[WG-UMA] Fwd: Four UMA Use-Cases in Healthcare

From Adrian for consideration in our legal subgroup meeting coming up shortly. Thanks, Adrian!

Begin forwarded message:

From: Adrian Gropper <agropper@healthurl.com> Subject: Four UMA Use-Cases in Healthcare Date: 7 August 2015 at 6:33:18 AM PDT To: Eve Maler <eve@xmlgrrl.com> Cc: "Bucci, Debbie (HHS/ONCIT)" <debbie.bucci@hhs.gov>, Josh Mandel <jmandel@gmail.com>, Justin Richer <jricher@mit.edu>

Eve,

There may be only 4 distinct use-cases for UMA in healthcare. I wrote this in order to prepare for the legal subgroup this morning. Feel free to share if it's useful.

Alice-to-Alice N - The multiple portals problem - Alice wants to direct sharing herself Alice wants to manage her EHR-1 and EHR-2 authorizations in one place. We call that place the AS. Alice registers her AS with her practice’s EHR-1. Alice registers her AS with another practice EHR-2. From then on, Alice can sign-in to her EHR, view accounting for disclosures, and manage authorizations.

Alice-to-Custodian - Delegation to a custodian Custodian creates an AS for Alice. Custodian has a sign-in to Alice’s AS. Alice registers her AS with her PCP’s EHR-1. Alice registers her AS with another practice’s EHR-2. From then on, Custodian can sign-in to Alice’s EHR, view accounting for disclosures, and manage authorizations.

Alice-to-Bob Directed - Alice wants to authorize her PCP for directed sharing Alice registers her AS with her PCP’s EHR-1. The PCP shares an Alice-specific context with Bob. Bob’s client EHR-2 presents claims to Alice’s AS, gets authorization. EHR-2 accesses resource from EHR-1.

Alice-to-Bob HIE - Alice wants to be discoverable Alice registers her AS with her practice’s EHR-1. Alice picks up a flier for the state HIE with a Q/R code, reads their Privacy Policy Alice signs-in into her AS and scans the Q/R code. The HIE allows Alice to pick her discovery attributes, registers Alice’s AS. Bob’s client signs into the HIE, discovers Alice, gets authorization to EHR-1.

--

Adrian Gropper MD

RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ <http://patientprivacyrights.org/donate-2/>

Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com