Public Health Centers: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
Line 5: Line 5:
# The patient is reliably matched to their Electronic Health Records (EHR) at a portable kiosk.
# The patient is reliably matched to their Electronic Health Records (EHR) at a portable kiosk.
# The patient is given access to their health information in a secure manner.
# The patient is given access to their health information in a secure manner.
# Patients have the means to access on line connection to a practitioner with a linkage to their PHI on an EHR.
# Patients have the means to access remote connection to a practitioner with a linkage to their PHI on an EHR.
# The patient outcomes are improved by easy exchange and monitoring  patient compliance with the care plan (ie patient to computer.)
# The patient outcomes are improved by easy exchange and monitoring  patient compliance with the care plan (ie patient to computer.)



Revision as of 16:59, 19 May 2020

Full Title

Public Health Centers as a Vulnerable Populations use case of the Identity Ecosystem Framework.

Goals

  1. The patient is reliably matched to their Electronic Health Records (EHR) at a portable kiosk.
  2. The patient is given access to their health information in a secure manner.
  3. Patients have the means to access remote connection to a practitioner with a linkage to their PHI on an EHR.
  4. The patient outcomes are improved by easy exchange and monitoring patient compliance with the care plan (ie patient to computer.)

Context

The existing context is the Trusted Exchange Framework and Common Agreement (TEFCA), the Sequoia Recognized Coordinating Entity and health information exchanges, there is ongoing dialogue regarding the data sharing agreement, interoperability, electronica health records using FHIR formats. This is a plan for engaging vulnerable populations.

The first challenge is Patient Matching which is a life or death as well as a medication fraud issue. The second challenge is the ONC’s Cures Act Final Rule which makes clear that all Patient Health information needs to be available to patients. Since a large fraction (91%) of the US population at large as well as the vulnerable population have cell phones, this use case will focus on vulnerable patients that have access to a cell phone. The large majority of those are smart phones. When patient outcomes are considered, it may even be cost effective to provide the vulnerable patient with a smart phone. The Cures act explicitly notes that applications provided with smart phones need to be from certified developers and the TEFCA adds the requirement for NIST IAL2 and AAL2 (SP 800-63-3) Identity integrated with HIE’s and record locator services to ensure interoperability and patient safety.

Today that is not a realistic or even an achievable goal for vulnerable populations. What is achievable is that our work group can start to put in place a trusted entity infrastructure for a CSP on-ramp coupled with a trust registry that is linked to a record locator service for the specific purpose of serving a vulnerable population with a user friendly app with core functionality content that is interoperable. And there is a way to incentivize user/patients to want to participate that can increase compliance, quality of life and generate a positive ROI.

Preconditions

  1. A care practice that includes outreach to vulnerable populations with a goal of improving patient outcomes.
  2. A patient intake process that is able to leverage all of the patient identification methods.
  3. A focus on mobile phone access as the medium of choice.

Actors

  1. Patient appearing at the Health Center
  2. Intake professionals to identify the patient and give them access to the Health Center
  3. Electronic Health Record Service
  4. A trusted entity, a CSP, issues or registers subscriber authenticators and issues and verifies electronic credentials of subscribers including pseudonymous identity, different levels of assurance and identity, including federations.

Scenarios

Primary Scenario:

  1. Before the patient can be admitted to the health center, and EHR is created or selected (for returning patients.) The patient is coherent and able to assist in the identification process.
  2. Patients will need a state driver’s license or a state issued ID card plus a Medicaid ID card #.
  3. Two factor authentication can be a SMS #, a biometric or a one-time password OTP.

Alternative Scenario:

  1. The patient needs to be treated immediately before identification occurs.
  2. The patient is assigned a case number and admitted to the Health Center.

Problems

Post Conditions

  1. The patient has an EHR with PHI including the results of the current visit.

References

This work is an outgrowth of the Identity Ecosystem Framework – Registry (IDEF-R) which was a work-effort under IDESG which was designed and partially built with funding from the US Department of Commerce NSTIC Program office and administered by NIST. That effort continues is in the Kantara FIRE Work Groups (Federated Identity Resilient Ecosystem) and the Health Identity Assurance. The software is available for demonstration.