Quick Links



Meeting Schedule




How to Get Involved



Feedback Welcome

We value your input!
Have a suggestion or idea for the initiative wiki? Send an email the Project Manager.
Need help using the Wiki? Send an email to Wiki Admin/Support.

Edit SidebarRightEdit Action ItemsEdit Page Tabs




To view and download materials from previous workgroup meetings, please see the Past Meetings wiki page.

Reference Materials

ID
Reference Material
Date
Description
Link
1
Whitepaper
9/29/2010
Data Segmentation in Electronic Health Information Exchange: Policy Considerations and Analysis
View Document
2
Call for Participation
10/06/2010
This is the Call for Participation that announced the DSI initiative

3
Privacy & Security Electronic Toolkit
10/18/2011
caBIG Electronic Data Sharing & Security Framework - contact Alex Kanous (akanous@umich.edu)Data Sharing Resource Center Manager, University of Michigan who would be willing to talk about this resource and experience of caBIG Data Sharing & Intellectual Capital Workgroup in developing this privacy and security framework over the last eight years.
DSIC Link
4
Subsetting sensitivity concepts in SNOMED CT
10/19/2011
Presentation repurposed from Nov. 2009 and discussed at DSI F2F. Reviews preliminary work done to investigate use of SNOMED CT concepts to represent sensitive clinical content.

5
42 CFR2 FAQ
11/9/2011
SAMHSA CFR Part 2 FAQ
EHR FAQ
6
Whitepaper
11/21/2011
Implementing Consumer Privacy Preferences in the HIE Using SOA [
predates support of HL7 CDA R2, IHE XDS.b & OASIS XSPA]

7
Consent Options
11/21/2011
HIPAAT Matrix for NC Consent Options

8
Notes from participant
11/21/2011
Data Segmentation for Privacy Notes from Kel Callahan

10
Blog Post- Policy Decision Point
11/21/2011
Policy Decision Point
Access Control Policies Link
11
Privacy Web Page
11/21/2011
Privacy by Design
Privacy By Design Link
12
Graphic
11/23/2011
Lifecycle of a Consent Policy

13
Canada Infoway Call: Overview
12/1/2011
Canada Infoway Call with Joan Roch

Commun Understandings Paper
14
PDF HITSC Metadata Recomendations
12/12/2011
HITSC Metadata Analysis

15
Canada Infoway Call: Technical Deep Dive
1/26/2012
This was an optional meeting in which Canada Infoway discussed the ways in which the segment data
Presenters: Dennis Giokas and Stanley Ratajczak
Architecture approach
Methods used (metadata tagging, etc.)
Standards
How are your standards actually used?
Use Cases - Walk-through of specific examples

View Meeting Recording
16
Quebec's Interoperable EHR Security Architecture and Protection of Personal Information
1/20/2012
This document discusses approaches to privacy protective patient identity management and consent management. As I understand it, patient demographics are stored separately from PHI, and identifiers are managed so as to minimize exposure of patient identifiers and demographics used in other contexts, thereby lowering the risk of relinking.

17
HL7 CDA R2, Confidentiality Code, and Act Policy Type for DS4P
2/23/2012
Topics discussed:* HL7 Confidentiality Codes
  • HL7 ActPolicyType Codes
  • CDA R2 Header Data Elements
  • CDA R2 support for Confidentiality Code at the header and section levels
  • How CDA entries can be associated with externally referenced privacy policies, notice of prohibition to redisclose, or consent directives
  • C32 and ToC Constraints on CDA capabilities to convey Consent Directives

18
Direct XD* Envelop Metadata for DS4P
2/23/2012
Direct Project includes support for trading partners capable of exchanging and registering payloads wrapped with XD* Metadata Envelope* The XD* Metadata may be derived from the payload
  • Some Metadata may be revealing of protected payload information
  • DS4P, Query Health, and Direct Projects should avoid using Metadata that reveals what is intended to be concealed from unauthorized users, including intermediaries, while ensuring that appropriate routing and patient matching information is available on the envelope

19
CDA R2 Visio Diagram
2/23/2012
Diagram of CDA - Annotated with XD* Metadata Sources & Support for Privacy & Security Policy

20
PASS Alpha - Access Control Conceptual Model Release 1.0 - Post-Ballot Reconciliation.pdf
2/29/2012
HL7 Privacy and Access Security Services specification provides a platform independent description of system services (e.g., in an EHR) needed to provide the basic capabilities with which a patient or provider can request access to patient health information from a protected resource and, based upon the security and privacy policies applied by the resource, have that access either be granted or denied. Specifies security/privacy functional capabilities that are exposed through well-defined service interfaces.

