Child pages
  • HIAWG Meeting Notes 2013-06-06
Skip to end of metadata
Go to start of metadata

Kantara Initiative Health Identity Assurance WG Teleconference

Meeting not quorate - Meeting notes follow

Date and Time

Date: Thursday, 6 June 2013 
Time: 10:00 PT | 12:00 CT | 13:00 ET
Dial in: TurboBridge Conferencing

Health Identity Assurance Working Group Home Page

HIAWG Wiki Home

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Leadership Nominations / Election
    4. Upcoming Events page: http://kantarainitiative.org/confluence/x/pYDWAw
    5. Report out from latest LC meeting
  2. Discussion
    1. New Mission Statement for the Group
    2. WG Charter 
    3. Aligning efforts with DirectTrust.org, EHNAC, and IDESG 
    4. Deliverables for on-boarding healthcare worker digital identities
  3. Presentation on “A Privacy Strategy for the United States Healthcare Industry” (see attached)  - Barry Hieb
  4. AOB
    1. (proposed for next meeting) Presentation on conducting risk assessments for apps dealing with PHI - Linda Goettler
  5. Adjourn

 Attendees

As of 6 June 2013, quorum is 9 of 16

Voting
  • Barry Hieb
  • Laurie Tull
  • Pete Palmer
  • Andrew Hughes
  • Minze Chien
  • Rick Moore
Non-Voting
  • Bill Braithwaite 
  • Nathan Faut
Staff
  • None 

Administration 

  • Leadership Nominations / Election
    • Meeting is not quorate
  • Upcoming Events page: http://kantarainitiative.org/confluence/x/pYDWAw
  • Report out from latest LC meeting
    • Quarterly reports - HIAWG is waaaay behind
      • The quarterly report will be changed into a monthly survey to make it easier to provide information
    • Exec Director report - not much on this call
    • Election rounds happening soon
    • New work items: 
      • New Kantara Discussion Group - Identity of Things
    • Reached out to a University to see if interns can be sourced to help with secretary roles
    • WG Updates
    • Board of Trustees - 2 new orgs have been Approved as CSP - announcements soon
    • Will be a F2F LC meeting June 20-21 in Portland

Discussion

New Mission Statement for the Group
    • Discussed the need for refocusing and fixing the charter
    • ACH to post a draft of the goals and mission statement for discussion
    • Important to note that HIAWG is the only forum for recommending adjustments to the KI IAF 
Aligning efforts with DirectTrust.org, EHNAC, and IDESG 
    • There is a pilot project underway that is examining how Health Providers might be ID Proofed once in an environment.
    • This might be a very good proving ground for the Direct-Kantara MOU
Deliverables for on-boarding healthcare worker digital identities
    • Carried over to next meeting
Presentation - Barry Hiebe

NOTE: Link to the Privacy whitepaper here: http://kantarainitiative.org/confluence/download/attachments/64389330/privacywhitepaper5-21-13.pdf

  • The Privacy white paper proposes an approach for privacy in the US Healthcare environment
    • Published a few weeks ago by Global Patient Identifiers Inc. (GPII)
    • Healthcare Privacy environment is very complex
    • Some design considerations:
      • each individual has requirements
      • the system must be voluntary - if, when, how to participate
      • must be very simple
      • must be flexible
      • must work with existing systems - this is very challenging - no existing commonality wrt security, privacy, data segregation
      • patients and physicians must be empowered
      • concern has been raised that if there is good privacy, then standard of care will suffer - false dichotomy
      • allow for exceptions - e.g. break the glass scenario & its reversibility
      • make it as hard as possible to make errors, but as easy as possible to recover from errors
      • must be inexpensive to implement and operate
    • Accurate Patient Identification is essential
    • Suggest creating 2 types of identifier: Public and Private - give these to the patient and have them apply them as appropriate
    • This design concept is inherently simple and easy to explain
    • Currently doing proof of concept deployments
  • Questions
    • What path would be needed to standardize this in a way for vendors to implement?
      • Looking for ideas for best approach - engaging about 35 in the initial development stage of the whitepaper
      • This will have to be a grassroots approach - patient demand
      • e.g. if a patient pays for an encounter, then it must be segregateable from the data set & not reportable to the insurance company
    • Are there 'official' endorsements yet?
      • Looking to see if Kantara will endorse it
      • Would like to find some pilot sites to demonstrate how it works
    • Comment: Might be appropriate to send this out to the WG for comments, and possible sending to LC as a recommendation for approval/endorsement.
    • Most vendors have several identifiers in the system: external and internal. Is this approach similar? If so, the vendors would have to adopt this as the internal identifier, correct?
      • The whitepaper suggests methods that could be used to include the privacy identifiers into records for data segmentation
    • Have there been discussions with EHR vendors about what would be needed to implement this?
    • Comment: Perhaps look to Project VRM and similar initiatives for ideas around implementation
    • Comment: Perhaps reach out to Canada Health Infoway for ideas
    • Comment: Perhaps approaching EHNAC and Direct might help to get to vendors interested in working out some of the details
  • Please send comments on the whitepaper and potential connections to Barry.
AOB
  •  None raised

Action Items

Item #DescriptionAssigned toEst. CompletionStatus
2013-06-06-001Provide a link to the Privacy WhitepaperAndrew6 June 2013

6 Jun 2013

Complete

2013-06-06-002Create and post straw man discussion version of new charter and goals for the groupAndrew13 June 2013 
2013-06-06-003Review and provide comments to Barry Hieb on the GPII Privacy whitepaperAll13 June 2013 

 

Attachments

privacywhitepaper5-21-13.pdf

Next Meeting

DateThursday, 20 June 2013 
Time: 10:00 PT | 12:00 CT | 13:00 ET
Dial in: TurboBridge Conferencing

 

  • No labels