meeting etiquette
DESCRIPTION
Meeting Etiquette. Please announce your name each time prior to making comments or suggestions during the call Remember: If you are not speaking keep your phone on mute Do not put your phone on hold – if you need to take a call, hang up and dial in again when finished with your other call - PowerPoint PPT PresentationTRANSCRIPT
Meeting Etiquette• Please announce your name each time prior to making comments or
suggestions during the call• Remember: If you are not speaking keep your phone on mute• Do not put your phone on hold – if you need to take a call, hang up
and dial in again when finished with your other call – Hold = Elevator Music = very frustrated speakers and participants
• This meeting, like all of our meetings, is being recorded– Another reason to keep your phone on mute when not speaking!
• Feel free to use the “Chat” or “Q&A” feature for questions or comments, especially if you have a bad phone connection or background noise in your environment
NOTE: This meeting is being recorded and will be posted on the Wiki page after the meeting
From S&I Framework to Participants:Hi everyone: remember to keep your phone on mute
RHEx Pilots Lessons Learned
WebEx #827 September 2012
Powering Secure, Web-Based Health Data Exchangewiki.siframework.org/RHEx
3
What is RESTful Health Exchange (RHEx)?
• Open source, exploratory project to apply Web technologies to demonstrate a simple, secure, standards-based health information exchange – Builds the foundation for patient access to data via the Web and
mobile devices, removing barriers to broad electronic health data exchange
– Offers a new approach to health data exchange – From moving documents to linking to needed information
• Sponsored by the Federal Health Architecture (FHA) program in FY12
• Continues tradition of Federal partner leadership– Investing in innovative solutions to health IT needs– Sharing results with entire health IT community
RHEx informs a path forward on RESTful health data exchange
Outline
• Overview of RHEx Pilots• RHEx Pilot with TATRC • RHEx Pilot with HealthInfoNet• Lessons Learned• Conclusions
4
55
• Pilot with TATRC– Goal: Demonstrate simple, secure RESTful health data
exchange in two phases– Use Case: Consults/Referral
• Selected via discussions with Federal Partners– FHA Partner: Steve Steffensen and Ollie Gray, TATRC
• Telemedicine & Advanced Technology Research Group (TATRC), U.S. Army Medical Research & Materiel Command (MRMC)
• Pilot with HealthInfoNet– Goal: Investigate use of RESTful approach to populate
Maine HIE (HealthInfoNet) Clinical Data Repository – Use Case: Populate single electronic health record for
patients in medically underserved areas– FHA Partner: Todd Rogow, HealthInfoNet
Develop proof of concept for a World Wide Web model for health data exchange
RHEx Pilots
6
Two different RHEx pilots
Pilot with TATRC focuses on secure RESTful transport
between people
Pilot with HealthInfoNet focuses on secure RESTful
transport between machines
Secure RESTful transport:OpenID Connect for distributed
user authentication(person in the loop)
Secure RESTful transport:OAuth2 for service to service
authentication(machine to machine)
Consult/Referral Transport volumes of data to State HIE Clinical Data Repository
Patte
rnU
se
Cas
eSe
curit
y
Differences in:
7
TATRC PILOTRHEx Pilots Lessons Learned
8
RHEx Pilot with TATRC
• Worked with selected federal partners to identify critical capability gaps and select a prototype use case– Consult results are not consistently sent to PCP today, impacting
healthcare for Veterans and Service Members• Demonstrate secure, RESTful health data exchange in
support of Consult/Referral scenario• Phase 1: Secure exchange
– Implement the secure exchange of health data with Direct secure messaging and OpenID authentication
– Develop an OpenID Connect Identity Provider and a simple Web application that will act as the Relying Party
• Phase 2: Content– Provide a richer set of services by utilizing emerging standards to
support secure exchange of data in a granular fashion
consult results
Sample Consultation/Referral Process
9
PCP Payer
consult request
Consult results are not consistently sent to PCP resulting in diminished patient care
authorized consult request
PCP = Primary Care Physician= Paper, Fax, or Email
Consulting Physician
Consulting Physician
consult results
Improving the Consultation/Referral Process
10
PCP Payer
consult request authorized consult request
PCP = Primary Care Physician
