NHIN Workgroup Recommendation


Published on

Published in: Health & Medicine, Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

NHIN Workgroup Recommendation

  1. 1. HIT Policy Committee NHIN Workgroup Recommendations David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of Commerce, NTIA January 13, 2010
  3. 3. Workgroup Members Chair ƒ David Lansky, Pacific Business Group on Health Co-Chair ƒ Danny Weitzner, Department of Commerce, NTIA Members • Christine Bechtel, National Partnership for Women & Families • A. John Blair, III, Taconic IPA • Neil Calman, Institute for Family Health • James Borland, Social Security Administration • Carol Diamond, Markle Foundation • Colin Evans, Dossia • Tim Cromwell, Department of Veterans Affairs • Jonah Frohlich, Deputy Secretary, Health IT, California • Leslie Harris, Center for Democracy and Technology • Arien Malec, Relay Health • Marc Overhage, Regenstrief Institute • Marc Probst, Intermountain Healthcare • Wes Rishel, Gartner • Micky Tripathi, Massachusetts eHealth Collaborative ONC/HHS ƒ Farzad Mostashari ƒ Todd Park ƒ Doug Fridsma
  4. 4. Nationwide Health Information Network • Workgroup’s Definition of the NHIN A set of policies, standards and services that enable the Internet to be used for secure and meaningful exchange of health information to improve health and health care. • NHIN Work Group Charge To create a set of recommendations for a policy and technical framework for the NHIN in a way that is both open to all and fosters innovation.
  5. 5. Workgroup Context • Meaningful use criteria in the proposed CMS rule require exchange of health information among providers and with patients to improve quality, safety, and efficiency of care, patient engagement, coordination of care, and population health. • Stage 1 criteria involve direct communication of patient data among providers and with patients (e.g., doctor to consultant, or lab to doctor, or doctor to pharmacy), where: – the exchange is for treatment or payment purposes; – the sender and receiver are known; but – the sender may or may not have a prior relationship with the recipient. • The NHIN should support achievement of Meaningful Use in 2011 and beyond.
  6. 6. Meet the needs of today and tomorrow Goal: This is part of an evolutionary path There will be incremental growth All journeys start with a few steps Stage 3 - Access comprehensive patient data Stage 2 - Automated real-time surveillance - Patient PHR access - ePrescribing refills - Electronic summary record Stage I - Receive health alerts - ePrescribing - Immunization information - Lab results into EHRs - Send clinical summary to providers and patient - Public health reporting - Quality reporting (2012)
  7. 7. EXCHANGING PATIENT DATA Authentication / Delivery Protocols Trust Relationships certificates Vocabulary/ Document/ Directories Security Message Standards
  8. 8. Foundational NHIN Components Authentication/ Delivery Protocols Trust Relationships certificates Vocabulary/ Document/ Directories Security Message Standards
  9. 9. Working Assumptions • A goal is to support widest possible participation by providers at the individual and organizational level. • Incremental approach is reasonable; change will be evolutionary. • The approach for 2011 is intended to be foundational and help progress toward longer-term aims in 2013, 2015 and beyond. • Leverage the Internet and appropriate security protocols as the transport mechanism.
  10. 10. Government Role • What can the government do today to enable the broadest participation across a wide spectrum of providers, large and small, by 2011. • Desired attributes of government role: – Recognizes (and learns from) existing patterns of exchange – Minimized to accomplish the agreed upon purposes. – Creates incentives to stimulate information exchange without impeding existing exchange models. – Fosters innovation to achieve new means for information exchange. – Facilitates long-term expansion of information exchange under a variety of scenarios.
  11. 11. Key Findings • Key elements that need to be in place to facilitate and encourage the broadest range of providers (individuals and organizations) to be able to achieve meaningful use in 2011: – Secure Internet transport. – Directories to allow parties to locate those to whom information is transferred. – Means to authenticate/validate identity of parties involved in information exchange. – Trust fabric that provides parties with sufficient confidence that the exchange can be accomplished successfully.
  12. 12. Findings: Directories • Extensive provider directories exist, but were created for different business purposes which, in their present form, may not be sufficient: – Varying types of data maintained. – Different data definitions. – Certain data may not be currently collected (e.g. place of care). – The quality and accuracy of the data. • The quality of the data depends upon the value to the subject of the data, as well as the use and incentives for accuracy. • The private sector and those government programs that rely on directories will still need to maintain and operationally support directories.
