structured data capture (sdc) ucr to standards crosswalk analysis
DESCRIPTION
Structured Data Capture (SDC) UCR to Standards Crosswalk Analysis. July 11, 2013. UCR to Standards Crosswalk . UCR-Crosswalk Analysis Update Added three new standards CDA Questionnaire Form IG CDA Questionnaire Response IG Author of Record ( esMD ) - PowerPoint PPT PresentationTRANSCRIPT
Structured Data Capture (SDC)UCR to Standards Crosswalk Analysis
July 11, 2013
UCR to Standards Crosswalk • UCR-Crosswalk Analysis Update
– Added three new standards • CDA Questionnaire Form IG• CDA Questionnaire Response IG• Author of Record (esMD)
– Completed Mapping of all Standards against Requirements– Identified suitable Standards for Transport, Security, and Authentication
• Transport: SOAP and REST• Security: TLS • Authentication: SAML 2.0
Transport & Security Content & Structure
# Transaction Transport Authentication
Security/ Encryption Service
Authorization
/ConsentOrganizer/ Container Item Payloads
Reference Information
Model
II01EHR System - Send
Form/template request to Form/Template Repository
SOAPREST SAML TLS
RFDXD*IHE DEX
XUA N/A
To be considered over the longer term:
FHIMCIMICDASH
II02EHR System - Send
Form/Template Request to Form/Template Repository with relevant patient data
SOAPREST SAML TLS RFD
XD*XUABPPC
ODM (partial)ICSR (partial)HL7 V3 - Patient Administration Domain
CDA R2CCDACommon Formats (partial)
II03Form/Template Repository
- Sends blank form/template
SOAPREST
SAML TLSRFDXD* (partial)IHE DEX
XUA
CDA R2 (partial)CDA Questionnaire Form IGIHE DEXXHTMLODM (partial)
CDA R2 (partial)CDA Questionnaire Form IGX-FormsXHTMLCommon Formats (partial)CDS Knowledge Sharing IG
II04
Form/Template Repository - Sends form/template with
populated patient data*consider dependency on how
population occurs
SOAPREST SAML TLS
RFDXD* (partial)IHE DEX
XUABPPC
CDA R2 (partial)CDA Questionnaire Form IGIHE DEXXHTML
CDA R2 (partial)CDA Questionnaire Form IGX-FormsXHTMLCDS Knowledge Sharing IG
II05EHR System - Sends
completed form/template structured data
SOAPREST SAML TLS RFD
XD* (partial)
XUABPPCAuthor of Record (esMD)
CDA Questionnaire Response IG
CDA Questionnaire Response IGCDA R2 (partial)CCDA (partial)X-Forms (partial)CDS Knowledge Sharing IG (partial)
S04
Form/Template Repository - (Conditional) Auto-
population of retrieved form / template with EHR-
sent patient data
N/A IHE DEX XUABPPC
ISO 11179 (partial)ODM CDS Knowledge Sharing IG
S05
EHR System - (Conditional) Auto-population of
displayed form / template with EHR-derived patient
data
N/A IHE DEX N/A ISO 11179 (partial)ODM CDS Knowledge Sharing IG
S08EHR System - Store
structured data from form/template in standard
formatN/A RFD X-Forms
XHTML
# Transaction Transport Authentication Security/Encryption Notes on dependencies
II01EHR System - Send
Form/template request to Form/Template Repository
SOAPRESTDirect (SMIME)
SAMLTLSDirect (SMIME)HTTPS
• Create IG guidance around substitutable transport options (for all requirements)
II02EHR System - Send
Form/Template Request to Form/Template Repository with
relevant patient data
SOAPRESTDirect (SMIME)
SAMLTLSDirect (SMIME)HTTPSXD*
• Do some of the services specify specific transports?
