View
220
Download
2
Tags:
Embed Size (px)
Citation preview
TM
Facilitating electronic sharing of data needed for public health preparedness: the National
Electronic Disease Surveillance System (NEDSS)
Claire Broome, M.D.Centers for Disease
Control and PreventionMarch 20, 2002
Public Health Data Standards Consortium
TM
NEDSS “at-a-glance”
• NEDSS is a broad initiative using national data and information system standards for development of efficient, integrated, and interoperable surveillance systems at the state and local levels • Data standards- data models, http://www.cdc.gov/nedss• Harmonizing with HL7 Reference Information Model• NEDSS System Architecture, http://www.cdc.gov/nedss
• Includes tools for electronic data transfer to health department from health care system:• Eg from multi-jurisdictional clinical labs
• Architecture built on Integrated Data Repository; data from health care to health department sent via• single pipeline: single format, receiving point, security
• Security standards (HIPAA compliant) to maintain public health track record in protecting sensitive data
• Starts with focus—infectious disease—but keeps big picture in mind
TM
NEDSS Systems Architecture
For State and local Public Health Departments
ClinicalDatabase
CDC and OtherHealth Depts.
XMLData
Exchange
ElectronicLaboratoryMessages
HL7
SecurityIntegrated State / Local DataRepository
State HealthDepartment
Local HealthDepartment
OrClinical
Site
ShareableDirectory of
PH Personnel
Reporting, GIS and AnalysisB L
B L
B L
B L
TM
Current Status of NEDSS• 50 states, 6 cities, and 1 territory funded for
NEDSS: 43 started with Assessment & Planning phase in 2000
• September 2001: 35 states and 1 city receiving funds for development of NEDSS compatible systems• 16 implementing NEDSS compatible state
developed system• 20 deploying NEDSS Base System (NBS)
• January 2002: Public Health and Social Services Emergency Fund provides major funding for state and local public health capacity, including surveillance and IT capacity
TM
IT Functions and Specifications for BT
Guidance to states from CDC and HRSA
Need- Public health emergency preparedness and response need
IT to support programmatic capacities in the guidance; systems MUST be interoperable among partners and across states
Industry Standards⁻ Involved industry standards (HL7, ebXML, SNOMED,
LOINC…)
Technical specifications⁻ Specifications derived from the standards as per the
National Electronic Disease Surveillance System (NEDSS) and Health Alert Network (HAN)
⁻ Some additional specifications to be refined with partners in coming months
TM
IT Functions and Specifications for BT Guidance
• Automated Exchange of Data Between Public Health Partners
• Management of Possible Case and Contacts Data
• Specimen and Lab Result Information Management and Exchange
• Use of Electronic Clinical Data for Event Detection
• Manual Data Entry for Event Detection
• Analysis and Visualization
• Directories of Public Health and Clinical Personnel
• Public Health Information Dissemination and Alerting
• IT Security and Critical Infrastructure Protection
TM
How can NEDSS support state and local preparedness
capacity?• IT functions and specifications in Guidance
extend and incorporate NEDSS standards• Guidance explicitly proposes NEDSS
compatible systems as basis for surveillance and response systems (focus area B) and exchange of electronic data (focus area E)
• All 50 states have NEDSS funding, and Points of Contact. Forty three states have done NEDSS assessment and planning which may help with preparedness IT planning
• Bioterrorism coordinators are encouraged to work closely with NEDSS coordinators
TM
State “Base System” Option
A NEDSS compatible system for state use developed by an experienced web software developer (Computer Sciences Corporation)
• “Base system”includes Core Demographics and National Notifiable Disease Module; person based Integrated Data repository; HL-7 messaging
• Also useful as a specific implementation of NEDSS e.g. standard messages, database model
• Base System now pilot testing with state security, DBMS infrastructure in TN and NE
• Base system is platform for other modules• States have option to use (or not) CDC modules
TM
How does NEDSS support PHDSC objectives to encourage use of standards?
• NEDSS uses actual or de facto national standards for architecture; NOT specific to infectious disease• Need for broad interoperability emphasized by
states at NEDSS stakeholders’ meeting, April 2001
• Current discussions with vital registrars, NCHS to harmonize new birth and death records re-engineering
• FY2001 intra-mural $’s to support NEDSS pilot projects beyond infectious diseases at CDC
• Discussions with CMS about CMS-NEDSS harmonization to support interoperable data systems at state level
TM
How can NEDSS help encourage use of standards?
