Office of the National Coordinator for Health Information Technology (ONC)

8:00am - 9:00am

Registration

9:00am - 10:30am

Opening Plenary - Listen to the Morning Plenaries! (WMV) (14MB)

Welcome

Robert M. Kolodner, MD, Interim National Coordinator for Health Information Technology, Office of the National Coordinator for Health Information Technology

Setting the Stage: Security and Services

John W. Loonsk, MD, Director, Office of Interoperability and Standards, Office of the National Coordinator for Health Information Technology - Presentation (PDF) (278KB)

10:30am - 10:45am

Break

10:45am - 12:00pm

Plenary Presentations from NHIN related national Working Groups and Committees

Moderator: Jodi G. Daniel, JD, MPH, Director, Office of Policy and Research, Office of the National Coordinator for Health Information Technology

Update on initial NHIN Functional Requirements from the National Committee on Vital and Health Statistics (NCVHS) Ad hoc NHIN Working Group - Presentation (PDF) (328KB)

Simon Cohn, MD, MPH, Chair, NCVHS and Harry Reynolds, Vice Chair, NCVHS Subcommittee on Standards and Security

AHIC Confidentiality, Privacy and Security Working Group

Jodi G. Daniel, JD, MPH, Director, Office of Policy and Research, Office of the National Coordinator for Health Information Technology and Paul Feldman, Co-chair, AHIC Confidentiality, Privacy, and Security Working Group

AHIC Quality Working Group

Kelly Cronin, Director, Office of Programs and Coordination, Office of the National Coordinator for Health Information Technology

12:00pm - 1:15pm

Lunch

1:15pm - 2:30pm

Concurrent Sessions

1.1 Identifying the Services that could be provided by a health information network service provider - Presentation (PDF) (149KB)

Moderator:

Mark Leavitt, MD, PhD, Chair, Certification Commission for Healthcare Information Technology

The National Health Information Network provides a framework within which a given health information network service providers can offer services to participating organizations and healthcare entities. These services could include such things as data location, transport, mapping and delivery services, data persistence services, audit and authentication services, etc. This session will discuss the range of business and technical services which could be offered by health information network providers in supporting the vision of the NHIN initiative.

1.2 Additional Standards Needs for the NHIN Initiative - Presentation (PDF) (152KB)

Moderator:

John Halamka, MD, MS, Chair, Health Information Technology Standards Panel

The first three national use cases detailed needs for standards to support some general NHIN infrastructure as well as the specific functionality (EHR, Biosurveillance, Consumer Empowerment) that they included. As the Health Information Technology Standards Panel did its work and as NHIN architectures have become more apparent, there are inevitable gaps that have been identified where there are additional standards needs to support the functionality necessary for the NHIN. Some of the areas that still require attention are in the security and interface areas, but more may exist as well. This session will ask participants to help identify NHIN needs for standards harmonization and suggest specific use case data flows or business processes that will make them apparent.

2:30pm - 2:45pm

Break

2:45pm - 4:00pm

Concurrent Panel Discussions

2.1 Approaches to Provider Authentication and Authorization

Moderator:	Stan Huff, MD, Intermountain Health Care - Presentation (PDF) (150KB)
Panelists:	Wendell Ocasio, MD, Principal Clinical Systems Architect, Northrop Grumman - Presentation (PDF) (63KB) Raja Kailar, representing Computer Sciences Corporation (Security Architect, Business Networks International) - Presentation (PDF) (298KB) Liesa Jo Jenkins, Executive Director, CareSpark - Presentation (PDF) (1.7MB)

There are different models for how health information network service providers may deal with authenticating care providers. In some models they authenticate organizations and not individuals. In some models, both individuals and organizations can be authenticated to take advantage of network services. In either model, managing who can access specific data in a particular care setting can be complicated by cross privileges referrals and access to provider identity information. This session will discuss the differing attributes of these different models and the various needs for sharing provider identity information.

2.2 Confidentiality and Secondary Use of Data

Moderator:	Simon Cohn, MD, MPH, Kaiser Permanente - Presentation (PDF) (149KB)
Panelists:	Brian J. Kelly, MD, Accenture - Presentation (PDF) (200KB) Richard Steen, Business Lead, NHIN Team, IBM - Presentation (PDF) (113KB) Richard Thompson, Executive Director, Quality Health Network - Presntation (PDF) (1.6MB)

Uses of EHR data for population health management must respect the protection of patient confidentiality. At the same time the data needs of secondary uses span a spectrum from completely HIPAA de-identified data to state mandated reporting of patients with dangerous communicable diseases.

