Upload
joshua-wilson
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
January 19,2010 SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT
Healthcare Provider Directory (HPD)
Standards and Transaction DiscussionIHE Face 2 Face
February 1-3, 2010
Presenter: Nitin Jain (IBM/SSA), Toby Briks-Fader
SSA Representative: Shanks Kande
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 2February 2, 2010
Topics
Overview of recommended standards
Analyze in detail the recommended standards
► Identify any commonality and/or gaps between standards and HPD
Transaction Services Metadata
Next Steps
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 3February 2, 2010
Recommended Standards Overview
Standard SDO Description
ISO TC 215 : ISO/TS 21091 Health Informatics
ISO Directory services for health care providers, subjects of care, and other entities
HL7 V3 HL7 Covers message standards, interactions and the XML data model for provider registry
Lightweight Directory Access Protocol (LDAP)
OASIS Defines the messaging protocol, operations and data schema for directory services. OASIS DSML v2 as a means to cover this with SOAP messages
Personnel White Pages (PWP) IHE The Personnel White Pages Consumer may make a wide variety of queries and cascaded queries using LDAP. Intended for inside of an organization;
Universal Description Discovery and Interaction
OASIS Defines a way to publish and discover information about Web services.
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 4February 2, 2010
Messaging Standard We recommend adopting SOAP v1.2 as the messaging
standard for the following reasons:► Firewall friendly way to make remote procedures call and could
be used over HTTP/TLS. ► Promotes Interoperability by providing a shared language for
mapping structured data transmitted across different platforms and architectures.
► Allows full scale support to web services protocol standards with standard tooling, i.e. new requirements can be addressed without definition of new specification and implementations
► Encapsulates SAML assertions to carry user credentials for authorization and auditing purposes
► Extensive tooling support available for SOAP/XML
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 5February 2, 2010
ISO/TS 21091 Overview Directory services for health care providers, subjects of care, and
other entities
Supports the communication through X.500 framework
Provides common directory information model of healthcare professionals extending the X.500 object model ► Extended Attributes (e.g. HcIdentifier, HcOrganization, HcSpecialisation)
► HL7 defined attributes (e.g. HL7 Sex, HL7 County Code etc)
Supports LDAP query and syntax for representing attributes
Inherits security requirements for authentication and non-repudiation from ISO 17799 and ISO TR 13335
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 6February 2, 2010
ISO/TS 21091: Directory Information Tree
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 7February 2, 2010
Commonality between ISO/TS 21091 and HPD Requirements
Supports Transactions for ► Lookup Provider (how it is extensible for other lookup attributes)► Store Provider Contact Information, Credentials
Schema for► Healthcare Organizations, different organization types ► Individual Professionals, Credentials► Health care-specific contact information, ► Health care identifiers, roles (standard and local), ► Multiple Affiliations: Persons to Multiple Organizations affiliations► Supporting Organizations (can be used for HIE/HIO information)
Vocabulary Sets: HL7 domain, ISO 21298
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 8February 2, 2010
Gaps between ISO/TS 21091 and HPD Business Relationship definitions between Individual and
Organization XML Based messaging
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 9February 2, 2010
Enhancements on ISO/TS 21091 Encapsulating LDAP operations within XML for communication
► DSMLv2 to express LDAP requests and responses in SOAP bindings. ► DSMLv2 is a systematic translation of LDAP’s ASN.1 grammar (defined by
RFC 2251) into XML-Schema. ► Allows HPD consumers to access HPD without having to write to the LDAP
interface and offers a consistent way to interact with multiple dissimilar directories.
Open Issues► Ease of DSMLv2 implementation? ► Would it cause any unreasonable burden on the implementers and
adopters?► Currently use of DSML v2 is primarily in identity management domain
Electronic end point information of Provider, HIE/HIO:► labeledURIObject and labeledURI attribute [RFC2079]► Mail attribute
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 10February 2, 2010
HL7 v3: Personnel Management; Provider Registry Uses Messaging protocol of HL7 v3.0 Vocabulary Code set: Provider Role Type, HL7 Domain
tables Schema
► Organization (Organization), Principal Person (Individual)
► Licensed Entity (Credentials), Healthcare Provider (Specialty), LicensedEntity (Qualifications), AssignedEntity (Functional Role)
► AlsoKnownAs (Aliases), Place (Location)
► OrganizationPartOf, OrganizationContains (Organization Hierarchy)
► Employee, Affiliate (Business relationships between Individual and Organization)
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 11February 2, 2010
HL7 v3: Personnel Management; Provider Registry
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 12February 2, 2010
Commonality between HL7 v3 and HPD
Supports Transactions Add Provider Update Provider Add Provider Notification (Broadcast) Update Provider Notification (Broadcast) Query Provider Details Find Associated Providers Identifiers Query
Supports SOAP/XML Communications
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 13February 2, 2010
HL 7 v3 - Gaps/Open Questions What is the adoption of this standard in industry for
directory services Any Interoperability issues? Limited or no existence of HL7v3 provider directory in a
production environment
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 14February 2, 2010
Analysis of ISO vs HL7 V3 LDAP is much more extensively implemented than HL7
V3 Community and tooling know how easily available on
LDAP standard Tooling to support v3 schemas are incredibly complex
and coded data and costly to implement HL7 interfaces HL7v3 may pose significant barrier to adoption due to
limited or no existence of HL7v3 provider directory in a production environment
HL7 v3 relies heavily on coded vocabulary; dependency on OIDs;
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 15February 2, 2010
LDAP V3 Basis for ISO/TC 21091 Lightweight exchange protocol of X.500 schema Exchange protocol TCP/IP with LDAP specific syntax Operations: StartTLS, Bind, Search, Compare, Update,
Abandon, Unbind
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 16February 2, 2010
LDAP v3 - Advantages LDAP a very commonly implemented protocol, many
implementations including opensource
LDAP well understood and adopted across many industries
LDAP schema supports most requirements of HPD and can be extended
ISO and IHE have already adapted generic LDAP to the healthcare provider space – providing a platform for our work
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 17February 2, 2010
LDAP v3 - Disadvantages No support for SOAP/XML communication protocol in
native LDAP communication protocol.► May consider applying DSMLv2 to express LDAP requests and
responses in SOAP bindings. DSMLv2 is a systematic translation of LDAP’s ASN.1 grammar (defined by RFC 2251) into XML-Schema.
