Data Segmentation for Privacy

November 16th, 2011

Agenda

• Introduction - 10 minutes – Recap of Activities to Date– Logistics

• Discussion Board• Purpose and Plan for additional Workgroup meetings

– Pilots• Use Case Overview - 20 minutes • Use Case Process - 20 minutes • Timeline for Use Case Development - 10 minutes • Questions/ Next Steps - 20 minutes

Recap of Activities to Date

• 10/5 - Data Segmentation Launch

• 10/18-10/19 - Kick-off and working sessions at the S&I Face to Face• Reviewed initiative goals, scope, and charter• Reviewed initial candidate user stories • Reviewed identified candidate standards • Reviewed identified candidate pilots/ current implementations

• 10/26 - Overview of 42 CFR Part 2 & 38 CFR Part 1 presented by Scott Weinstein

• 11/9 - Presented Updated Candidate User Stories & Diagrams• Workgroup will proceed with all User Stories with an emphasis on Title

38 and use Substance Abuse data as our initial target for pilot/ implementation

Logistics

• Discussion Board

• Additional working meetings will be held Mondays at 11am -12:30pm EST– Dial-in/WebEx information available on the wiki (

http://wiki.siframework.org/Calendar) – Meeting topics will be announced on the Wednesday calls

• Wiki training to be provided in the coming weeks (stay tuned)

Pilots

• 9 Current Pilots & Prototypes presented during the October F2F• Follow-on discussions have occurred regarding possible Data

Segmentation Pilots• Pilot demonstrations will be critical to validating the relevant

standards and showing the feasibility of utilizing data segmentation to protect patient privacy

• If you are interested in participating as a pilot and/or sharing a relevant implementation, please contact Johnathan Coleman (jc@securityrs.com)

Use Case Content Development Process

Use Case Template Outline

• 1.0 Preface and Introduction• 2.0 Initiative Overview

– 2.1 Initiative Challenge Statement

• 3.0 Use Case Scope– 3.1 Background– 3.2 In Scope– 3.2 Out of Scope– 3.3 Communities of Interest

• 4.0 Value Statement• 5.0 Use Case Assumptions• 6.0 Pre-Conditions• 7.0 Post Conditions• 8.0 Actors and Roles• 9.0 Use Case Diagram

• 10.0 Scenario 1, 2, x…• 10.1 User Story 1, 2, x, … • 10.2 Activity Diagram• 10.3 Base Flow• 10.4 Alternate Flow• 10.5 Sequence Diagram

• 11.0 Functional Requirements• 11.1 Information Interchange

Requirements• 11.2 System Requirements • 11.3 Dataset Requirements

• 12.0 Issues and Obstacles• Appendices

• Related Use Cases• Previous Work Efforts• References

Use Case Example

Transitions of Care (ToC)• http://wiki.siframework.org/ToC+Use+Case+%26+Requirements+%

28UCR%29+WG

Use Case Content Development

Our Workgroup will first focus on the development of User Stories and Diagrams• User Story: User Stories summarize the interaction between the actors of the Use Case, and specify

what information is exchanged from a contextual perspective

• Use Case Diagram: The Use Case diagram shows the association and interaction between the business actors and the Use Case. It provides an overview of the actors (users or external systems), Use Cases, and the interactions between them.

• Context Diagram: Uses inputs and outputs to provide a pictorial representation of the environment, both internal and external, where the exchange takes place

• Activity Diagram: An Activity Diagram is a special form of a state transition diagram in which all or most of the states are activity states or action states, and all or most transitions are triggered by completion of activity in the source states. It illustrates the Use Case flows graphically and represents the flow of events and information between the actors. It also displays the main events/actions that are required for the data exchange and the role of each system in supporting the change.

