• Print

Interoperability Need: Query for Documents Within a Specific Health Information Exchange Domain


Interoperability Need: Query for Documents Within a Specific Health Information Exchange Domain

Interoperability Need: Query for Documents Within a Specific Health Information Exchange Domain

Type

Standard/Implementation Specification

Standards Process Maturity

Implementation Maturity

Adoption Level

Federally Required

Cost

Test Tool Availability

1-Implementation Specification

IHE-XDS (Cross-enterprise document sharing)

Final

Production

rating 4

No

Free

Yes

1,2-Implementation Specification

IHE-PDQ (Patient Demographic Query)

Final

Production

rating 4

No

Free

Yes

1,2-Implementation Specification

IHE-PIX (Patient Identifier Cross-Reference)

Final

Production

rating 4

No

Free

Yes

2- Emerging Implementation Specification

IHE – MHD (Mobile Access to Health Documents)

Balloted Draft

Pilot

rating 1

No

Free

No

Limitations, Dependencies, and Preconditions for Consideration: Applicable Security Patterns for Consideration:
  • IHE-PIX and IHE-PDQ are used for the purposes of patient matching and to support this interoperability need.
  • The MHD supplement is based on FHIR DSTU1.1. The IHE MHD committee is currently working to update the MHD profile and planning to release it to implementers in first quarter calendar year 2016.
  • See IHE projects in the Interoperability Proving Ground.
  • Secure Communication – create a secure channel for client-to- serve and server-to-server communication.
  • Secure Message Router – securely route and enforce policy on inbound and outbound messages without interruption of delivery.
  • Authentication Enforcer – centralized authentication processes.
  • Authorization Enforcer – specified policies access control.
  • Credential Tokenizer – encapsulate credentials as a security token for reuse  (e.g., – SAML, Kerberos).Message Interceptor Gateway – provide a single entry point solution for centralization of security enforcement for incoming and outgoing XML WebService messages. System Authentication - The information and process necessary to authenticate the systems involved
  • User Authentication – The identity information and process necessary verify the user’s identity
  • User Role – identifies the role asserted by the individual initiating the transaction.
  • Purpose of Use - Identifies the purpose for the transaction.
  • Patient Consent Information - Identifies the patient consent information that:
    • May be required to authorize any exchange of patient information
    • May be required to authorized access and use of patient information
    • May be required to be sent along with disclosed patient information to advise the receiver about policies to which end users must comply
  • Security Labeling – the health information is labeled with security metadata
No comments have been posted yet.