► How easy is it to implement?
► Would it cause any unreasonable burden on the implementers and adopters?
No automatic support for Notification
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 18February 2, 2010
PWP – Personnel White Pages
Personnel White Pages Directory DNS Server
Personnel White Pages Consumer
Find Personnel White Pages [ITI-23] Query Personnel White Pages [ITI-24]
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 19February 2, 2010
PWP – Query Personnel White Pages TransactionStandard: Lightweight Directory Access Protocol (v3)
Commonly used schema found in X.500 Schema for LDAP and inetOrgPerson
Schema includes required elements for: ►Names►phone #s►Email►Organization►Address►Language►Title
Optional elements: ►Alias►Vehicle license►Department►employee #►employee type►home address/phone►Photo►Locality►URI►Manager►preferred delivery method►registered address►Secretary►Uid►User S/MIME Certificate►X.500 ID
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 20February 2, 2010
PWP – Disadvantages Intended for inside of an organization. Not Designed for Broader scale to allow cross-enterprise queries.Need to accommodate Health care specifics attributes
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 21February 2, 2010
Secure IT Infrastructure
Healthcare Provider Directory
HPD Actors and Transactions
Provider Directory Source
Provider Directory Consumer
Add/Update Provider
Notify of Change
Subscribe
LookupProvider
Authentication AuditingTransaction
Actor
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 22February 2, 2010
Assumptions Secured IT Infrastructure hosting HPD provides security
services related to Authorization, Authentication and Auditing
Data validation for Add/Update transactions is out of scope
Access-based-control policy to view HPD data is out of the scope of HPD profile
HPD profile is agnostic of Search Algorithm and leave the business rules to determine exact/ambiguous rules to the HPD implementers
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 23February 2, 2010
Transaction MetadataAdd/Update Provider Request Provider Name, Aliases
Provider Type (Organization/Individual)
Provider Address
Individual Provider Other Identifiers
Individual Provider other demographics (e.g. Gender, DOB, Race etc)
Provider Specialty
Provider Credential
Provider Status and Effective Dates Individual provider association to the provider
organization
Organization structure including Facilities?
Organization/Individual Provider Association to HIE
Add/Update Provider Response
HPD Provider ID
Acknowledgement
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 24February 2, 2010
Transaction MetadataLookup Provider Request Provider Name, Alias
Provider Address
Provider global and directory Identifier (e.g. NPI, HPD Provider Id etc)
Provider other traits such as DOB, Gender
Provider Specialty
Zip code (geographic searches)
Response parameters to return
Lookup Provider Response Provider Name, Alias
Demographics
Provider associated Address
Provider Other Identifiers
Provider Specialty
Provider Status and Effective dates
Provider Type (Organization, Individual) Individual provider relationship to the
provider organization and relationship status
Provider Relationship to HIE
Associated HIE Location, URLs
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 25February 2, 2010
Next Steps (to be completed by Face to Face)
Decide on Content Model Standards
Decide on Communication standards
Confirm metadata for the Transactions
Confirm Data modeling tool
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 26February 2, 2010
Backup Slides
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 27February 2, 2010
HL7 v3: Personnel Management; Provider Registry
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 28February 2, 2010
Transaction MetadataSubscribe Request (WS-Notif) Event definition code
Provider Identifier such as HPD ID
Provider Name
Subscriber Name
Subscriber Identifier SAML search request?
Subscribe Response Subscription Id
Confirmation message
SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT SOCIAL SECURITY ADMINISTRATION-HIT SUPPORT 29February 2, 2010
Transaction MetadataNotification Request N/A
Notification Response (encoded search result?)
(Same as Lookup Provider Response)
Provider Name,
Demographics
Provider Identifiers
Provider Specialty
Individual provider association to the provider organization
Provider Association to HIE
Associated HIE service endpoints (URLs)
Provider and relationship Status
Provider Type (organization, Individual)