21
HIMMS 2012 Data Segmentation for Privacy
3/2/2012
This is the presentation delivered at HIMMS by Johnathan Coleman

22
Review of Recommendations from the HITSC on Privacy Metadata
4/12/2012
This is the presentation Walter Suarez delivered at the April 2012 Face to Face Meeting


23
Consolidated CDA and Consent Act
5/2/2012
This document contains details and diagrams on Consolidated CDA including comments from a work-group member regarding how we may propose changes to CDA (balloting opens May 4th, 2012)

24
Kairon Consents material
6/1//2012
Patient centric (open source) consent prototype. Main ideas:
  • a patient's consents are in one place, reachable by all. (No update propagation needed)
  • generalized conditions applicable to many exchanges (e.g., doctors treating me)
  • implement everything in one rule formalism
http://kaironconsents.sourceforge.net/
25
Data modeling comments: Metadata, aggregates, and envelopes
6/16/2012
Arnie Rosenthal opinions that envelopes should not be a major primitive: instead, rely on a general facility for aggregates and metadata tagging

(long and short versions)
26
HITSC Recommendation Alignment
6/20/2012
Office of the National Coordinator for Health IT - Response to the HITSC PCAST Analysis and Recommendations on Patient Privacy, Provenance and Identity Metadata - S&I Framework Data Segmentation for Privacy Initiative 6/20/2012

27
Updated: DS4P Implementation Guidance Comment Disposition Log
8/27/2012
Formal Comments made by workgroup members on the Data Segmentation for Privacy Implementation Guidance Document.

28
HL7 Privacy and Security Vocabulary
8/28/2012
HL7 Privacy and Security Vocabulary Table with definitions and value set OIDs; and Enumeration Diagram

29
DS4P Implementation Guidance v1.0.3
8/27/2012
Updated version of the DS4P Implementation Guidance document

30
SSA Presentation Slides
10/16/2012
Updated SSA Presentation Slides Nationwide on 06/18/2011
with Contact Details and Reference Materials
http://wiki.siframework.org/file/view/NwHIN_Exchange_and_the_SSA_Patient_Authorization.ppt
31
SSA NwHIN Interoperability Guide
10/16/2012
The SSA NwHIN Interoperability Guide describes the transaction flow along with message descriptions based on the NwHIN Exchange Technical Specifications
http://wiki.siframework.org/file/view/SSA_NHIN_Interoperability_Guide_V_1_1.docx
32
SSA-827
10/16/2012
SSA-827 (Authorization to disclose information to the Social Security Administration)
http://wiki.siframework.org/file/view/ssa-827.pdf
33
DS4P Presentation to HL7
9/25/13
S&I Framework Data Segmentation for Privacy Initiative Presentation to HL7

34
HL7 HCS Overview
9/26/13
Healthcare Privacy and Securtity Classification System (HCS) Presentation -- HL7 Working Group Meeting

35
Consent2Share Project
12/27/13
Wiki space for the SAMHSA Pilot Consent2Share Project
C2S Project Page

Initiative Contacts

Name
Role
Contact Information
Johnathan Coleman
Initiative Coordinator
jc@securityrs.com
Julie Chua
ONC Sponsor
julie.chua@hhs.gov
Zachary May
Project Manager, RI/Pilot Lead
zachary.may@esacinc.com
Amanda Nash
Standards/Harmonization Lead
Standards Development Support Team Lead
amanda.j.nash@accenturefederal.com
Edit Contacts