Transport Protocol Discussion and Example ... - (S&I) Framework

hungryhorsecabinSoftware and s/w Development

Dec 14, 2013 (3 years and 8 months ago)

98 views

Meeting Etiquette


Please announce your name each time prior to making comments or
suggestions during the call


Remember: If you are not speaking keep your phone on mute


Do not put your phone on hold


if you need to take a call, hang up
and dial in again when finished with your other call


Hold = Elevator Music = very frustrated speakers and participants


This meeting, like all of our meetings, is being recorded


Another reason to keep your phone on mute when not speaking!


Feel free to use the

Chat


or

Q&A


feature for questions or
comments,
especially if you have a bad phone connection or
background noise in your environment




NOTE: This meeting is being recorded and will
be posted on the Wiki page after the meeting

From S&I Framework to
Participants:

Hi everyone: remember to keep your
phone on mute


S&I Framework

Prescription Drug Monitoring Program Initiative


Transport Protocol Discussion

Transport


Use Cases Review

3


T
ransporting
the data
exchanged between
PDMP
systems
and
EHR/HIE systems.


Two
principal use
cases


Unsolicited
(PDMP system
“pushes”
notifications)


Q
uery
(EHR
system
queries a PDMP and “pulls”
data
)


Risk


S
ingle
protocol may not
handle
both
cases


May
need to decide on more than one standard
transport

Transport


Query Use
Case

4


The NCPDP Script specification contains
Medication History
Request
and
Response
messages


A
transport protocol is needed
to
reliably
exchange messages
between
EHRs/HIEs
and
PDMPs


HTTP
POST
would suffice


Client POSTs
a
Medication History
Request


Server
responds with a
Medication History
Response


SOAP transaction could be used


More
complex than
HTTP


Less
efficient at run
-
time
making
some use cases more
difficult to
implement

Transport


Topics to Consider

5

Transport
for
unsolicited

messages


DIRECT encrypted
email
protocol could be suitable
for the task


DIRECT is
an open standard with significant and growing
deployment


Discussion: determine if DIRECT is the most appropriate
candidate for
use case


Number of transport options for
query

messages


Both
HTTP and SOAP seem appropriate for this use
case


Both
will likely have
proponents


Discussion: choose
a single standard or could multiple bindings
co
-
exist?


If
the
consensus is
a
single
protocol
, will
it
be
HTTP or
SOAP?

If
the
consensus is
more than one protocol
,
HTTP
and SOAP are
leading
candidates


are
there others
?

An Example Binding with Working Code

6


Uses
existing standards


OpenSearch


hData
/RHEx (
RESTful

Healthcare Exchange)/HTTP


Transfers
patient prescription history in NCPDP
XML format over
HTTP


Two components, both open source:


a
PDMP testbed
written in Ruby on Rails that
simulates a PDMP serving prescription
history


a
plug
-
in module
for the OpenMRS electronic health
record system written in Java
.

PDMP/EHR Exchange Reference Implementation

PDMP
Testbed

OpenMRS

PDMP
Testbed Integration Architecture


Receive
requests over the web


Respond with standardized
healthcare
documents

Customized Open Source EHR client


Submit
requests over the web as a
natural part of the EHR workflow


Take in standardized
healthcare
documents

PDMP Testbed Reference
Implementation


Accepts OpenSearch (like Amazon.com,
most browsers)


Respond with NCPDP Medication
History Message Response

OpenMRS
Module


Requests using OpenSearch


Display prescriptions in
custom tab on
patient dashboard (in
-
workflow)

1. Query in workflow

2. Respond with document

Example Binding


Technical Details

8



RESTful” style
transport


very flexible


Originally
implemented both components using a Green
CCDA


Based on S&I vote, added
NCPDP to the
testbed


The spec is publicly available on a github repository at

https://raw.github.com/project
-
pdmp/spike/master/doc/srpp.txt


The code for both the testbed and OpenMRS module is
at

https://
github.com/project
-
pdmp


Background
info


OpenSearch:

http://
www.opensearch.org/


Project
RHEx at

http://
wiki.siframework.org/RHEx

Open Source Value to the PDMP Community

PDMP
Testbed

1. Reference Implementation

EHR Vendors have
free access to
Open Source
repository for
OpenMRS source
code

PDMP Vendors
have free access to
Open Source
repository for
PDMP Testbed
source code

3. Operation

OpenMRS

PDMP
Vendors

EHR
Vendors

2. Field
Testing and Validation

Transport


Bonus Topic: Security Implications

10


Authentication


If consensus forms around HTTP
, 2
-
legged or 3
-
legged
OAuth 2.0 could apply


If consensus is to use SOAP
,
we will likely use
SAML which is more difficult and costly to
implement

Final Thoughts

11

Welcome to our sponsor,
Dr
. Douglas B.
Fridsma

MD
, PhD, FACP, FACMI

Chief Science Officer and

Director, Office of Science and Technology

Office of the National Coordinator for HIT

12

Backup

Transport


Unsolicited Use Case

13


Some
PDMP’s produce unsolicited
notifications


Delivery
mechanisms
include
email, fax, and paper
mail


Contains
the person of interest’s prescription
history


Should
be sent only through secure
means


Unencrypted email messages can
contain
no
personally
identifiable information or protected health
information


Should contain a
link back to
PDMP
portal, which results in
provider workflow
interruption


Enhancing
Access to PDMP

project
pilot tests


Used Direct’s
encrypted email protocol to securely deliver
unsolicited notification messages to
providers


Demonstrated feasibility
of
Direct for
transport
mechanism

Jan 28 Meeting: Scoping


the Use Case


The primary use case
centers on getting initial
PDMP information to EHRs

14

Not all data elements can be
regarded the same


Some elements may not
be recorded in the PDMP
(variations across states,
for example)


Some elements may be
more important for this
use case than others

PDMP S&I Community Focus/Scope

Page
15

Pharmacy

PMPi /

RxCheck

PDMP

Other State PDMPs

NCPDP Script

PDMP

Portal

Switches

NCPDP

Telecom

ASAP

Pharmacy
Benefits Mgmt

Provider

EHR System

NIEM
-
PMP

NIEM
-
PMP

Provider

EHR System

Provider

EHR System

Data Out

Needs for standards (data format and content; transport and security protocols)