II03 Form/Template Repository - Sends blank form/template
SOAPRESTDirect (SMIME)
SAMLTLSDirect (SMIME)HTTPSXD* (partial)
II04Form/Template Repository -
Sends form/template with populated patient data
SOAPRESTDirect (SMIME)
SAMLTLSDirect (SMIME)HTTPSXD* (partial)
II05 EHR System - Sends completed form/template structured data
SOAPRESTDirect (SMIME)
SAMLTLSDirect (SMIME)HTTPSXD* (partial)
Transport and Security
4
Transport & Security – Transport
Standard Summary of Findings from UCR Crosswalk
Keep?Y/N Rationale Gaps &
Mitigation
SOAP~Transport~
HITSC Rating:*M: 100A: 100SI: 100T: 100
(Y) Fits:Commonly used transport standard.
(P) Partially Fits:
(N) Does not Fit:
Y • Supports all of the anticipated content• Mature • Widely adopted• Synchronous
REST~Transport~
HITSC Rating:*M: 100A: 100SI: 42.9T: 88.3
(Y) Fits:Commonly used transport standard.
(P) Partially Fits:
(N) Does not Fit:
Y • Supports all of the anticipated content• Mature • Adoption increasing• Synchronous
Direct (SMIME)~Transport~~Security~
HITSC Rating:*M: 88.2A: 96.5SI: 42.9T: 81.7
(Y) Fits:Can be used as an additional or optional layer of security on top of REST and/or SOAP
(P) Partially Fits:
(N) Does not Fit:SOAP and REST may be sufficient on their own. Is there any reason to keep DIRECT?
N • Supports all of the anticipated content• Maturing/Mature• Adoption increasing• Asynchronous
• Potential future consideration
5
Transport & Security – SecurityStandard Summary of Findings from UCR
CrosswalkKeep?Y/N Rationale Gaps &
Mitigation
XD*~Security~
HITSC Rating:*M: 93.3A: 93SI: 52.4T: 84.8
(Y) Fits:
(P) Partially Fits:Related to metadata for existing documents that have been registered
Could require modifications/ extensions to be appropriate to use with other standards (RFD for example)
(N) Does not Fit:
Not on T&S
• Consider in Content & Structure • Does specify the use of TLS
TLS~Security~
HITSC Rating:*M: 100A: 100SI: 42.9T: 88.3
(Y) Fits:Fulfills all Information Interchange requirements for Security
(P) Partially Fits:
(N) Does not Fit:
Y • Highly functional and fitting to the Use Case• Mature standard• Adoption increasing• Superset of SSL• Gives assurance that you don’t have “rogue node”
participation• FISMA requires TLS for exchange w/ Federal
Agencies• Both sides supply and validate security certificates• TLS v1.0 is recommended
• Cost and management of certificate is an issue
• TLS v1.1 & v1.2 is still not widely accepted (about 10-12%)
HTTPS(SSL)
~Security~
HITSC Rating:*M: 88.2A: 96.5SI: 33.3T: 86.4
(Y) Fits:Fulfills all Information Interchange requirements for Security
(P) Partially Fits:
(N) Does not Fit:
N • Mature standard• Widely adopted • Less security options
• TLS specifies the exchange & validation of certificates at both sides – would not get with HTTPS/SSL
• Long term sustainability?
