Monday, January 27, 2014

Constrained Vocabulary and Schema are good and needed - But Robustness must rule the longitudinal HIE

Strict schema and vocabulary are persistent hot topics in Interoperability. For example what is the constrained vocabulary that should be used for CCDA documents in the USA? This is an effort of Profiling, or even Profiling-of-a-Profile. Further constraining vocabulary and schema as far as possible, while still providing some value. This effort to constrain vocabulary and schema are helpful in the early days of building an HIE because it helps simplify (KISS). The more simple the interaction, the more likely  it will succeed. However the more simple the interaction the less information can be communicated.



In building an Health Information Exchange (Verb), one needs to start simple, and this is a message built into the IHE message on building an HIE. In this there is a white paper (handbook) that walks an HIE organization through how to do these constraining work found in the IHE Affinity Domain planning kit. This is still a fantastic resource for building your governance, code-sets, and policies; like seen from Connecticut.

I think however that the more critical part of this HIE building project is not in picking a vocabulary and a schema. But rather in defining what is the proper behavior related to metadata and related to content. Specifically what happens when content or metadata doesn’t utilize that vocabulary (e.g. historic information, or from a foreign land). What is the sending responsibility to ‘fixup’ codes? What is the receiving responsibility to be ‘robust’ to deviations? Is there a role for a translation-service? What is the medical-legal meaning of content that has been changed simply to meet some coding restriction?

Using a restricted code system should be guidance, not mandate. Conformance should be measured on ‘creation’ events, not necessarily ‘transmission’. Everyone must be liberal in how they process incoming content. This is fundamental to the success of the Internet and is known as “Postel’s Law” or the “Robustness Principle”. http://en.wikipedia.org/wiki/Robustness_principle

Use-cases like insurance or public-health reporting can get away with this code restriction, as there is little ‘danger’ of a loss of accuracy from a coding translation. This is why it is logical and reasonable for the original intention of HIPAA to define specific and constrained code-sets. This is why it is reasonable for public-health to define a coarse grain vocabulary.

The actual codes maintained in the medical record, the ones that would be used for current and future treatment have not changed and are the code that the doctor or medical-device picked as the best code at the time the code was picked. When making treatment decisions, accuracy is very important. Deviations from original accuracy are not unheard of, but when they happen they are clearly identified as a derivative or a transform or a translation.

XDS has had from the beginning the concept of a restricted c ode-set for metadata, the concept of the “XDS Affinity Domain”. But we always expected the document content to be the original content, unless it was a properly approved “Transform” (a concept also supported by XDS). The dynamic document concept is clearly an exception that could be called out specifically. The codes in the metadata are intended to be ‘meta’, and thus a bit of accuracy loss for the benefit of easier communication (interoperability) is reasonable. This is emphasized very specifically for some metadata, like classCode (the high-level classification of the kind of content), but is also true of more fine grain items like typeCode. Meaning that even typeCode is just a code representing the whole and thus not a complete representation of the whole content. They are both ‘meta’.

Even XDS recognized that this constrained “XDS Affinity Domain” vocabulary will evolve over-time. Meaning as much as you think that you can control the vocabulary today, the future will want to have different constraints. These different constraints can only add concepts. It is possible to deprecate “new use” of old concepts. But the old concepts can’t be forbidden.

It is the concept of ‘forbidden’ that worries me most. Anytime a constrained vocabulary is selected, this ‘implies’ that codes outside that vocabulary are ‘forbidden’. This is an ‘implied’ POLICY. Please don’t make it an implied policy. Please make it an explicit policy, and I suggest that the policy follow the Principle of Internet Robustness; aka Postel’s Law. Be specific in what you send, liberal in how you receive.

When put into the context of a longitudinal record, rather than the context of an instant in time message, the ‘send’ point-in-time is the point at which the content is created, not the point when it is transmitted. Meaning when content is created it should be created using the best vocabulary and schema at that time, and it should be intended to be as conforming as possible. However we must recognize that a document created today, might be needed 10 years from now when the schema or vocabulary have changed. The new rules should not be applied, and any system receiving the content should try as hard as it can to understand the 10 year old content. Sometimes this means that it can’t be fully processed and that the user (clinician) needs to be warned of this.

This is the receive side robustness.