This session will discuss architectural strategies for enabling secondary uses of data including include anonymization, re-linkable anonymization, de-identification and selective data perturbation.

4:00pm - 5:15pm

Concurrent Panel Discussions

3.1 Patient-driven access control

Moderator:	Ross Martin, MD, MHA, Pfizer Inc - Presentation (PDF) (150KB)
Panelists:	Vinod Muralidhar, Technical Architect, Computer Sciences Corporation - Presentation (PDF) (174KB) Robert Cothren, PhD, Chief Scientist Health Solutions, Northrop Grumman - Presentation (PDF) (78KB) Scott Brown, RPH, Pharmacy Director, Cabin Creek, WV

Many consumers want to decide who can access their health data and when they can do so. While policies for supporting both consumer data management and clinician needs to know are an active discussion area, architectures for patient management of data access need to be considered. In a networked health care environment, opportunities for patient management of access may exist in many places. These points of management may include where providers access PHR data, where there are look-ups and exchange of EHR data between organizations, and through patient driven access controls that may be asserted for use inside of care organizations. This session will discuss alternative architectural approaches for supporting consumer driven access controls and the type of information that needs to be exchanged to make role based access controls operative at different points in a networked health system. Discussion will include practical aspects of existing role based access control.

3.2 Documenting the Data Context of Clinical Decisions

Moderator:	John Paul Houston, JD, University of Pittsburgh Medical Center - Presentation (PDF) (149KB)
Panelists:	Scott Cullen, MD, Accenture - Presentation (PDF) (181KB) Ginny Wagner, Project Executive, NHIN Team, IBM Sachi Rath, MD, MA-SHARE - Presentation (PDF) (181KB)

Health information networking will make information from PHR’s and external organization’s EHR’s available to support patient care. The ability to identify the data context of clinical decisions can be important in understanding clinical history and supporting the rationale for previous clinical decisions. There are several architectural variations which could potentially support appropriate data persistence and/or recording of context. Approaches include transient display of external clinical data on a query by query basis, documented records of retrieved data, and data populating a “local” EHR. Different approaches may have implications for describing what was known and when. This session will focus on different approaches to dealing with retrieved data, how the approaches can provide varying levels of capability and what implications they may have for subsequent data retrievals as well.

5:30pm

Adjourn

8:00 am - 8:30am

Registration

8:30am - 9:45am

Concurrent Panel Discussions

4.1 Matching Patient Data

Moderator:	Jamie Ferguson, Kaiser Permanente - Presentation (PDF) (149KB)
Panelists:	Don Grodecki, representing Computer Sciences Corporation (Browsersoft) - Presentation (PDF) (180KB) Casey Webster, Chief Architect, NHIN Team, IBM William Beighe, CIO, Physicians Medical Group, Santa Cruz

The need to correctly match patients with their data and data with their patients is a critical part of health information networking, but there are a number of factors that complicate approaches in this area. Protecting patient confidentiality, the quality and availability of patient indices, the different ways that newly generated data refer to patients, the complexities of data matching algorithms and variations in implementations in different systems are all complicating factors in meeting broader health networking needs. This session will focus on approaches for matching patient data without using a unique patient identifier, approaches to minimizing false positive and false negative patient data retrievals, issues of matching patient data that is being delivered to a particular provider, and approaches to expressing the confidence level of matches and methods for refining possible matches. Practical experience with data matching with different levels of data reliability will also be discussed.

4.2 Accurate Attribution of Data

Moderator:	Donald Mon, PhD, American Health Information Management Association (AHIMA) - Presentation (PDF) (149KB)
Panelists:	Asad Khan, Accenture - Presentation (PDF) (40KB) Steve Bunning, representing Northrop Grumman Consortium (INFOSEC Engineer, SphereCom Enterprises) - Presentation (PDF) (62KB) Greg Wenneson, Mendicino Health Records Exchange

The value of clinical data is directly related to a level of assurance that the data are valid, reliably attributable and intact. Several methods for assuring data reliability are available including digital signatures and other mechanisms. Different approaches have different requirements and costs. Some approaches are document based and some work for non-document based data. There also may be different implications for a centralized vs. a distributed authentication environment. In this session, different approaches to supporting data reliability will be discussed as well as the practical aspects of implementation.

