@ekivemark
BlueButton on FHIRBlueButton Data-as-a-Service is a prototype design that will add functionality to the current MyMedicare.gov BlueButton Service.
Mark Scrimshire (HHS Entrepreneur-in-Residence) Gajen Sunthara (Presidential Innovation Fellow)
Centers for Medicare and Medicaid Services Office of Enterprise Data Analytics (OEDA) April, 2015
OEDA
1
@ekivemark
DisclaimerThe views expressed in this presentation are my own personal views and should not be construed as an official position of the US Department of Health and Human Services or the Centers for Medicare and Medicaid Services.
2
@ekivemark
Improving beneficiaries’ access to their data
• BlueButton has enabled 1M+ Medicare Beneficiaries to download their health data.
• BlueButton on FHIR aims to create a robust data API service enabling Beneficiaries to connect their health data with the applications and services they trust.
For beneficiaries this means: • More easily using their health data for better health For CMS this means: • Directly supporting the Presidential Precision Medicine Initiative:… that ensures consumers have access to their own health data – and to the applications and services that can safely and accurately analyze it …
4
@ekivemark
“THERE IS NO SUBSTITUTE FOR HARD WORK” … Until someone builds an App for that.
6
- Thomas Edison
Putting our health data to use is still too hard
@ekivemark
https://leicalady.files.wordpress.com/2010/08/annie-‐admiring-‐paintingsmall.jpeg
7
But People don’t want their data for it’s own sake…
@ekivemark
Our Health data should be a valuable toolwe put to good use
http://commons.wikimedia.org/wiki/File:Toolbox_(6788494881).jpg
8
@ekivemark
OAuth-enabled data APIs brings operational and security benefits
• More robust web applications(Screen Scraping anti-‐pattern)
• Visibility to real utilization metrics(Who is using the data)
• Avoiding users sharing passwords (the password anti-‐pattern)
@ekivemark
Which style of API?
Direct-based Push• Beneficiary Direct-Email
Address and Preference Management
• Backend Data Update Triggers
• SMTP+S/MIME email platform
• Identify Direct-compliant HISP
• Implement Accredited Trust Bundles from DirectTrust/NATE
FHIR-‐based Pull• Registered Application
Directory • API and Developer
Access Managed via api.data.gov
• Use Existing Beneficiary Authentication
• Web Services triggered on NGD updates
• Build Beneficiary Application Access Management
10
@ekivemark
<XML>BlueButton CCDA</XML>
FHIR. “Resources” are: • Granular clinical concepts • Managed in isolation, or
aggregated into complex documents
• Designed for the web • Based on simple XML or JSON
structures • HTTP-based RESTful protocol
with predictable URLs • Using open internet standards
for data representation • Uses OAuth for authorization
BLUEBUTTON ON FHIR
11
OAuth 2.0: • Defeats the password
anti-pattern • Creates a consistent,
flexible identity and policy architecture
• Suited to web applications, web services, devices and desktop clients communicating with Cloud APIs.
BBonFHIR: One PlaXorm – Two Services
{“json”:”format”} <xml>format</xml>
@ekivemark
On the Internet “Simple” Wins• FHIR
– Fast Healthcare Interoperability Resources – Project Argonaut
• Open source • 25 Industry Heavyweights • Public/Private partnerships
• REST API – Lightweight architecture for web services
• Eg. https://bb.cms.gov/api/1.0/beneficiary/….. – Read and write options (GET / POST)
• OAuth – Improving security through traceability – A popular Authorization protocol – Familiar to users of top web sites – Provides layers of Authorization control
• BlueButton Structured Data Formats – JSON – XML
12
@ekivemark
Clarifying the Scope of BlueButton on FHIR
• No new data is being released • Beneficiaries will still be in control of who they release their
BlueButton data to and can revoke access at any time • Currently released BlueButton data will be reformatted to make it
easier for applications to ingest and process • BBonFHIR will simplify the process of enabling beneficiaries to
connect their data to the applications and services they trust • BBonFHIR and OAuth will provide a framework for fine grained
control over who is accessing Beneficiary information
13
@ekivemark
Follow our progress, join us and contribute
• Structured File Formats: – ( https://github.com/ekivemark/claims )
• BlueButton Text to JSON Converter: – ( https://github.com/ekivemark/python-bluebutton )
• Developer Code of Honor: – ( http://2.healthca.mp/1GjOUsY )
• HL7 - FHIR – ( http://www.hl7.org/implement/standards/fhir/http.html )
• Developer.HealthCa.mp – Washington DC: May 30, 2015 – http://developer.healthca.mp
15
@ekivemark
Mark Scrimshire HHS Entrepreneur-in-Residence (CMS)
@ekivemark http://ekivemark.com
[email protected] 410-786-5049
16