Eating an Elephant -- How to approach IHE documentation on Health Information Exchange (HIE)

No comments:

Monday, January 20, 2014

FHIR Full Steam Ahead

Update from the HL7 Workgroup Meeting (WGM). Although I am not at the meeting due to a traumatic automobile accident, the FMG did have a meeting that they extended to those of us members that couldn't make the meeting. The main agenda for the meeting was to agree on if we will be targeting a second formal ballot, or go direct to DSTU. The GE pushback has caused much open and transparent discussion among the FHIR community. The FMG took this FHIR community consensus as advisement. There was a very visible survey done at the FHIR Connectathon, as reported to me by Scott Bolte (GE).

After all this deliberation the FMG voted unanimously to go direct to DSTU, providing nothing traumatic comes up this week at the WGM. I will note that the GE position was an urging for a second ballot, while being very clear GE accepts either outcome as long as it is open and transparent.

A few actions did happened as an affect of the open and transparent discussion as a result of the GE pushback. First there will be some letters published openly that explains the way that FHIR is going to utilize the DSTU. These letters will stress that during the DSTU phase there will be no effort to maintain backward compatibility, yet all changes must be justified and persuasive.

Also there will be a formal bug-tracking system that is attached to the SVN that is used to maintain the source for the FHIR specification. Everyone is encouraged to report bugs, membership is not a factor. All bugs will be formally tracked, discussed, and disposed of. The changes to the specification will be linked to the bug.

There will be regular releases of the 'current' specification, with change-tracking generated from the bug-tracking system. Of these releases there will be some milestones that will be saved for longer times, such as the versions used for connectathons.

I am very happy with this result. Did I want a second ballot, yes. But what I really wanted was a open and transparent discussion of the process, with very visible understanding of the current stability and maturity of the specification with go-forward mechanisms and milestones.
No comments:

Wednesday, January 15, 2014

Excited about FHIR, but want it done right

I am a huge supporter of HL7 FHIR. I am involved in the development, the use by IHE, and promoting it inside of GE Healthcare. I am about as involved in the FHIR standard as I can be, given my day-job. I truly want and expect FHIR to succeed. It is far better in many ways than the existing HL7 v2 or v3. It will break Healthcare out of the dark ages, and into the modern world of Interoperability.

The best way to get to this vision is to make sure that it receives as much review as is possible, without going overboard. Too much review is a bad thing too, as many standards have died due to over analysis. However FHIR has received ONE formal ballot, while benefiting from many people experimenting with it at the various FHIR connectathons (hackathons). I encouraged everyone back in August to review and comment Time to kindle the FHIR - It needs ballot comments to grow. I provided 42 comments, mostly focused on DocumentReference (aka XDS),  during this one formal ballot. I worked with Grahame to resolve these. I am happy that they were given the best review by Grahame as they could.

I however want another chance to review the whole FHIR ballot, and even more so I want everyone that is now more excited than ever to have a chance to review and comment on the whole FHIR ballot. There were hundreds of comments that changed almost every part of FHIR. Most of these changes were done by a very small core team that I have total faith in. I am not concerned that the HL7 ballot process was not executed. I am interested in making sure I and all the newly excited people get a second chance. A second chance to make sure the content is consistently following the FHIR core principles and is reasonable quality.

The DSTU phase is a dynamic phase. There WILL be more changes during the DSTU phase. So I know that a second ballot is not necessary to get convergence, this could happen during DSTU. However the more changes we make during DSTU the less visibility these changes have and the more they will break.

I, on behalf of GE, sent the following message to the FHIR Management Group (FMG), FHIR Governance Board (FGB), and the FHIR mailing list.

---------------------------------------------------------------------------------------------------------------------------------------------
GE Healthcare would like to express our complete support for FHIR. GE has provided comments and have seen these comments resolved to our satisfaction. However we would like to encourage the FMG and FGB to support another formal ballot before entering the DSTU phase. This reasoning is not that reconciliation of any specific votes is not satisfactory, but rather that the overall change by the total votes requires a renewed top-to-bottom examination. The most concerning is where a voter (A) was satisfied with a portion of the original ballot, where that section is changed by voter (B) to something that voter (A) would not agree with. It is simply too hard to watch the total ballot reconciliation and track all changes piecemeal.

