to-Alice N - The multiple portals problem - Alice wants to direct sharing herself</span></p></li></ul><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;margin-left:36pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice wants to manage her EHR-1 and EHR-2 authorizations in one place. We call that place the AS.</span></p><ul style="margin-top:0pt;margin-bottom:0pt;margin-left:40px"><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice registers her AS with her practice’s EHR-1.</span></p></li><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice registers her AS with another practice EHR-2.</span></p></li><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">From then on, Alice can sign-in to her EHR, view accounting for disclosures, and manage authorizations.</span></p></li></ul><br><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice-to-Custodian - Delegation to a custodian</span></p></li><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Custodian creates an AS for Alice. Custodian has a sign-in to Alice’s AS.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice registers her AS with her PCP’s EHR-1.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice registers her AS with another practice’s EHR-2.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">From then on, Custodian can sign-in to Alice’s EHR, view accounting for disclosures, and manage authorizations.</span></p></li></ul></ul><br><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice-to-Bob Directed - Alice wants to authorize her PCP for directed sharing</span></p></li><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice registers her AS with her PCP’s EHR-1. </span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">The PCP shares an Alice-specific context with Bob.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Bob’s client EHR-2 presents claims to Alice’s AS, gets authorization.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">EHR-2 accesses resource from EHR-1.</span></p></li></ul></ul><br><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:disc;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice-to-Bob HIE - Alice wants to be discoverable</span></p></li><ul style="margin-top:0pt;margin-bottom:0pt"><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice registers her AS with her practice’s EHR-1. </span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice picks up a flier for the state HIE with a Q/R code, reads their Privacy Policy</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Alice signs-in into her AS and scans the Q/R code.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">The HIE allows Alice to pick her discovery attributes, registers Alice’s AS.</span></p></li><li style="list-style-type:circle;font-size:14.6667px;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:14.666666666666666px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">Bob’s client signs into the HIE, discovers Alice, gets authorization to EHR-1.</span></p></li></ul></ul><br clear="all"><br>-- <br><div class="gmail_signature"><div><div><div><div><br><div>Adrian Gropper MD<span style="font-size:11pt"></span><br><br><span style="font-family:"Arial",sans-serif;color:#1f497d">RESTORE Health Privacy!</span><span style="font-family:"Arial",sans-serif;color:#1f497d"><br>HELP us fight for the right to control personal health data.</span><span style="font-family:"Arial",sans-serif;color:#1f497d"></span><span style="font-family:"Arial",sans-serif;color:#1f497d"><br>DONATE:
<a href="http://patientprivacyrights.org/donate-2/" target="_blank"><span style="color:#0563c1">http://patientprivacyrights.org/donate-2/</span></a></span><span style="color:#1f497d"></span>
</div></div></div></div></div></div>
</div></div></div></div></div>