1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. HEART

Wiki

Clone wiki

HEART / 2015-08-03

View History

Attending:

Debbie Bucci

Catherine Schulten

Sarah Squire

Justin Richer

Adrian Gropper

Glen Marshall

Eve Maler

Abbie Barbir

Obi Ogbanufe

Corey Spears

Thompson Boyd

Tom Sullivan

Jeremy Maxwell

Edmund Jay

John Moehrke

Jim Kragh

Jeffrey Shultz

Josh Mandel

Chad Evans

Next steps:

2pm EDT Wednesday, August 5th, a group will meet to discuss the technical profiles.

The group will continue to work on this use case in the Google Doc.

Next week we will discuss scopes and the next use case.

Notes:

We reviewed the “Alice Enrolls with PCP and Sets Up Two-Way Exchange of Personal Data [OAuth Only]” use case.

We decided to use the term PHR rather than CFA. PHR is more specific and more commonly used.

We decided to replace “cloud-based” with the more general “internet-facing” to describe Alice’s PHR in order to clarify without having to specify unnecessary details about service hosting.

We discussed what the problem statement should be and decided that Bill should ultimately review that and contribute. Our rough idea is “EHR and PHR orgs know each other but require Alice’s consent to bridge them”

We discussed the idea that consent is a two-way transaction, and that we have captured that in the use case by assuming that the EHR and PHR have a predefined agreement to allow Alice-to-Alice sharing.

We decided not to include a suggested addition of a technical precondition to track Alice physically at her PCP. Every EHR has an MPI - master patient index. This registry includes all activity across providers using that EHR. All access management systems have the ability to identify a person and associate them with a record, so this does not need to be specifically addressed in this use case.

Should we point to a reference to define OAuth entity roles? Or should we write out the definitions in every use case? We decided to write out the definitions.

We decide to replace consumption and insertion with read and write.

We discussed the definitions of EHR and PHR. A PHR is “untethered” in that it has no business relationship to a care provider, and it is controlled by the patient. An EHR is “tethered” in that it has a business relationship with a care provider, and it is controlled by the care provider.

The group will continue to work on this use case in the google doc. We will move onto scopes and the next use case next week.

Debbie added: Thanks Sarah!

Adding a few additions to the notes:

We will have a follow on meeting to continue the discussion Wed August 5th - gotomeeting info sent in a separate email.

As mentioned on the call today, Adrian submitted a new use case that builds upon - perhaps a compare contrast to the current use case:

https://docs.google.com/document/d/1V3e_fDH63fNDsV-WOGKcyg0ebuW165DOpjY_RcuMk4U/edit#heading=h.rzs774n0rsvs

AI for Deb: update wiki with past meeting notes

Updated