The future for FHIR is very bright, and now is the time to make sure that it meets all the principles and uniformly applies them. GE realizes that this extra step is not minimally necessary according to the HL7 GOM. We accept the decision of the FMG and FGB, and will continue to support FHIR regardless of if another formal Ballot is executed or if FHIR enters DSTU directly.
--------------------------------------------------------------------------------------------------------------------------------------------

Please give us a second chance to review and comment on the FHIR content before it enters DSTU.
No comments:

Saturday, January 4, 2014

Recirculation Ballot of the HL7 Healthcare Privacy and Security Classification System (HCS)

The HCS is being forced through recirculation ballot because two people are objecting in broad terms to any mechanism that would allow for ‘segmentation’ of data. The committee has tried to address their concerns, which are policy concerns and not technical concerns. We did agree to warn those using the HCS of potential harm caused by segmentation. They have refused to withdraw their negative.

The mechanism for dealing with this in HL7 is a recirculation ballot. A targeted ballot to those that participated in the original ballot asking them to consider the outstanding negative ballot comments and either vote Affirmative to override the negative ballot comments, Negative to agree with the negative comments, or Abstain. The details are in the recirculation ballot package.

The concerns are not unfounded, they are just not related to what the HCS is defining. The HCS is a ‘conceptual level’ concept of using broad concept of security-tags to aid with Access Control for Privacy or Security purposes. It is not a ‘platform dependent’ nor ‘organizational policy’. The specific concerns to be considered are (these are in the recirculation ballot package):
  • Data tagging is fragile: I would agree that tagging data is a fragile thing when the tag is conveying current policy. However the HCS is just defining ‘conceptual level’ concept of security-tags, not defining that they must be used or the ‘platform specific’ mechanisms to communicate. Separation of Metadata tags, from Package tags, from Consent Policies is important to robustness and to be agile to policy changes:
    • Metadata – Metadata is descriptions of the data, and only the data. This level of security tag really needs to only describe the data. 
    • Package – The package is the
      abstract concept of the interaction between parties. It would include push or pull interactions. It thus would include something like assertions of who the user that is requesting (pull) data, and under what purposeOfUse. This level of security tag can carry specific obligations about the communication agreement. It would not be duplicative of Metadata, but could be summarization of the Metadata. It could carry obligations related to the interaction (do-not-print), it could carry pointers to consent policies (see next).
      • The unfortunate reality is that the –platform specific -- package level tag carrying is not very mature. Thus Metadata tags often carry these Package tags, or they are part of the overriding policies (e.g. DURSA).
    • Consent Policies – This is an independently managed policy information point (PIP) that holds the current status of patient authorizations (aka Consent).
      This only appears where the parties that are interacting both agree upon one Consent Policy Point. Most of the time a sender and recipient have independently managed Consent Policy Points, as consents tend to be specific to a data-holding organization. There could be a common Consent Policy Point, it would be an independent communications pathway from the package. Most of the time a consent to release is indeed independent of the policy the recipient would need to gain to continue to use or disclose.
  • Fine grain tagging could paralyze medical practice. – I don’t necessarily disagree, but this is the concern of Policy, and specific on fine-grain the CDA internal tagging discussion. The HCS is defining only at the ‘conceptual level’ and not indicating if this is fine-grain or coarse-grain. The HCS has no CDA specifics in it. The CDA specific use of the HCS is part of the DS4P ballot, which is being re-balloted. I have pointed at the use of "Transforms" as an alternate model.
  • LOINC and SNOMED should be used and not a security/privacy specific vocabulary – It is hard to argue that universal and perfect use of these vocabularies would make life easier. Security nor Privacy are going to change that. However from the engine that needs to control security/privacy access, operating on a much smaller subset that represents the rollup from a security/privacy perspective is more efficient and more likely to enforce the right rules. This roll up is done once, rather than at each access (typically). This further supports security/privacy codes as actionable when the content is free-text or graphical or minimally coded. The HCS can also be used in DICOM or IHE standards. 
  • Vocabularies pointed at include some dangerous codes – YES they do. The fact that the code exists does not mean it must be used. Even LOINC and SNOMED have some questionable codes, more so in history. Thus the comment should be directed at policies that would be choosing a value-set from these vocabularies. The HCS is just pointing at existing vocabularies and doesn’t forbid other vocabularies.
  • Rules are regional – this was not mentioned in the negative comments, but has come up. The rules in one region, the sending region, might not be the same as the rules in the receiving region. Thus presuming that the proper thing will be done will fail. See Rob’s excellent article on this. http://fairhaven.typepad.com/my_weblog/2013/12/confidentiality-code-use-cases.html
Could the HCS be made better? A standard can always take on some improvement. I think this one is in good enough shape for now. As we use it, we can revise it.
  • The HCS is predicate work to the DS4P ballot. The DS4P ballot is being re-balloted.
  • The HCS is being referenced in IHE as a way of using the multi-valued metadata entry – confidentialityCode. 
  • The HCS is being referenced in FHIR
If you were involved in the original HCS ballot, when the recirculation ballot opens on Monday, please set your vote to Affirmative. 