RHEx approach allows PCP and Consulting Physician to access and retrieve current, relevant portions of each other’s
records when they need them
URL-1 = Consult Requests Details URLURL-2 = Consult Results Details URL
URL-2Message
MessageURL-1
MessageURL-1
URL-1
URL-2
Phase 1 Focus
11PCP = Primary Care Physician
Phase 2 Focus
URL-3
Links to patient vitals
12
TATRC Pilot Architecture
13
HEALTHINFONET PILOTRHEx Pilots Lessons Learned
Motivation for Pilot with HealthInfoNet
• Worked with HealthInfoNet to identify how RHEx technology might be applied– Today, patient health data from 26 hospitals and 240 ambulatory practices is
moved in near real time to the Clinical Data Repository at HealthInfoNet – However, data is not sent today from smaller organizations who do not have the
expertise to support a traditional HL7 interface connection to the HIE– By providing a simple, lightweight, secure method of transferring health data,
small practices in underserved areas in Maine will be able to participate in the Maine HIE system
– In addition, this work will contribute to the foundation for standard, machine processable formats from providers to Maine HIE for smaller healthcare organizations
14
15
Goal of RHEx Pilot with HealthInfoNet
• Demonstrate secure, RESTful health data exchange from a Federally Qualified Health Center (FQHC) to Maine HIE using RHEx
IslandsCommunity
Medical Services
16
Health data flow for connected providers in Maine
A patient can opt out of the Maine HIE system.
1. Provider sends form to Maine HIE.
A patient can refrain from opting out of the Maine HIE system.
3. Maine HIE deletes the patient health data and marks patient as “opted out”.
XXXXXX
Opted out
2. Flow of patient data from provider to HIE is blocked.
X
1. After patient visit is complete, physician updates patient’s record.
3. HL7 message is sent in near real time.
2. EHR system sends message to Maine HIE.
Single VPN Interface for healthcare
organizations
17
Health data flow for Islands Community Medical Services in RHEx pilot
A patient can opt out of the Maine HIE system.
1. Provider sends form sent to Maine HIE.
A patient can refrain from opting out of the Maine HIE system.
3. Maine HIE deletes the patient health data and marks patient as “opted out”.
XXXXXX
Opted out
2. Flow of patient data from provider to HIE is blocked.
X
1. After patient visit is complete, physician updates patient’s record.
3. C32 document is encrypted and sent in near real time to Maine HIE using HTTPS POST over the Web.
2. EHR system automatically generates a patient’s C32 and places it in a file directory for transport.
Opting out process is same as for connected providers.
Islands Community Medical Services
HealthInfoNet Pilot Architecture
Islands Community Medical Services
Shared File
System
EHR Trigger
EHR Environment
OAuth2
TLS
RHEx Client
HL7 v2messages
OAuth2 Server
Maine HIEDMZ
RHEx Endpoint
Integration Engine
Clinical Data Repository
C32 Processing Queue
OAuth2 Client
Database
TranslationC32s
C32
18
EHRSystem
greenC32s
Translation to HL7 v2
19
LESSONS LEARNED AND CONCLUSIONS
RHEx Pilots Lessons Learned
20
Lessons Learned, 1 of 2
• Collaboration with TATRC and HealthInfoNet has been outstanding
• REST architectural style applies to multiple patterns of use– Person to person– Machine to machine– Can be leveraged to securely transport different types of
documents/messages• Use of REST aids in troubleshooting integration problems
– Easier to inspect network traffic – Most network transactions can be tested via web browser
sessions• REST is not a magic bullet - integration issues still occur
– e.g., Issues with clocks being out of sync
21
Lessons Learned, 2 of 2
• Use of OAuth and OpenID Connect work well as identity and authentication solutions
• greenC32 format useful for standardizing input to HIE Clinical Data Repository, but standardization tool still needs to be configured to handle different vendor C32s
• RHEx could be a solution for pushing large volumes of data in support of health information exchange
• EHR automated trigger capability requires licensing by some EHR vendors (cost could be prohibitive for small independent providers)
22
Conclusions
• RHEx project has explored secure, Web-based health data exchange, building the foundation for future advances in health care– Allows providers and patients to exchange health data
securely over the World Wide Web– Building foundation for secure access via mobile devices
• Concepts were tested in pilots with TATRC and HealthInfoNet
• Lessons learned can be applied in future initiatives– e.g., Automating Blue Button Initiative (ABBI)