6
Transport & Security – AuthenticationStandard
Summary of Findings from UCR Crosswalk
Keep?Y/N Rationale Gaps &
Mitigation
SAML 2.0~Authentication~
HITSC Rating:*M: 96.2A: 100SI: 9.5T: 79.7
(Y) Fits:Fits all Information Interchange Requirements for Authentication
(P) Partially Fits:
(N) Does not Fit:
Y • Standard adopted & mature for use in relevant SDC transactions• Ability to communicate assertion from one user to another is some use
cases is a mandate – and in all of our user stories provides an additional level of content
• SAML 2.0 with SOAP and OAuth 2 with REST are the traditional approaches
• SAML 2.0 is not designed to work with REST
7
8
# Transaction Service Authorization /Consent
Organizer/Container Item Payloads
Reference Information
ModelNotes on dependencies
II01
EHR System - Send Form/template
request to Form/Template
Repository
RFDXD*IHE DEX
XUA N/A
FHIMCIMICDASH
II02
EHR System - Send Form/Template
Request to Form/Template Repository with relevant patient
data
RFDXD*
XUABPPC
ODM (partial)ICSR (partial)HL7 V3 - Patient Administration Domain
CDA R2CCDACommon Formats (partial)
II03Form/Template
Repository - Sends blank
form/template
RFDXD* (partial)IHE DEX
XUA
CDA R2 (partial)CDA Questionnaire Form IGIHE DEXXHTMLODM (partial)
CDA R2 (partial)CDA Questionnaire Form IGX-FormsXHTMLCommon Formats (partial)CDS Knowledge Sharing IG
II04
Form/Template Repository - Sends form/template with populated patient
data
RFDXD* (partial)IHE DEX
XUABPPC
CDA R2 (partial)CDA Questionnaire Form IGIHE DEXXHTML
CDA R2 (partial)CDA Questionnaire Form IGX-FormsXHTMLCDS Knowledge Sharing IG
II05EHR System -
Sends completed form/template structured data
RFDXD* (partial)
XUABPPC
CDA Questionnaire Response IG
CDA Questionnaire Response IGCDA R2 (partial)CCDA (partial)X-Forms (partial)CDS Knowledge Sharing IG (partial)
Content & Structure
8
Content and Structure – Service / Container
Standard Summary of Findings from UCR Crosswalk
Keep?Y/N Rationale Gaps & Mitigation
RFD~Service~
HITSC Rating:*M: 89A: 94.7SI: 33.3T: 79.5
(Y) Fits:Fulfills all Information Interchange Requirements for Service category
(P) Partially Fits:
(N) Does not Fit:
Y • RFD in its current instantiation specifies SOAP• RFD is an integration profile• It lays down the plumbing and delegates
specifics about content & domain knowledge for content profiles
• Would allow for substitutability of various content forms
• Use of XUA or other is left to the clinical domains
• RFD to reconsider REST as well as SOAP
• At some points, RFD may be too specific for SDC IG
XD*~Service~
HITSC Rating:*M: 93.3A: 93SI: 61.9T: 86.74
(Y) Fits:Describes the payload
(P) Partially Fits:Partially supports II03, II04 & II05
Related to metadata for existing documents that have been registered
(N) Does not Fit:
Discuss • Discuss more with SDC All Hands WG• Specifies the use of TLS
• Doesn't have any provisions for "Form" and "Auto-population“
• Could require modifications/ extensions to be appropriate to use with RFD
IHE DEX~Service~
~Container~
HITSC Rating:*M: 67.1A: 86SI: 0T: 59.7
Not finalized yet. Not mature. Lack of substantial experience out there with IHE DEX; The way it currently defines data element does not fit well with other X Paths
Container for II03 & II04
Discuss • Discuss more with SDC All Hands WG • Not mature & tested yet
9
Content and Structure – Container & PayloadsStandard Summary of Findings from
UCR CrosswalkKeep?Y/N Rationale Gaps & Mitigation
CDA R2~Container~
~Item Payloads~
HITSC Rating:*M: 87.8A: 86SI: 57.1T: 80.9
(Y) Fits: II02
(P) Partially Fits:Fulfills II03, II04 & II05 partially
(N) Does not Fit:
Discuss
CDA Questionnaire
Form & Response
IGs~Container~
~Item Payloads
HITSC Rating:*M: 54.85A: 77.19SI: 38.1T: 58.9
(Y) Fits:II03 (Form), II04 (Form) & II05 (Response)Questionnaire as defined could be a generic document -- form/templateDeveloping templates to inform these two guides -- form is not yet specific to a patient, in the case of a CDA R2 document always in relation to a patient
(P) Partially Fits:
(N) Does not Fit:
Discuss • May be able to leverage part of the standards to develop section-level XML templates for the SDC data buckets
• RFD currently states that X-Forms of XHMTL should be used for the response
• Are the CDA IGs compliant?
