• Print

Enabling Privacy: Data Segmentation

DS4P Test Cases (Pilots)

The Data Segmentation for Privacy (DS4P) Initiative involved six test cases (also known as “pilots”), which are introduced below. For more details, visit the DS4P Wiki and click on the pilots from the right-hand menu.

U.S. Department of Veterans Affairs (VA)/Substance Abuse and Mental Health Services Administration (SAMHSA) Pilot

The VA/SAMHSA pilot used off-the-shelf components to successfully extend the DS4P capabilities and show how Fast Healthcare Interoperability Resources (FHIR) can be used for data segmentation.

In the pilot, test queries went from VA to SAMHSA’s open-source system, which was acting as the data source. The pilot successfully attached metadata to substance abuse patient records using what the VA calls a “Security Labeling Service.” Jericho Systems served as the access service.

Graphic of VA/SAMHSA Pilot Process

Overview of the VA/SAMHSA Test Case

The pilot was tested and shown in multiple venues, including the Healthcare Information and Management Systems Society (HIMSS) 2013 Interoperability Showcase, Health Level 7 (HL7) International Plenary Meeting (September 2013), and HL7 Working Group Meeting (January 2014). A short video of the HIMSS 2013 demonstration can be seen here.

VA has championed the development of the HL7 Healthcare Privacy and Security Classification System (HCS), which is now being tested for VA Identity and Access Management for the Veterans Health Information Systems and Technology Architecture (VistA) Evolution.

Software and Technology Vendors’ Association (SATVA) Pilot

The SATVA pilot was a joint effort by Cerner Anasazi, Valley Hope Association, Defran Systems, Inc., and HEALTHeLINK. The pilot demonstrated the ability to send notice of the prohibition on redisclosure (as required by 42 Code of Federal Regulations (CFR) Part 2 [PDF - 13.2 MB]) using Direct.

One of the team’s key products was the SATVA Ultra-Sensitive Privacy Disclosure Implementation Guide (USPDIG), which follows the DS4P Implementation Guide (IG) for Direct. USPDIG defines specifics for document markup and entry-level tagging of privacy sensitivity, in both HL7 Clinical Document Architecture (CDA)-derived documents and in Integrating the Healthcare Enterprise (IHE) XD Metadata.

SATVA has a number of pilot production implementations.

  • Valley Hope Association is creating production discharge summary disclosures for a pilot site according to specifications in the SATVA USPDIG Continuity of Care Documents (CCDs). Printed versions of these CCDs are used where electronic transport is not yet available, serving to convey the disclosures with all the required notices in paper form.
  • In April 2014, Cerner Anasazi released enhancements to their Behavioral Health solution. The enhancements incorporate DS4P metadata tagging of CCDs and XD metadata via the SATVA USPDIG.
  • At HIMSS 2014, Cerner showed marked-up CCDs being sent from the Cerner Behavioral Health solution to the Cerner Millennium solution (a large-scale, general medical solution). Cerner Millennium solution design teams have begun work to recognize and process the DS4P marked-up data received from the Cerner Behavioral Health solution (or other solutions implementing the USPDIG). Cerner reported that this functionality is planned for production release by the end of 2014.

Netsmart Pilot

Netsmart successfully tested a portion of the DS4P IG for Direct and demonstrated the test case in multiple venues, including the HIMSS 2013 Interoperability Showcase. The Netsmart solution has been implemented in Tampa Bay’s community services referral network (2-1-1 system). Netsmart helps the 2-1-1 system manage confidential information maintained by programs governed by 42 CFR Part 2.

Jericho Systems/University of Texas (UT) at Austin Pilot

Sponsored by funding from the Telemedicine & Advanced Technology Research Center (TATRC), the Jericho/UT Austin team created their own simulation of an eHealth exchange to test their solution. Their test case differed from the others in that they shared access requests with the patient so the patient knew who was requesting his/her electronic health information. Providers needed to demonstrate that they had a consent directive on file or could obtain one.

The pilot used data segmentation to filter a Patient Consent Directive (PCD), drawn from a central (external) PCD repository, and then redacted the clinical documents based on the patient’s privacy choices. The team defined the exchange of HL7 CDA-compliant PCD between a data custodian and a PCD repository and included a dynamic report on the outcome of the clinical request back to the patient. The pilot defined clinical document notation so that the PCD repository could be used to evaluate later data requests.

A pilot demonstration can be seen here (note: audio does not begin right away).

Additional Pilots

Two more pilots — Greater New Orleans Health Information Exchange (GNOHIE) and Teradact — joined DS4P late in the project lifecycle. While they are not complete, they represent the level of interest that community and health information exchanges can have in carrying data segmentation forward.



The Enabling Privacy web pages are provided for informational purposes only. They are not intended to be an exhaustive or definitive source on data segmentation, nor should the information contained herein be construed as legal advice.