• Understanding of need for preparedness high among providers, public
• Public private partnership with eHealth Initiative includes public health, Standards Development Organization, clinical systems vendors supporting 80% of US hospitals, providers • practical solutions to implement standard messages• early step en route to NHII
• Electronic data reporting complements alert clinicians, backstops the system, (and eases burden of public health reporting requirements)
TM
National Electronic Disease Surveillance System (NEDSS)
NEDSS Use of National Data Standards• HL7 2.3 public health lab message• HL7 Reference Information Model and supplement of
Public Health Conceptual Data Model• data storage• messaging
• HL7 Version 3.0 Public Health Notification messages• Commitment to participate with PH partners in SDO’s• LOINC, SNOMED, ICD and others (North
American Industry Classification System (NAICS), the Bureau of Labor Statistics Standard Occupational Class (SOC) codes, and various ISO codes)
TM
How does standards based approach support state health department ?
• Single, consistent approach to health sector partners to obtain public health data, and use of data in electronic format, when available—ie decreased respondent burden, decreased health department burden• Provides ability for public health to accept
electronic information from e.g. eHealth Initiative members
• Efficient use of infra-structure at state level• Skilled IT personnel• Software, hardware
TM
Automated Exchange of Data Between Public Health Partners
Need:
To have a “live” network for the secure exchange of appropriate data between partners in public health without manual intervention
Standards:
ebXML over SOAP over HTTPS with standard messages
Specifications:
A variety of message content formats including (with associated vocabularies):HL7 3.0 Public Health Notification messages (NEDSS)
HL7 2.3 lab result message
X12 messages
LDIF directory information messages
TM
Management of Caseand Contact Data
Need:
To manage and trace possible cases from detection, through lab testing and confirmation, possible prophylaxis and/or vaccination, adverse events monitoring and then follow-up
Standards:
HL7, SNOMED, LOINC, ISO
Specifications:
NEDSS logical data model, vocabularies, and extensions for possible case reports, contacts, and other data
TM
Specimen and Lab ResultInformation Management and
ExchangeNeed:
To have participating laboratories electronically receive laboratory requests, accept specimen and sample data, manage these data and immediately report electronic results to public health partners
Standards:
HL7, SNOMED, LOINC
Specifications:
HL7 2.3 public health lab result message
HL7 2.3 lab request message
TM
Use of Electronic Clinical Datafor Event Detection
Need:
To send appropriate primary use clinical data, in a timely fashion, to public health for the purpose of surveillance for the identification of possible bioterrorism or chemical attack.
Standards:
HL7, ebXML, X12, CPT, ICD
Specifications:Existing HL7 2.x, order and result messages with vocabularies
Extensions to the NEDSS Logical Data Model for storage and messaging in the areas of presenting complaint and syndromic data, laboratory order and diagnostic study requests and results, admission and discharge data, utilization data, other clinical data
TM
Manual Data Entryfor Event Detection
Need:
To accumulate for public health purposes, manually entered syndromic and other data (utilization, clinical census, aggregate diagnoses), entered at clinical points of care that may provide surveillance for the identification of a possible bioterrorism or chemical attack.
Standards:
PKI, strong authentication, WWW – N-Tiered Architecture, HL7
Specifications:
Extensions to the NEDSS Logical Data Model for storage in the areas of presenting complaint and syndromic data, laboratory order and diagnostic study requests and results, admission and discharge data, utilization data, other clinical data
TM
Analysis and VisualizationNeed:
To analyze, display, report and map data accumulated and stored according to the specifications in the other functions including outbreak detection algorithms, statistical analysis, Geographic Information Systems (GIS). To be able to share analytic, reporting and display capabilities.
Standards:
HL7 RIM
Specified Vocabularies
Specifications:
Use of a variety of Commercial Off the Shelf Software platforms
NEDSS logical data model and extensions
TM
Directories of Public Healthand Clinical Personnel
Need:
To support directories of public health participants (including primary clinical personnel), their roles and contact information for public health jurisdictions
Standards:
LDAP
Specifications:
LDAP schema for public health directories*
Public health LDIF data exchange specification*
* In draft form
TM
Public Health InformationDissemination and Alerting
Need:
To receive, manage and disseminate alerts, protocols, procedures and other information for dissemination to public health workers, primary care physicians, public health laboratorians, and public health partners in emergency response.
Standards:
SMTP, XML
Specifications:
Messages specifications to include criticality, target audience, etc. to match public health LDAP schema
TM
IT Security and CriticalInfrastructure Protection
Need:
To assuring that access to sensitive or critical information is not lost, destroyed, misappropriated or corrupted and to assure that continuity of operations can be maintained subsequent to a deliberate or natural catastrophic event.
