Patient data embargo management

There are legitimate reasons for data to be embargoed for some timeframe. I am not a fan of these reasons, but as a Privacy and Security subject matter expert, I get asked how to solve these business needs. Many think this is an easy problem to solve, just slap a security tag on the data,

[ Read More ]

Explaining #FHIR Consent examples

This article includes explanation of some example scenarios and points at example Consent resources for them. These example scenarios are provided for educational use only, they are not an endorsement of these scenarios. Notice of Privacy Policy Some realms only require that the patient be given access to the organizations privacy policy. In these realms

[ Read More ]

IHE ITI Spring

The IHE domains of IT-Infrastructure, PCC, QRPH, and RAD had our workgroup meetings last week. Radiology met in-person at the RSNA, so got to socialize. I don’t have details for RAD, PCC, or QRPH. IT-Infrastructure met virtually all week. We did not make as much progress as we wanted to, due to  the lack of

[ Read More ]

API Security conference — on #FHIR

Join me at my presentations at #APISecure2022 where I will be surrounded by far smarter people on API security. This is a virtual event, so you should certainly be able to sign up.  so, there is going to be just a little bit about #FHIR: On Wednesday I will be on a panel with Alissa

[ Read More ]

Quick video on IHE Privacy and Security

 IHE just published a short video by me on the IHE Privacy and Security solutions. Links: IHE  IT Infrastructure Whitepapers and Handbooks Cookbook: Preparing the IHE Profile Security Section  De-Identification Handbook  Algorithm Mapping Spreadsheet  Document Sharing Metadata Handbook Template for XDS Affinity Domain Deployment Planning  Access Control  Enabling Document Sharing Health Information Exchange Using IHE Profiles 

[ Read More ]

Ask, just ask

I am short on ideas of topics that I should elaborate on in a blog article. So, I remind you all that if you thing of a topic that you think I might be able to clarify, please let me know. It costs you nothing. I might not even answer. But I certainly am not

[ Read More ]

IHE Basic Audit Implementation Guide

Supporting Privacy Principles to give transparency to how a Patients data are used is one of the goals of a new Implementation Guide from IHE. The AuditEvent profiles in this guide can also be used for Security purposes. The Basic Audit Log Pattern (BasicAudit) Content Profile defines some basic and reusable AuditEvent patterns. The Audit

[ Read More ]

IHE IT-Infrastructure – March 2022

IHE IT-Infrastructure committee has been very busy this winter quarter. Today we release updates to 9 different publications: New Publication  mCSD 3.5.0 – conversion from PDF to IG Publisher  MHDS 2.3.0 – conversion from PDF to IG Publisher  Metadata Handbook 2.1 – conversion from PDF to markdown/html Minor/Patch update publications  MHD 4.1.0 – minor updates

[ Read More ]

IHE IT-Infrastructure January Public-Comment

The IHE IT-Infrastructure domain has been doing some light conversion of existing IHE-Profiles and publications to the modern html publication and use of the Implementation Guide publisher format. The public-comment is focused on uncovering mistakes in this conversion. There are no intended new features in these releases. However, there are differences that are driven by

[ Read More ]

PIXm webinar

There is now a short webinar recording available for PIXm This and other IHE recorded webinars can be found on the IHE International YouTube channel.     https://www.youtube.com/user/IHEIntl/featured The PIXm implementation guide can be found on the IHE Profiles.ihe.net site where all of the IT-Infrastructure specifications are published.

[ Read More ]