Cybersecurity

Sydney – HL7 FHIR Privacy and Security Tutorial

I will be giving the FHIR Privacy and Security tutorial again at Sydney HL7 meeting on Thursday afternoon (our normal Wednesday afternoon agenda slot). See https://hl7.sydney/tutorials.php As always I welcome any suggestions for improving the slides. They can be viewed freely on my blog at : HL7 Tutorial – FHIR Privacy and Security Given that

[ Read More ]

FHIR Consent mapped with BPPC

Today on the FHIR Consent call we had a very useful discussion of how one would use FHIR Consent to do the same thing that BPPC does in XDS. Said another way, what is the degenerate form of FHIR Consent that is equal-to the functionality of BPPC, and what is the degenerate form of FHIR

[ Read More ]

Scaling #FHIR authorization in a multiple organization HIE

In my last article on  Controlled Exchange Architecture Models for Scale on #FHIR. One issue I ran into is the question of how OAuth at healthcare scale works when an HIE is made up of multiple organizations in a federation.  In XDS environment we describe that the SAML assertion in the transaction is authenticating the Organization

[ Read More ]

Controlled Exchange Architecture Models for Scale on #FHIR

In the previous article I discuss the various Modes of Patient Centric Exchange models. I cover Mediated Exchange, Directed Exchange, and Negotiated Exchange. These are all good solutions for scaling, but fail when the patient doesn’t actively get engaged. When a patient wants to actively get engaged they MUST be given their damn data. Reminder that

[ Read More ]

Nationwide Health Information Exchange on #FHIR

Most use of FHIR today is as an API to an organizations health information (EHR). This solution is maturing nicely, although it has issues that are being worked on. However what is being asked latey is how does one scale FHIR to a nation. I spoke of this scale problem in past articles. It is

[ Read More ]

Introduction to IHE

I was asked for recommendation for a set of resources that would give a good introduction to IHE: One always wishes they could create new material, but realistically there exists plenty of resources already published that can be leveraged: Is it general intro to what is IHE? IHE-USA intro – YouTube – https://www.youtube.com/watch?v=BaN1DuVY3go General overview

[ Read More ]

HL7 Tutorial – FHIR Privacy and Security

I am giving a tutorial at the HL7 workgroup meeting in Atlanta. There are still openings, so please look to register for my class. My tutorial is Thursday morning, covering two quarters, about 3 hours.  My tutorial is “FHIR Security and Privacy (TH15)” Not Hacking Unfortunately I did not provide a description for my tutorial, so

[ Read More ]

The Patient Innovator Track at DevDays – Privacy

I assume anyone reading my blog has already seen this announcement on FireLy, Grahame, HL7, Hay on FHIR, etc. Go read those for the specific details, no good reason for me to duplicate them. What I will do is focus on the opportunity for Patient to drive for Innovations in Privacy. Most of the other

[ Read More ]

Tipping point in Health Interoperability Maturity

In the past two weeks I have been in large audience discussions where there is a very different kind of topic being discussed around Health Information Technology. The topic is about a vision of how things could/should be at the point of care because of successful interoperability. It is not explicitly said that way. These

[ Read More ]

FHIR Scaling to a Nation

Most discussions about FHIR are simple interaction diagrams like this: Many Sources (n != 1) The Real story needs to consider that the “Source” above is a single box representing 10,000 potential source systems that hold data about the patient: (map is a static view of CareQuality network) More important is that the above map

[ Read More ]