Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-29626

Recommend that PDDI CDS IG address security and privacy concerns, that may arise due to a patient's consent directive.

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive
    • Icon: Highest Highest
    • Potential Drug-Drug Interaction (PDDI) (FHIR)
    • 0.2.0 [deprecated]
    • Clinical Decision Support
    • Use Case [deprecated]
    • all
    • Hide

      Add a section to CDS Service Specification that presents the security concern and the mentioned use case. Add recommendation in that section that the CDS Service not be given 'super user' status but that an information card be returned in cases where such a directive is present. 

      Show
      Add a section to CDS Service Specification that presents the security concern and the mentioned use case. Add recommendation in that section that the CDS Service not be given 'super user' status but that an information card be returned in cases where such a directive is present. 
    • Richard Boyce/Isaac Vetter: 9-0-0
    • Enhancement
    • Non-substantive

    Description

      Recommend that PDDI CDS IG the address certain security and privacy concerns, which may arise when the clinician ordering a drug is not authorized to have access to information masked due to a patient's consent directive, which restricted sharing.

      For example, take the use case @ http://hl7.org/fhir/uv/pddi/2020SEP/use-cases.html where the clinician selects warfarin for a patient currently prescribed a NSAID and a proton pump inhibitor, because the proton pump inhibitor may reduce the risk of UGIB in patients receiving NSAID and warfarin.

      The clinician is not aware that the patient is also taking a selective serotonin reuptake inhibitor for a major depressive disorder, because the patient did not consent to share this information with anyone besides the mental health provider who prescribed the SSI.

      Assuming that the FHIR Authorization Server enforces the patient's consent directive not to disclose to the CDS that the patient is taking a SSI, then the clinician will not be alerted about the potential drug-drug interaction with NSAID.

      However, the FHIR Authorization Server could also have an organizational policy that authorizes the CDS as a "super user", and is permitted access to information that is masked from an unauthorized clinician. If the CDS detects such a drug-drug interaction would result from the order selected by the clinician, it could return a CDS Hook card cautioning the clinician of a possible counter-indication, and recommending that the clinician ask the patient about any medications that the patient has not shared and/or "Break the Glass" (BTG). The CDS card should also include that the clinician will be held accountable for BTG through audit.

      A similar CDS BTG scenario was demonstrated during the HIMSS 201902 Orlando
      Consumer Centered Care Planning Interoperability Showcase (https://confluence.hl7.org/display/SEC/HIMSS+201902+Orlando) and described here @ https://confluence.hl7.org/display/SEC/HIMSS+201902+Sharing+with+Protections. It was sponsored by the HL7 Security and CBCP WGs, VA, Allscripts, Perspecta, MyPatientLink and others. For more information, see https://build.fhir.org/security-labels.html#break-the-glass and https://build.fhir.org/operationoutcome-example-break-the-glass.html. This project may want to reach out to the Security WG for assistance with examples etc.

      Attachments

        Activity

          People

            Unassigned Unassigned
            k.connor Kathleen Connor
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: