Public Health Centers: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
Line 5: Line 5:
In context of the [https://tcwiki.azurewebsites.net/index.php?title=TEFCA Trusted Exchange Framework and Common Agreement (TEFCA), [https://rce.sequoiaproject.org/SEQUOIA Recognized Coordinating Entity] and health information exchanges, there is ongoing dialogue regarding the data sharing agreement, interoperability, electronica health records using FHIR formats. What’s needed is a plan for engaging vulnerable populations.
In context of the [https://tcwiki.azurewebsites.net/index.php?title=TEFCA Trusted Exchange Framework and Common Agreement (TEFCA), [https://rce.sequoiaproject.org/SEQUOIA Recognized Coordinating Entity] and health information exchanges, there is ongoing dialogue regarding the data sharing agreement, interoperability, electronica health records using FHIR formats. What’s needed is a plan for engaging vulnerable populations.


The first challenge is Patient Matching which is a life or death as well as a medication fraud issue. The second challenge is the [https://www.healthit.gov/curesrule/ ONC’s Cures Act Final Rule] makes clear that all Patient Health information needs to be available to
The first challenge is Patient Matching which is a life or death as well as a medication fraud issue. The second challenge is the [https://www.healthit.gov/curesrule/ ONC’s Cures Act Final Rule] makes clear that all Patient Health information needs to be available to patients. Since a large fraction of the US population at large as well as the vulnerable population, this use case will focus on vulnerable patient that have access to a cell phone. The large majority of those are smart phones. When patient outcomes are consider, it may even be cost effective to provide the vulnerable patient with a smart phone. The Cures act explicitly notes that applications provided with smart phone need to be from certified developers and the TEFCA requires adds the requirement for IAL2 and AAL2 (SP 800-63-3) Identity integrated with HIE’s and record locator services to ensure interoperability and patient safety.  
 
 
In reading the Cures Act and TEFCA it’s my understanding that the ultimate long term goal is to have the majority of all patients with an IAL2 and AAL2 (SP 800-63-3.pdf) Identity integrated with HIE’s, record locator services and EHR’s to ensure interoperability. Is that a correct assumption?


Today that is not a realistic or even an achievable goal for vulnerable populations. What is achievable is that our work group can start to put in place a trusted entity infrastructure for a CSP on-ramp coupled with a trust registry that is linked to a record locator service for the specific purpose of serving a vulnerable population with a user friendly app with core functionality content that is interoperable. And there is a way to incentivize user/patients to want to participate that can increase compliance, quality of life and generate a positive ROI.  (The proposal being shared originated with IDESG and this team).
Today that is not a realistic or even an achievable goal for vulnerable populations. What is achievable is that our work group can start to put in place a trusted entity infrastructure for a CSP on-ramp coupled with a trust registry that is linked to a record locator service for the specific purpose of serving a vulnerable population with a user friendly app with core functionality content that is interoperable. And there is a way to incentivize user/patients to want to participate that can increase compliance, quality of life and generate a positive ROI.  (The proposal being shared originated with IDESG and this team).

Revision as of 19:31, 13 May 2020

Full Title

Public Health Centers as a Vulnerable Populations use case of the Identity Ecosystem Framework.

Context

In context of the Trusted Exchange Framework and Common Agreement (TEFCA), [https://rce.sequoiaproject.org/SEQUOIA Recognized Coordinating Entity and health information exchanges, there is ongoing dialogue regarding the data sharing agreement, interoperability, electronica health records using FHIR formats. What’s needed is a plan for engaging vulnerable populations.

The first challenge is Patient Matching which is a life or death as well as a medication fraud issue. The second challenge is the ONC’s Cures Act Final Rule makes clear that all Patient Health information needs to be available to patients. Since a large fraction of the US population at large as well as the vulnerable population, this use case will focus on vulnerable patient that have access to a cell phone. The large majority of those are smart phones. When patient outcomes are consider, it may even be cost effective to provide the vulnerable patient with a smart phone. The Cures act explicitly notes that applications provided with smart phone need to be from certified developers and the TEFCA requires adds the requirement for IAL2 and AAL2 (SP 800-63-3) Identity integrated with HIE’s and record locator services to ensure interoperability and patient safety.

Today that is not a realistic or even an achievable goal for vulnerable populations. What is achievable is that our work group can start to put in place a trusted entity infrastructure for a CSP on-ramp coupled with a trust registry that is linked to a record locator service for the specific purpose of serving a vulnerable population with a user friendly app with core functionality content that is interoperable. And there is a way to incentivize user/patients to want to participate that can increase compliance, quality of life and generate a positive ROI. (The proposal being shared originated with IDESG and this team). The trusted entity, a CSP, issues or registers subscriber authenticators and issues and verifies electronic credentials of subscribers including pseudonymous identity, different levels of assurance and identity, including federations.

Regarding the user/patient, their mobile phone/smartphone will be the medium of choice along with a medical facility health kiosk. Users will need a state driver’s license or a state issued ID card plus a Medicaid ID card #. Two factor authentication can be a SMS #, a biometric or a one-time password OTP. The process details will be shared at a later time.

A sister project to the above is the Identity Ecosystem Framework – Registry (IDEF-R) which was a work-effort under NSTIC-IDESG which was designed and partially built (2/3 complete) with funding from NIST. The members of that team are the same individuals now on the Kantara FIRE Work Group (Federated Identity Resilient Ecosystem) which I am Chair. The software is available for demonstration and has been demonstrated to the CARIN Alliance Identity Work Group of which I am a member.

Note to self:…….I think I might send a cover page with the following or something like it – thoughts?????? In early February Dr Tom Sullivan and I sent to Dr. Don Rucker a package with a Patient Choice document that also included a letter as Chairs from our respective Committees that we Chair at Kantara supporting ONC and the Cures Act. Dr. Tom is Chair of the Kantara Healthcare Work Group and I am his vice chair. We work closely together for he also is an active contributor to the FIRE WG that I chair; one might say we are Dr. Tom’s technical support team.

References

  • Design Principles/Goals for a Healthcare Identity Environment Architecture shared with the ONC in February 2020 in support of the Cures Act formalization. Signed by Dr. Thomas Sullivan, chair of the Healthcare Identity Assurance Work Group, and Jim Kragh, chair of the Federated Identifiers Work Group, of the Kantara Initiative.
  • See the wiki page on the Phone as Health Care Credential as providing a large part of the US population with excellent patient matching.
  • See the wiki page on Patient Choice as requiring a high level of protection for patient health information outside of HIPAA servers.
Retrieved from "https://wiki.idesg.org/index.php?title=Public_Health_Centers&oldid=14547"