Sunday, July 17, 2016

Extending the FHIR standard to handle provenance

I wrote a paper for W3C PROV program with Arnon and Adriane from Mitre. The paper discusses the experience so far with applying the W3C PROV model to the HL7 FHIR model. Much of the material and inspiration came from my blog post in March on "Provenance vs Audit - its not a competition". The paper is much better, and all of that better-ness is because of my co-authors.

The paper is published on Provenance Week 2016 - program agenda "PROV: Three Years Later". I was not present to present. Search for "FHIR".

You will also notice that Reed Gelzer has a paper published there as well.

The main point we make in our paper is to introduce the PROV community to the FHIR community, and thus enable the PROV community to better understand how other standards communities are using their standard, and thus the struggles they have with understanding and applying it to the Healthcare domain.  In fact pointing out that because of historic reasons healthcare has separated Audit from Provenance, and this might not please a provenance purist.
In this work, we look at the problems a domain-specific standard committee faces when trying to “involve” provenance to meet domain requirements, without committing to the major expansion of adding a general provenance capability. We also begin the discussion of what the provenance community can do to assist the domain-specific creation committee with the easy inclusion and usage of well-specified, and provenance-community approved guidance.
That is not to say that the goal is to force all PROV use to be pure, but rather to help the PROV community understand how they need to be guiding force, not breaking force.

Tuesday, July 12, 2016

Privacy-by-Design Data-Analytics Platform on FHIR

In all the networking and interviewing I have been doing lately I have been thinking more and more about a really cool project that I would love to participate in. As far as I know someone must have tried this, but it will take many technology advancements yet. So if anyone is working on this, I want to talk to you and see if I can get on your team. Yes, I am still looking for a job.

The idea is I want to use Privacy-By-Design to design a Data-Lake that will respect Privacy Principles in all data uses.

Wednesday, July 6, 2016

Stories of poor security from vendors that should know better

I simply must point to a very specific episode of SecurityNow, a very good podcast every week. Episode 567 because he describes in detail five different products/services that simply did not do security right. All might look like well secured products to marketing, sales, or any leadership. But not done right at all. Sorry that the podcast is 2 hours long, but the whole thing is worth listening to because the whole two hours is full of story after story. These are not old stories, these are from this week or the week before. Symantic, StartCom, AuYou, etc...
The point is to

For those that want to read, not listen... He has fantastic notes he uses during the show; and later will have transcripts of the actual spoken word.

Monday, July 4, 2016

Interoperability will never be perfect - not even FHIR

I just finished a fantastic book "In the Land of Invented Languages: Adventures in Linguistic Creativity, Madness, and Genius" by Arika Okrent.
This book was recommended by Grahame Grieve. I don't have evidence he recommended it, but I am sure it was Grahame. I wondered why he would have recommended such an obscure book. I may have figured out why, but I might have completely over blown the thought.