|Submitted By: KarenP-SSA / Social Security Administration (SSA)|
|Data Element Information|
|Use Case Description(s)|
|Use Case Description||SSA’s disability determination process requires the review of detailed medical records of disability applicants.
Due to the COVID-19 pandemic, SSA field offices are closed. This prevents disability applicants from submitting paper medical records they hold to those field offices. An alternative would be submitting this information to SSA electronically. A matter of convenience that would be used by few in normal times, the demand for this submission channel has mushroomed during the pandemic.
However, SSA cannot accept electronic medical records submitted by applicants because the integrity of those records cannot be verified without knowing the author and without (cryptographic) digital signatures of the content. Adding the Signature element to Provenance would provide content integrity verification and resolve this blocker for SSA disability applicants.
|Estimated number of stakeholders capturing, accessing using or exchanging||3 million disability applicant (patients) interact with SSA annually, involving 15-20 million medical records from almost 500,000 providers.|
|Link to use case project page||https://github.com/SSAgov/HealthIT|
|Use Case Description||As consumer-directed health information exchange becomes more prevalent, verifying the
integrity of patient-supplied medical information will become an imperative. When EHI obtained
by a patient that is digitally signed is provided to a third party along with the chain of trust from its
origin, that third party can have confidence in the integrity of that EHI. Consumer apps facilitating
the submission of sports physicals and immunization record to schools are inevitable—as are
apps driving patient-driven care coordination. Consumers will demand this access to their data,
and providers receiving that data will need to know it is unaltered.
|Estimated number of stakeholders capturing, accessing using or exchanging||Health records are exchanged between millions of providers (and, increasingly, payers) through
dozens of health information exchanges (HIEs) in support of millions of patients every year.
|Maturity of Use and Technical Specifications for Data Element|
|Applicable Standard(s)||HL7 FHIR R4 (v4.01: R4 – Mixed Normative and STU)
|Additional Specifications||FHIR Provenance Resource (v4.0.1) (https://www.hl7.org/fhir/provenance.html)
The Provenance resource includes a signature element (digital signature) which can be used for standards based integrity verification and non-repudiation purposes. The Signature datatype provides details on use of the signature element. The Signature.type coded value of "Source" should be used when the signature is for simply proving that the resource content is the same as it was when the resource was updated or created.
Also: https://www.hl7.org/fhir/datatypes.html#Signature (126.96.36.199)
• Both XML and JSON cryptographic signatures are supported.
In FHIR, (https://www.hl7.org/fhir/provenance.html): This would likely be “Provenance.agent.who”
Basic Provenance Informative Implementation Guide (for C-CDA Author Participation) (https://confluence.hl7.org/display/SEC/Basic+Provenance+Implementation+Guide?preview=/40740218/55940686/20190719_HL7_Basic_Provenance_Security_Posting.docx) does not mention signatures, but signatures are described as a CDA extension in HL7 Implementation Guide for CDA® Release 2: Digital Signatures and Delegation of Rights (http://www.hl7.org/documentcenter/public/standards/dstu/CDAR2_IG_DIGITALSIG_R1_DSTU_2014OCT.pdf) document. Author is a data element originally proposed by ONC for inclusion in UCSDI for Provenance.
• Specifications or IG updates may be required to align C-CDA to FHIR.
|Current Use||Not currently captured or accessed with an organization|
|Number of organizations/individuals with which this data element has been electronically exchanged||N/A|
|Restrictions on Standardization (e.g. proprietary code)||None|
|Restrictions on Use (e.g. licensing, user fees)||None|
|Privacy and Security Concerns||Using these data elements will reduce privacy and security concerns about the EHI being exchanged.|
|Estimate of Overall Burden||Author information should be readily available to implementers already populating Provenance data elements. Although Cryptographic signatures of content (“hashing”) is not widely practiced, the methodology for doing this is straightforward (and specified in detailed in the above-reference FHIR Provenance IG). Implementation should not require more than two two-week sprints.|
|Other Implementation Challenges||None|
Metadata, or data that describes other data.
Information from the submission form
(Per https://www.hl7.org/fhir/provenance.html): “Provenance.signature: A digital signature on the target Reference(s). The digital signature, inclusive of a hash on the resource being signed (Provenance.signature.type = 1.2.840.10065.1.12.1.14), will ensure that the integrity of the particular electronic health information (EHI) is maintained and not altered in any way. This allows recipients of this EHI to trust the integrity of the content regardless of its most recent origin. • As patient-mediated EHI becomes more prevalent, maintaining the chain of trust via this digital signature will be instrumental in patient-provided health information exchange.