hitsp spi layers workflows consumer privacy preferences service collaborations healthcare document...
TRANSCRIPT
HITSP SPI LayersWorkflows
Consumer Privacy Preferences
Service CollaborationsHealthcare Document
Sharing
Patient Identity Management
Access Control
Security/PrivacyC19 Entity Id C26 Non-Repudiation
T15 Security Audit
T16 Consistent Time
T17 Secure Com Channel
T24 Pseudonym
C25 Anon – Bio/Qual
C87 Anon – PubH Case
C88 Anon – Immunization
T31 Document Reliable
T33 Tx Doc on Media
T63 Emergency Msg DE
T64 ID Comm Recpents
T66 Terminology Svc
T85 Admin Tx
TP13 Share Doc
TP21 Query for Data
TP49/TP89 Imaging
Infrastructure
TP20 Access Control
TP30 Consent Mgmt
T29 Notification of Doc T81 Retrieval of Med K
TP50 Forms Mgmt
Privacy Breach Notification and Disclosure Reporting
Audit Controls
Messaging Security
De-Identification
Deliver Doc/Message
Get Information
??????????All other ISxxx
HITSP Service Pattern taxonomy
• Request/Response– Query Existing Data Service composed of: opt Patient Identity, T15(T16), T17, C19, TP20(T16, TP30),
TP21– Retrieve Images Service composed of: opt Patient Identity, T15(T16), T17, TP20(T16, TP30), TP49 or
TP89– Shared Document Exchange Service composed of: opt Patient Identity, T15(T16), T17, C19(T16),
TP20(T16, TP30), T13 use "Stored Query" (Query), "Retrieve" (Retrieve) [different service end-point]– Administrative Messaging Service composed of: opt Patient Identity, T15 (T16), T17, C19, TP20(T16,
TP30), T85– Media Documents Exchange Service composed of: opt Patient Identity, T15(T16), TP30, TP20(TP30),
T33 or TP89– Patient Identity Service composed of: T15 (T16), T17, TP20(T16, TP30), opt T23 (1st), opt TP22– Medical Knowledge Service composed of: opt T17, T81– Form for Data Capture Service composed of:
TP50, T15(T16), T17, TP20(TP30), TP50 • Send
– Point-to-Point Document Exchange Service composed of: opt Patient Identity, T15(T16), T17, C19(T16), TP20(T16, TP30), T31 (T16 is precondition)
– Document Announcement Service composed of: T64, T15(T16), TP20(TP30), T29 – Emergency Alerts Service composed of: T64, T15(T16), T17, TP20(T16, TP30), T63 – Clinical Messaging Service composed of: T15(T16),T17, TP20(T16, TP30), HL7 v2/v3 Messaging (T16
is precondition) • Publish/Register
– Shared Document Exchange Service composed of: opt Patient Identity, T15(T16), T17, C19(T16), TP20(T16, TP30), T13 use "Provide and register" (publish), or "Register" (register) [different service end-point]
SPI Security Services Suite
SPI Security Services
Manage Consents
Access Control
Record Security Audit
Synchronize Time
Secure Channel
Assert Identity
Non-Repudiation of Origin
Retrieve Pseudonym
Anonymize
SPI Infrastructure Services Suite
SPI InfrastructureServices
Query for Existing Data
Medical Knowledge Lookup
Patient Identity Lookup
Deliver Administrative Message
Deliver Emergency Alert
Deliver Clinical Message
Shared Document Exchange
Deliver Documents
Export Documents
Documents Anouncement
Access Control – Black Box view
Access Control Service
Manage Consents
Access Control
Record Security Audit
Synchronize Time
Secure Channel
Assert Identity
T15
T16
T17
C19
TP30
SCxx1
Access ControlTP20
Access Control – White Box viewRequest: Access Control
T16CT
TP30Reg/Rep
Pre-Condition
TP15ARR
C19IDP
Gather ContextAttributes
User AttrIf known
Patient AttrIf known
Make Decision
Medical Knowledge – Black Box
Medical Knowledge Service
Medical Knowledge Lookup
Secure ChannelT17
SCxx2
Retrieve Medical KnowledgeT81
Medical Knowledge - White BoxRequest: Medical
KnowledgeT81
Knowledge src
Pre-Condition
UnsecuredT17 coveredT17+C19
Or: depending on security desired (service authentication and confidentiality)
Patient Identity – Black Box
Patient Identity
Services
Patient Identity Lookup
Patient Cross-Ref
Record Security Audit
Synchronize Time
Secure Channel
Access Control
T15
T16
T17Patient Demographics
T23
TP22
SCxx1SCxx3
Patient Identity - ServiceRequest: Patient Identity
TP22PIX Mgr
T23PDQ Mgr
TP16CT
Pre-Condition
TP15ARR
UnsecuredT17 coveredT17+C19
SCxx1ACS
Query for Existing Data – Black Box
Query for Existing Data
Services
Existing Data Lookup
Record Security Audit
Synchronize Time
Secure Channel
Access Control
T15
T16
T17Query for Existing Data
TP21
SCxx1SCxx3Patient Identity
SCxx3
Query for Existing Data - ServiceRequest: Existing
Patient DataTP21
QED srcSCxx3 Patient
Identity
TP16CT
SCxx1ACS
Pre-Condition
TP15ARR
UnsecuredT17 coveredT17+C19
C19IDP