Interoperability Need: Query for Documents Within a Specific Health Information Exchange Domain

Interoperability Need: Query for Documents Within a Specific Health Information Exchange Domain

Interoperability Need: Query for Documents Within a Specific Health Information Exchange Domain
Type	Standard/Implementation Specification	Standards Process Maturity	Implementation Maturity	Adoption Level	Federally Required	Cost	Test Tool Availability
1-Implementation Specification	IHE-XDS (Cross-enterprise document sharing)	Final	Production		No	Free	Yes
1,2-Implementation Specification	IHE-PDQ (Patient Demographic Query)	Final	Production		No	Free	Yes
1,2-Implementation Specification	IHE-PIX (Patient Identifier Cross-Reference)	Final	Production		No	Free	Yes
*2- Emerging Implementation Specification*	IHE – MHD (Mobile Access to Health Documents)	Balloted Draft	Pilot		No	Free	No

Limitations, Dependencies, and Preconditions for Consideration:	Applicable Security Patterns for Consideration:
IHE-PIX and IHE-PDQ are used for the purposes of patient matching and to support this interoperability need. The MHD supplement is based on FHIR DSTU1.1. The IHE MHD committee is currently working to update the MHD profile and planning to release it to implementers in first quarter calendar year 2016. See IHE projects in the Interoperability Proving Ground.	Secure Communication – create a secure channel for client-to- serve and server-to-server communication. Secure Message Router – securely route and enforce policy on inbound and outbound messages without interruption of delivery. Authentication Enforcer – centralized authentication processes. Authorization Enforcer – specified policies access control. Credential Tokenizer – encapsulate credentials as a security token for reuse (e.g., – SAML, Kerberos).Message Interceptor Gateway – provide a single entry point solution for centralization of security enforcement for incoming and outgoing XML WebService messages. System Authentication - The information and process necessary to authenticate the systems involved User Authentication – The identity information and process necessary verify the user’s identity User Role – identifies the role asserted by the individual initiating the transaction. Purpose of Use - Identifies the purpose for the transaction. Patient Consent Information - Identifies the patient consent information that: May be required to authorize any exchange of patient information May be required to authorized access and use of patient information May be required to be sent along with disclosed patient information to advise the receiver about policies to which end users must comply Security Labeling – the health information is labeled with security metadata

No comments have been posted yet.