RHEx is informing a path forward for the future of health data exchange
23
Discussion
24
BACKUP CHARTSRHEx Pilots Lessons Learned
25
Sending A Referral
AHLTAvia
PAWS
DynamicDocument
Service
PCP System
AuthenticationService
OpenID
RHEx Endpoint
OAuth
Test Data
OpenID Provider
OpenIDProvider
Consult
2. Direct message with referral link is sent.
6. U
ser a
uthe
ntic
ates
.
Direct Gateway
Direct Gateway
1. PCP creates referral.
5. User redirected to OpenID Provider for authentication.
7. User redirected back to URL.
8. Referral viewed by user.
4. User accesses link http://pcp.com/patient1/referral/1.
3. User receives message.
PCP
RHEx TATRC Pilot Phase 2 Model Vision
26
greenC32
Patient
Procedures
Allergies
Medications
Lab Results
Vital Signs
PCP EHR Consulting Provider EHR
27
Approach to Content Organization, 1 of 2
Abstract Content Model Diagram
Supports coarse documents
OData could be implemented as a Section Feed
Supports hierarchy of patient data
Describes content available and resource URIs
URIs can point to DICOM images or granular patient data, such as allergy or medication
28
Approach to Content Organization, 2 of 2
Course Grained Link Example
Granular Content Link Example
https://example.org/patient1234/c32/c321.xml
https://example.org/patient1234/org.hl7.simplified/allergies/allergy2.xml
HTTP POSThttp://healthinfonet.org/rhex/Islands Community Medical Services/1234/c32?token=e2FzZHNkOiAicG9k…
Technical data flow in RHEx pilot, 1 of 2
Islands Community Medical Services
Shared File
System
EHR Trigger
EHR Environment
OAuth2
TLS
RHEx Client
1. After patient visit is complete, physician updates patient’s record in EHR system.
2. EHR system trigger is used to move C32 document to shared file system.
3. RHEx Client detects the update and invokes OAuth2 workflow.
4. OAuth2 Server authenticates client and secure transport is established.
HL7 v2messages
OAuth2 Server
Maine HIEDMZ
RHEx Endpoint
Integration Engine
Clinical Data Repository
C32 Processing Queue
OAuth2 Client
Database
TranslationC32s
C32
5. C32 document is encrypted and moved to the RHEx endpoint over the Web using HTTPS POST.
29
EHRSystem
greenC32s
Translation to HL7 v2
HTTP POSThttp://healthinfonet.org/rhex/Islands Community Medical Services/1234/c32?token=e2FzZHNkOiAicG9k…
Technical data flow in RHEx pilot, 2 of 2
Islands Community Medical Services
Shared File
System
EHR Trigger
EHR Environment
OAuth2
TLS
RHEx Client
HL7 v2messages
OAuth2 Server
Maine HIEDMZ
RHEx Endpoint
Integration Engine
Clinical Data Repository
C32 Processing Queue
TranslationC32s
TokenStore
6. RHEx endpoint moves the C32 to a processing queue within the Maine HIE firewall, where it is decrypted.
7. C32 document is processed by the queue, translated into greenC32 and sent to Integration Engine.
8. Orion sends HL7 message to Clinical Data Repository.
30
EHRSystem
greenC32s
Translation to HL7 v2