Standards:
HIPAA, PKI, HTTPS
Specifications:Independent validation and verification security and continuity of operations
TM
State and local health department participation in
NEDSS• Partner organization “point of contact” & co-ordination,
IT Committees (ASTHO, NACCHO, CSTE, APHL, NAPHSIS, NAHDO)
• Working groups on cross-cutting topics• Participation in developing NEDSS Base System
• JAD sessions• Ongoing review of requirements drafts, prototypes• Integration testing, pilot testing Nebraska,
Tennessee• Stakeholders meetings• Representation on CDC Information Council• Web Board conferences, postings
TM
COTSApplication
COTSApplication
SystemsElement
SystemsElement
Standards Standards
NEDSS Systems Architecture Elements
• The NEDSS architecture is currently built around 8 elements that are functionally and technically defined.
• The elements encourage highly modular systems implementations.
• They are delineated by industry standards and the de facto standards of existing commercial product niches.
• They facilitate the use of commercial software as elements, but minimize proprietary commercial applications that cross element boundaries.
• They try to facilitate exit strategies to take advantage of new commercial development.
TM
Implement an integrated data repository• able to be patient centered, non-categorical• support “thick” client and web applications • (ODBC, JDBC and ANSI SQL)
Integrated State / Local DataRepository
TM
Implement a security system and appropriate security policies (Internet-based, with a firewall and certificates or tokens)
SecurityIntegrated State / Local DataRepository
TM
Conduct and support web browser-based data entry and data management.
• Internet presentable, but not necessary• Multi-tiered including an application server
to run web “forms” from others
State HealthDepartment
Local HealthDepartment
OrClinical
Site
SecurityIntegrated State / Local DataRepository
TM
Accept, route and process electronic HL7 messages containing laboratory and clinical content (LOINC, SNOMED).
ClinicalDatabase
ElectronicLaboratoryMessages
HL7
SecurityIntegrated State / Local DataRepository
State HealthDepartment
Local HealthDepartment
OrClinical
Site
TM
Develop active data translation and exchange (integration broker) functionality (XML, DTD’s HTTPS).
ClinicalDatabase
CDC and OtherHealth Depts.
XMLData
Exchange
ElectronicLaboratoryMessages
HL7
SecurityIntegrated State / Local DataRepository
State HealthDepartment
Local HealthDepartment
OrClinical
Site
TM
Develop data reporting and visualization capability (messaging and import/export ODBC, JDBC, ANSI SQL).
ClinicalDatabase
CDC and OtherHealth Depts.
XMLData
Exchange
ElectronicLaboratoryMessages
HL7
Reporting, GIS and Analysis
SecurityIntegrated State / Local DataRepository
State HealthDepartment
Local HealthDepartment
OrClinical
Site
TM
Implement a shareable directory of public health personnel (LDAP).
ClinicalDatabase Shareable
Directory of PH Personnel
CDC and OtherHealth Depts.
XMLData
Exchange
ElectronicLaboratoryMessages
HL7
SecurityIntegrated State / Local DataRepository
State HealthDepartment
Local HealthDepartment
OrClinical
Site
Reporting, GIS and Analysis
TM
Develop transportable business logic capability (COM, CORBA, EJB).
ClinicalDatabase
CDC and OtherHealth Depts.
XMLData
Exchange
ElectronicLaboratoryMessages
HL7
SecurityIntegrated State / Local DataRepository
State HealthDepartment
Local HealthDepartment
OrClinical
Site
ShareableDirectory of
PH Personnel
Reporting, GIS and AnalysisB L
B L
B L
B L
TM
Will support and run CDC developed applications and web based “case reports” that interoperate with this environment.
Integrated State / Local DataRepository
CDC Forms and Applications
CDC and OtherHealth Depts.
XMLData
Exchange
TM
What does NEDSS have to do with HIPAA?
• HIPAA mandates national health care data standards and policies in four areas:• Transaction content; unique identifiers for providers, health
plans; security; privacy
• NEDSS architecture standards are HIPAA compliant: • supports “dual use” for security, messaging elements
• Approach to NEDSS data standards is HIPAA compliant: • Adopting HIPAA standards where relevant eg electronic
laboratory reporting in NEDSS uses standards in HIPAA NPRM for laboratory claims attachment
• Advocating inclusion of data elements relevant to public health with SDO’s
TM
What does NEDSS have to do with HIPAA Privacy Rule?
• Privacy Rule allows current practice of sharing data with public health• Rule permits health care providers to share
individually identifiable information with legally authorized public health entities for public health activities
• Public health activities include surveillance (NEDSS), investigation, intervention