XHTML~Container~
~Item Payloads~HITSC Rating:*M: 98.3A: 100SI: 4.76T: 79.7
(Y) Fits:Fulfills II03 & II04 requirements
(P) Partially Fits: Consider using something more generic like HTML5, HTML or XMLXHTML is basically a restricted HTML(N) Does not Fit:
Discuss
10
Content and Structure - Container & Payloads
Standard Summary of Findings from UCR Crosswalk
Keep?Y/N Rationale Gaps &
Mitigation
C-CDA~Item Payload~
HITSC Rating:*M: 86.5A: 87.7SI: 80.9T: 85.8
(Y) Fits:Mapped to II02(P) Partially Fits:Partially to II05.CCDA contains specific templates of CDA. Issues may arise when document is being pushed out as a C-CDA document.(N) Does not Fit:
Discuss • Use CDA-based standards but do not constrain to the available CCDA templates (?)
• Would need to define new CCDA templates
Common Formats
~Item Payload~
HITSC Rating:*M: 100A: 100SI: 57.4T: 88.1
(Y) Fits:
(P) Partially Fits:Fulfills II02 & II03
Common Formats are exchanged using CDA XML file structure (document structure: CDA, file format: XML
(N) Does not Fit:
Discuss
X-Forms~Item Payload~
HITSC Rating:*M: 36.7A: 89.5SI: 0T: 46.8
(Y) Fits:(P) Partially Fits:XML DerivativeFulfills II03 & II04 because X-Forms was intended to be used for these Information Interchange Transactions(N) Does not Fit:
Discuss
11
Content and Structure – PayloadStandard Summary of Findings from
UCR CrosswalkKeep?Y/N Rationale Gaps &
Mitigation
CDS Knowledge Sharing IG
~Item Payload~
HITSC Rating:*M: 43.9A: 89.5SI: 71.4T: 64.7
(Y) Fits:Fulfills II03 & II04Good fit for the content of the form itselfConsider as the payload
(P) Partially Fits:Partially II05
Supports transformation of the form data into some other modelSDC to look at how transformations could work with the standards so it could be published in multiple formats
(N) Does not Fit:
Discuss • There could be an extension to the schema to support II01 & II02 requests
12
Content and StructureStandard Summary of Findings from UCR
CrosswalkKeep?Y/N Rationale Gaps &
Mitigation
XUA~Authorization
/Consent~
HITSC Rating:*M: 90.7A: 91.2SI: 0T: 72.3
(Y) Fits:Fulfills all Information Interchange Requirements for Service category
T&S standard(P) Partially Fits:
(N) Does not Fit:
Y
BPPC~Consent~
HITSC Rating:*M: 100A: 61.9SI: 61.9T: 81.7
(Y) Fits:
(P) Partially Fits:Only fulfills II03, II04 & II05 requirements
T&S Standard(N) Does not Fit:
Y • More explicitly tied to the concept of community-exchanges
CDA Consent Directive IG
~Consent~
HITSC Rating:*M: 75.95A: 94.74SI: 9.52T: 68.62
Was not evaluated Discuss • Also look at this more closely
13
Content and StructureStandard Summary of Findings from
UCR CrosswalkKeep?Y/N Rationale Gaps &
Mitigation
ODM~Container~
HITSC Rating:*M: 88.6A: 94.7SI: 0T: 72.5
(Y) Fits:Fulfills S04 & S05
(P) Partially Fits:Partial for II02 & II03Content of ODM is non-restrictive. Use for quality measure reporting. Capable of accommodating other data elements if properly configured.
(N) Does not Fit:
N • Partially fits and constrained for specific Use Cases
ICSR~Container~
HITSC Rating:*M: 79.3A: 87.7SI: 38.1T: 73.7
(Y) Fits:
(P) Partially Fits:Partial for II02
Part of public health initiative in S&I Framework(N) Does not Fit:
N • Partially fits and constrained for specific Use Cases
HL7 V3 - Patient
Administration Domain ~Container~
HITSC Rating:*M: 58.3A: 78.1SI: 50T: 63.2
(Y) Fits:Full solution for II02
(P) Partially Fits:HL7 V3 Doesn’t support returning form data
(N) Does not Fit:
Discuss
14