• Sequence Diagram: The Sequence Diagram is an interaction diagram that shows a set of messages arranged in a time sequence that are passed between “lifelines” or systems (shown as vertical bars) of class objects. Horizontal lines are used to identify the specific activity between the systems

• Assumption(s), Pre Condition(s), Post Condition(s), In Scope, and Out of Scope items are developed in parallel to User stories and Diagrams

Use Case Content Development (1)

• Assumptions: Use Case Assumptions section outlines what needs to be in place to meet or realize the requirements of the Use Case (i.e. the necessary privacy and security framework). These points are more functional in nature and state the broad overarching concepts related to the Initiative.

• Pre-Conditions: The Pre-Conditions section describes the state of the system, from a technical perspective, that must be true before an operation, process, activity or task can be executed. It lists out what needs to be in place before executing the information exchange as described by the Functional Requirements and dataset requirements.

• Post-Conditions: The Post Conditions section describes the state of the system, from a technical perspective, that will result after the execution of the operation, process activity or task.

Use Case Content Development (2)

• In Scope: This section indicates what is in scope for the Use Case. For example, it can include the type of transactions, the information/data to be exchanged, and specific aspects that need to be in place to enable the information to be sent and received.

• Out of Scope: This section indicates what is out of scope for the Use Case. These points may highlight dependencies on the feasibility, implementability, and usability that result in limitations of the Use Case.

Use Case Process Development (1)

Upon completion of the User Stories and Diagrams our workgroup will then focus on the development of Functional Requirements

• Functional Requirements: Functional Requirements identify the capabilities a system in a role must have in order to enable interoperable exchange of the healthcare data of interest. They provide a detailed breakdown of the requirements in terms of the intended functional behaviors of the application. The Functional Requirements include Information Interchange Requirements, System Requirements and Dataset Requirements

• Information Interchange Requirements: The Information Interchange Requirements define the system’s name and role. They also specify the actions associated with the actual transport of content from the sending system to the receiving system.

Use Case Process Development (2)

• System Requirements: This section lists the requirements internal to the system necessary to participate successfully in the transaction. System requirements may also detail a required workflow, essential to the Use Case.

• Data Set Requirements: The data elements and data element sets) that will be available within the message or document. Historically, the optional/required nature of each data element is deferred to the discussions during the harmonization phase. Each data element listed is necessary for some aspect of the Use Case

Use Case Development TimelineTentativeDate Meeting Purpose

11/21 (Monday) Working Session for Scenario 1 User Stories

11/23 (Wednesday) Thanksgiving Availability? Review User Stories (Scenario 1)

11/28 (Monday) Working Session for Scenario 2 User Stories

11/30 (Wednesday) Review User Stories (Scenario 2)

12/5 (Monday) Working Session for Scenario 3 & 4 User Stories

12/7 (Wednesday) Review User Stories (Scenario 3 & 4)

12/12 (Monday) Working Session for Scenario 5& 6 User Stories

12/14 (Wednesday) Review User Stories (Scenario 5 & 6)

Use Case Development TimelineTentative (continued) Date Meeting Purpose

12/19 (Monday) Working Session for the development of the Function Requirements

12/21 (Wednesday) Functional Requirements

12/26 (Monday) – Holiday?

12/28 (Wednesday) Working Session for the Finalization of the Use Case

1/2 (Monday) – Holiday?

1/4 (Wednesday) Finalize Use Case

1/9 (Monday) Last Working Session for updates before Consensus

1/11 (Wednesday) Seek consensus

Questions/Concerns/Next Steps • Homework

• Review working draft of Data Segmentation for Privacy use case document (download from wiki) and become familiar with document outline (see ToC example if needed)

• Note: User Stories and preliminary Use Case (in progress) also posted on the wiki pages: (http://wiki.siframework.org/Data+Segmentation+for+Privacy+Use+Cases)

• Participate in the wiki discussions• For questions, please feel free to contact your use case support

leads• Tynisha Carter; tynisha.r.carter@accenture.com • Virginia Riehl; virginia.riehl@verizon.net