3
VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4 VA Activities Pilot Project Partnership VA SAMHSA Jericho Systems MITRE HIPAAT Data Segmentation for Privacy Initiative Description Phase I Push Use Case Attribute SDO AttributeName - ACS Policy Comparison Patient / Resource PatientId sourcePatientId urn:oasis:names:tc:xacml:1.0:resource:resource-id N/A patientInfo sourcePatientInfo N/A Document Type urn:oasis:names:tc:xspa:2.0:resource:type N/A Resource Designator urn:gov:hhs:fha:nhinc:service-type Target Recipient / Subject Individual requesting resource intendedRecipient urn:oasis:names:tc:xacml:2.0:subject:subject-id urn:oasis:names:tc:xspa:2.0:resource:intended:recipients Organization Name urn:oasis:names:tc:xpsa:1.0:subject:organization Facility authorInstitution urn:oasis:names:tc:xspa:1.0:subject:organization-id Facility-Type Structured Role authorRole urn:oasis:names:tc:xacml:2.0:subject:role urn:oasis:names:tc:xspa:2.0:resource:org:required-roles Home Community Id urn:oasis:names:tc:xacml:2.0:subject:locality urn:oasis:names:tc:xspa:2.0:resource:org:allowed- organizations Resource Permissions urn:oasis:names:tc:xspa:2.0:subject:service:permission s urn:oasis:names:tc:xspa:2.0:resource:required:service:per missions Data Privileges urn:siframework.org:ds4p:sensitivitypolicy*** urn:oasis:names:tc:xspa:2.0:subject:sensitivity:privil eges urn:oasis:names:tc:xspa:2.0:resource:required:sensitivity :permissions Purpose of Use urn:siframework.org:ds4p:purposeofuse urn:oasis:names:tc:xspa:1.0:subject:purposeofuse urn:oasis:names:tc:xspa:2.0:resource:intended:purposeofus e Clearence urn:uuid:f4f85eac-e6cb-4883-b524-f2705394840f urn:oasis:names:tc:xspa:2.0:subject:clearance urn:oasis:names:tc:xspa:2.0:resource:required:confidentia lity:privilege Supported Obligations urn:siframework.org:ds4p:obligationpolicy urn:oasis:names:tc:xspa:2.0:subject:supported- handling-policies urn:oasis:names:tc:xspa:2.0:resource:required:obligations Supported Refrain Policies urn:siframework.org:ds4p:refrainpolicy urn:oasis:names:tc:xspa:2.0:subject:supported-refrain- policies urn:oasis:names:tc:xspa:2.0:resource:required:refrain- policies Supported Privacy Laws urn:siframework.org:ds4p:usprivacylaw*** urn:oasis:names:tc:xspa:2.0:subject:supported-us- privacy-laws urn:oasis:names:tc:xspa:2.0:resource:org:required:us- privacy-laws Additional Evaluations Authorization urn:org:mitre:resource:patient:authorization*** Date Range Validity Check Obligations Patient urn:oasis:names:tc:xspa:2.0:resource:patient:redact N/A urn:oasis:names:tc:xspa:2.0:resource:patient:mask N/A Obligations Organization urn:oasis:names:tc:xspa:2.0:resource:org:us-privacy- law N/A uccessfully Tested Document Exchange with SAMHSA Repository via XD* stack ed Additional Exchange Assertion Attributes, Policy, and Obligations for Pull Scenarios

VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4 VA Activities Pilot Project Partnership VA SAMHSA Jericho Systems MITRE HIPAAT Data Segmentation for Privacy

Embed Size (px)

Citation preview

Page 1: VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4 VA Activities Pilot Project Partnership VA SAMHSA Jericho Systems MITRE HIPAAT Data Segmentation for Privacy

VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4

VA Activities

Pilot Project PartnershipVA SAMHSA

Jericho Systems MITRE HIPAAT

Data Segmentation for Privacy Initiative

Description Phase I Push Use Case Attribute SDO AttributeName - ACS Policy Comparison

Patient / Resource

PatientId sourcePatientId urn:oasis:names:tc:xacml:1.0:resource:resource-id N/A

patientInfo sourcePatientInfo N/A

Document Type urn:oasis:names:tc:xspa:2.0:resource:type N/A

Resource Designator urn:gov:hhs:fha:nhinc:service-type Target

Recipient / Subject

Individual requesting resource intendedRecipient urn:oasis:names:tc:xacml:2.0:subject:subject-id urn:oasis:names:tc:xspa:2.0:resource:intended:recipients