  13. 13. Findings: Identity Proofing and Authentication • Risk analysis must determine level of assurance required, this may vary depending upon context. • Assurance requires both identity proofing (carbon- based life form) and authentication (same entity); both are best done as close to the provider as possible. • Implementation may be supported through various technical means and by a multitude of entities. • The Federal Government has defined standards and services for identity proofing and authentication, as well as mechanisms to procure reliable intermediaries to manage identities.
  14. 14. Findings: Trust Fabric • Information exchange depends on common trust elements, including: – Rules for interaction. – Pre-existing personal and business relationships. – Understanding and clear expectation of how data will be used. – Assurance that the exchange takes place as expected (including the identity of those exchanging data). – Oversight and accountability for compliance. • Implementation of the trust elements will differ based on the nature of the parties to the exchange and the information being exchanged. • The absence of a mature policy and technical trust framework is an impediment to information exchange.
  15. 15. NHIN Workgroup RECOMMENDATIONS
  16. 16. Recommendations Topics 1. Meaningful Use 2. Transport vs. Content 3. Directories 4. Authentication What is the Workgroup’s definition of the NHIN? A set of policies, standards and services that enable the Internet to be used for secure and meaningful exchange of health information to improve health and health care.
  17. 17. Recommendation #1 – Meaningful Use • The policies, standards, and services of the NHIN should enable the broadest range of providers to exchange information to achieve meaningful use and enable consumers to be able to access their health information (as well as states and other organizations that support those providers). • The Federal government should focus on the minimum standards, policies and services needed for foundational exchange components to further meaningful use in the near-term.
  18. 18. Recommendation #2 – Transport vs. Content • The initial focus should be on private and secure transport over the Internet, with increased focus on data content over time. • The NHIN policies, standards and services should be structured so that simple intermediaries can provide required services for private and secure routing of health information.
  19. 19. Recommendation #3 – Directories • The federal government already maintains provider directories to meet existing federal obligations and should work with stakeholders to improve upon and leverage these directories for the NHIN. • The federal government has a unique role in assuring that authoritative provider directories are available to accelerate the exchange of information to successfully support and increase efficiency of meaningful use. • The federal government should define a core set of policies for the inter-operation of trusted directories.
  20. 20. Recommendation #4 - Authentication • Build upon existing federal standards, policies and practices for authentication and identity proofing. • Determine the level of confidence appropriate for different exchange scenarios. • Permit innovation and local autonomy in the method of authentication. • If intermediaries are involved in the exchange, make sure that certification (independent verification) of those intermediaries is done for authentication and identity proofing. • Include oversight mechanisms and redress.
  21. 21. One Possible NHIN Strawcase NHIN Root Certificate Authority y HHS Authorized HSP HHS Authorized HSP HS t i d NH NHIN HHS Artifie i d HSP HHS ertifierszed HSP Authorized uthori t NHIN HIN I Certifiers HSP CAuthorized Certificate Certifiers Certificate Certifiers Authority Authority NHIN CA issues certificate to HSP if it an Authorized HSP “NHIN Node” Directory Certifier validates that the HSP conforms to standards (HSPs, other nodes) for HSP operations (identity proofing, authentication, authorization, etc.) • Health Information Exchange Service Providers (HSPs) NOTE: Different HSPs identity proof, authenticate, and represent providers in information exchange. HSP HSP and other “NHIN HSPs manage secure delivery of nodes” (e.g., PHRs) can • HSPs can be HIOs, EHR vendors, transactions companies, health info packages (e.g., care support different levels health systems, IPAs, govt agencies, etc. summaries) via the Internet to and types of health • HSPs maintain local directories of providers they serve + and from providers via other info exchange (simple their health info exchange addresses HSPs and to and from other to more sophisticated) “NHIN nodes” (e.g., PHRs) Provider’s certified EHR generates health info package in compliance with applicable vocabulary, document, and message standards (e.g., care summary) PHR “Provider A” “Provider B”
  22. 22. Next Steps: Trust • There is a wide range of possible roles for government from no action / laissez-faire to detailed regulation or the passage of new laws. • Trust implications require further consideration by the Workgroup, in conjunction with recommendations for governance of the NHIN.
  23. 23. WEB LINKS Web Links NRPM Document: http://mycourses.med.harvard.edu/ec_res/nt/3E57FAE4- A6AB-4CA8-AF6B-FAB1537595A4/nprm.pdf Dr. John Halamka’s Blog – Life as a Healthcare CIO: Bookmarked Version of the NPRM and IFR: http://geekdoctor.blogspot.com/2010/01/bookmarked- version-of-nprm.html