Wednesday, February 1, 2012

Provider Directories and Public Key Infrastructure for HIE

As Massachusetts prepares a Request for Response (RFR)  to procure healthcare information exchange infrastructure and applications,  many stakeholders have been hard at work documenting requirements.

The Provider Directory and Public Key infrastructure are some of the hardest specifications to write since they have not yet been widely deployed for healthcare information exchange anywhere in the country.

The leaders of the Massachusetts HIE effort have held 3 major vendor and user forums over the past month and have been told that no vendor has a standards-based provider directory in production at any customer site.

Here's our best thinking about Provider Directory and Public Key infrastructure services.

Provider Directory
The Directory will have a schema within a relational database that enables lookup of entities, which could include a person (John Halamka),  an organization (BIDMC), a department (The BIDMC Department of Emergency Medicine), a state entity (Massachusetts Department of Public Health),   a payer (Blue Cross Blue Shield of Massachusetts), a vendor (The Massachusetts eHealth Collaborative Quality Data Center), or a PHR infrastructure trusted by the HIE (Microsoft Healthvault).     There will be two ways to query this database - Lightweight Directory Access Protocol (LDAP) for  use within the Massachusetts state government firewall and SOAP-based web service APIs for all users external to the firewall.   The response to a query will include the node name for communication to the entity i.e. John Halamka will not have a node, but the BIDMC Department of Emergency Medicine or BIDMC could.   Digital certificates are not stored in the Provider Directory.

Public Key Infrastructure
Certificates will be issued by a single Certificate Authority and will be stored in one of many Domain Naming System (DNS) services capable of supporting certificate queries such as BIND or Microsoft's special implementation of DNS created for the Direct Project (http://directproject.org/).    For example, BIDMC could offer a DNS service called Direct.bidmc.org which hosts the public keys for all our nodes.

Here's how it would be used.  An EHR would look up an entity in the Provider Directory and then use DNS services to retrieve the certificate for the entity's node.

We're also considering an alternative approach using the open source tools available in the Direct Project's Reference Implementation.   These tools include administrative tools to store and manage certificates and an adapter that links the directory store to a DNS responder.    Participants could upload their certificates to this centralized data store.  For example:

DNS Responder <--DNS Web Services--> Direct Reference Implementation Web Services <--BIDMC adaptor--> BIDMC datastore

The vendor community has told us that they want a single simple directory and public key infrastructure specification they can implement one time for an entire state.   We'll give that to them and I'll write about their responses in future posts.

Related Posts:

  • The November HIT Standards CommitteeThe November HIT Standards Committee focused on the current status of certification and attestation, readiness of standards for patient generated data, ONC S&I Framework progress, and the overall HITSC workplan.Jacob Reid… Read More
  • Quality Measurement 2.0I've written several posts about the frustrating aspects of Meaningful Use Stage 2 Certification.   The Clinical Quality Measures (CQMs) are certainly one of problem spots, using standards that are not yet mature, and re… Read More
  • Building Unity Farm - The Duck PondAs I've written about recently, Fall has been a busy time at Unity Farm.  We completed our first harvest, pressed cider, picked mushrooms, planted winter vegetables, and cared for young animals.  Although we have a … Read More
  • Building Unity Farm - The Powder House KeeperOne of the great benefits of owning a colonial era property is that you never know what you're going to find.James Bullard was born in Sherborn on August 25, 1762 and died on June 30, 1828. He's buried in our backyard.As I've… Read More
  • Dispatch from London I'm in London for 48 hours, working with a group of international experts to define telehealth, care management, and big data opportunities for the UK, Europe, Australia, and US. During the afternoon break I had a remark… Read More

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Powered by Blogger.

Popular Posts

Blog Archive

Copyright © 2025 themakingofanursemidwife | Powered by Blogger
Design and developed by Bhavya Soft :
Blogger Templates