Organization Name urn:oasis:names:tc:xpsa:1.0:subject:organization

Facility authorInstitution urn:oasis:names:tc:xspa:1.0:subject:organization-id

Facility-Type

Structured Role authorRole urn:oasis:names:tc:xacml:2.0:subject:role urn:oasis:names:tc:xspa:2.0:resource:org:required-roles

Home Community Id urn:oasis:names:tc:xacml:2.0:subject:locality urn:oasis:names:tc:xspa:2.0:resource:org:allowed-organizations

Resource Permissions urn:oasis:names:tc:xspa:2.0:subject:service:permissions urn:oasis:names:tc:xspa:2.0:resource:required:service:permissions

Data Privileges urn:siframework.org:ds4p:sensitivitypolicy*** urn:oasis:names:tc:xspa:2.0:subject:sensitivity:privileges urn:oasis:names:tc:xspa:2.0:resource:required:sensitivity:permissions

Purpose of Use urn:siframework.org:ds4p:purposeofuse urn:oasis:names:tc:xspa:1.0:subject:purposeofuse urn:oasis:names:tc:xspa:2.0:resource:intended:purposeofuse

Clearence urn:uuid:f4f85eac-e6cb-4883-b524-f2705394840f urn:oasis:names:tc:xspa:2.0:subject:clearance urn:oasis:names:tc:xspa:2.0:resource:required:confidentiality:privilege

Supported Obligations urn:siframework.org:ds4p:obligationpolicy urn:oasis:names:tc:xspa:2.0:subject:supported-handling-policies urn:oasis:names:tc:xspa:2.0:resource:required:obligations

Supported Refrain Policies urn:siframework.org:ds4p:refrainpolicy urn:oasis:names:tc:xspa:2.0:subject:supported-refrain-policies urn:oasis:names:tc:xspa:2.0:resource:required:refrain-policies

Supported Privacy Laws urn:siframework.org:ds4p:usprivacylaw*** urn:oasis:names:tc:xspa:2.0:subject:supported-us-privacy-laws urn:oasis:names:tc:xspa:2.0:resource:org:required:us-privacy-laws

Additional Evaluations

Authorization urn:org:mitre:resource:patient:authorization***

Date Range Validity Check

Obligations Patient urn:oasis:names:tc:xspa:2.0:resource:patient:redact N/A

urn:oasis:names:tc:xspa:2.0:resource:patient:mask N/A

Obligations Organization urn:oasis:names:tc:xspa:2.0:resource:org:us-privacy-law N/A

urn:oasis:names:tc:xspa:2.0:resource:org:refrain-policy N/A

urn:oasis:names:tc:xspa:2.0:resource:org:handling-policies N/A

Successfully Tested Document Exchange with SAMHSA Repository via XD* stack

Defined Additional Exchange Assertion Attributes, Policy, and Obligations for Pull Scenarios

Page 2: VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4 VA Activities Pilot Project Partnership VA SAMHSA Jericho Systems MITRE HIPAAT Data Segmentation for Privacy

VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4

VA Activities

Pilot Project PartnershipVA SAMHSA

Jericho Systems MITRE HIPAAT

Data Segmentation for Privacy Initiative

NEW** Video Released – Title 38 Section 7332 Share Partial

http://174.78.146.228:8080/DS4PTitle38Section7332SharePartial.mp4

Page 3: VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4 VA Activities Pilot Project Partnership VA SAMHSA Jericho Systems MITRE HIPAAT Data Segmentation for Privacy

VA-SAMHSA DS4P Pilot – Phase 2 HIMSS13 Sprint 4

VA Activities – On Hold Coding Activities (Task Order Pending)

Pilot Project PartnershipVA SAMHSA

Jericho Systems MITRE HIPAAT

Data Segmentation for Privacy Initiative

GUI Enhancements – Pull Scenario Document Exchange

Unsecured Context Handler Interfaces

Secured Context Handler Interfaces

CDA R2 Consent Generator Lib for Demographics, Embedded XACML, and Embedded PDF

Consent Locator Services, XD* Enabled

SAML Handlers