9:45am - 10:00am

Break

10:00am - 11:15am

Concurrent Panel Discussions

5.1 Auditing Data Access

Even when there is broad availability of role based access controls, networked health information exchange will bring substantial needs for auditing access to patient data. There are needs to record incoming access to EHR and PHR data, outgoing requests for data in a distributed authentication environment, and inter-organizational exchanges in the context of ongoing data connections and use. This session will discuss approaches to auditing in a complex networked care environment. Discussion will include what data needs to be exchanged and how it may need to flow to address these needs and others.

5.2 Information Distribution Approaches

Moderator:	Linda Fischetti, Department of Veterans Affairs - Presentation (PDF) (149KB)
Panelists:	Daniel Mellen, Accenture - Presentation (PDF) (253KB) Houtan Aghili, Technical Lead, NHIN Team, IBM - Presentation (PDF) (41KB) Pam Matthews, Director, Business Information Systems, Healthcare Information and Management Systems Society (HIMSS)

Moderator:	Wes Rishel, Gartner - Presentation (PDF) (150KB)
Panelists:	Marc Overhage, representing Computer Sciences Corporation (President and CEO, Indiana Health Information Exchange, Professor of Medicine, Indiana University School of Medicine, Director, Regenstrief Institute) - Presentation (PDF) (166KB) Greg Pfister, Manager, Clinical Systems Development, Northrop Grumman - Presentation (PDF) (84KB) Nick Christiano, Vice President and CIO of HealthQuest

While there has been a substantial focus on health information network functionality that can support data retrievals, there are also needs for source-initiated data distribution. “Pushed” data may be used to support, for example, referrals, result reports, data updates and disease reporting. Two approaches for “pushing” data include “store and forward” data routing and “publish subscribe” methodologies. In this session, the different attributes and needs of these approaches will be discussed along with the needs that each has for provider identification, data addressing and authentication.

11:15am - 11:30am

Break

10:30am - 12:30pm

Closing Plenary – Listen (WMV) (14MB)

Moderator: John W. Loonsk, MD, Director, Office of Interoperability and Standards, Office of the National Coordinator for Health Information Technology - Presentation (PDF) (244KB)

Discussion to include:

• Report outs:

1.1 Identifying the Services that could be provided by a health information network service provider (PDF) - Presentation (PDF) (152KB)

Mark Leavitt, MD, PhD, Chair, Certification Commission for Healthcare Information Technology

1.2 Additional Standards Needs for the NHIN Initiative - Presentation (PDF) (158KB)

Lee Jones, Program Manager, Health Information Technology Standards Panel

• Common themes from panel presentations
• Architecture possibilities, policy implications and practical implementation

1:30 pm – 3:30 pm

Post-Forum Workshop

Discussing a Common Testing Strategy for Implementing National Health Information Technology

Background: Organizations seeking to further the national HIT agenda use testing capabilities for different but compatible goals. Certification bodies use application-level testing as part of their certification programs. Organizations developing standards, profiles and implementation guides use testing capabilities to improve the quality of these documents and to help HIT vendors improve the quality of their implementations during development. Many standards development organizations, implementation guide developers, and other organizations develop and make available testing material and tools for both implementation correctness and certification. A significant opportunity exists for all of these organizations to collaborate within a strategy that furthers the development of testing tools and capabilities that can be used to achieve each organizations respective goals. This strategy encompasses identifying common areas of focus, development of a common testing framework, and working toward shared testing capabilities, testbeds and events. The goal of this workshop is to discuss aspects of a Common Testing Strategy and development of a path forward for implementation.

This workshop will focus on the following:

1. Discussion of respective testing and certification goals for participating organizations.
2. Identification of testing needs for furthering the national HIT agenda.
3. Definition and model of a sustainable Common Testing Strategy.
4. Discussion of quality requirements for testing tools and testing processes.
5. Opportunities for collaboration and participation.
6. Development of a path forward.