More articles:
Patient Privacy controls (aka Consent, Authorization, Data Segmentation)
Access Control (Consent enforcement)
No comments:

Monday, December 30, 2013

My Predictions and Year in Review 2013

I don't like predictions or reviews, but it seems bloggers are obliged to do this. I did make predictions last year, so I must also measure myself against those predictions.
Speed Bump Comic Strip
I am still excited by opportunities and results.

Less Blog posts in 2013 and 2014
My job at GE Healthcare is to create and promote Interoperability Standards; specifically in HIE, Security, and Privacy. This means that I have a dual focus: outside development in standards organizations (HL7, DICOM, IHE, ISO) and government adoption (S&I Framework, HIT-Standards, HealtheWay, WISHIN, epSOS, Saudi-MoH); and inside promulgation of those standards into products and services. The outside efforts had been put into place in the previous years, and had a reasonable trajectory; so my focus this year has been far more internal focused. Thus I have created less blog articles in 2013. In the three previous years I have created about 95-97 articles, with some months producing 14 or more (thanks to ONC). In 2013, I have only produced 56 articles, with one month with 12 articles (thanks to HL7 ballots including Digital Signatures, DS4P, and FHIR). Some people try to produce a blog article every day, I am happy with one a week, or one a month.

Past Predictions
I predicted three themes for 2013: Mobile, Privacy, and Services. The following themes that appeared throughout the year nicely fit these three high level themes, most of the time fitting all three (Accounting of Disclosures).

Measurements toward Predicted Theme
The themes that appear in 2013 posts
Others view of my blog
This is satisfying to me, but not what my blog Google Analytics show was most interesting to the readers during 2013. The top most viewed articles are all from 2011 and 2012. One of them I didn’t even write.. In order, the most popular Posts in 2013 by click count:
  1. Meaningful Use Stage 2 - Audit Logging - Privacy and Security
  2. Meaningful Use Stage 2 -- 170.202 Transport
  3. How to apply Risk Assessment to get your Security and Privacy and Security requirements
  4. IHE - Privacy and Security Profiles - Audit Trail and Node Authentication
  5. Creating and using Unique ID - UUID - OID
  6. Topics (my table of contents)
  7. Patient Portal - view, download, TRANSMIT
  8. IHE - Privacy and Security Profiles - Basic Patient Privacy Consents
  9. How granular does an EHR Security Audit Log need to be?
  10. The Basics of Cross-Community Patient Discovery (XCPD) - Guest blog by Karen Witting
Posts fading away
I was glad to see these past popular articles become less interesting. They are all now 3+ years old, and likely not accurate today. Please let them fade away.
Theme in the theme
I am very happy that the most top viewed article posted in 2013 during 2013 was the one where I Define Privacy. This comes in at the 15th most popular article this year. The other articles written in 2013 that breaks the top 40 are where I Define Security Audit, and try to Define mHealth. Is this telling me that I should be in the Definition or Vocabulary space? I also posted this year that Vocabulary Standards make poor User Interfaces.

Predicting 2014
I suspect that the US government will continue to be consumed by things that are already in play. There will be a small number, mostly ONC and HIT committees, that keep trying to figure out what MU3 should be. The problem they will face is that it is not clear what the benefit of MU3 is going to be when so many are consumed by things already in play. 

Bluebutton+ will seem right, yet confuse. There will be some easy things, like "Bluebutton+", but as I point out on Keith's blog this is too nebulous of a specification to figure out what it means. The message needs to be made more clear, what part of the "Bluebutton+" experience is to be mandated and measured? I hope it is the CCDA, and not the transport. But Keith sees it otherwise.
Add caption
I don't object to the transport but it is pre-standards specification. I would rather see us mature the "RESTful" concept under FHIR and MHD, with security models from IUA, DS4P, and other projects underway. Getting this right is more important than getting it done fast. This is not to say that HIEs should not look to Bluebutton+, they should. The action should be to experiment and reflect on that lessons learned so that we improve the standards so that we get something worthy of mandate and measurement.

HIE Patient Identity. We will continue to work on the Patient Identity problem, more so this year. There was much talk in the past few years. There was some intense, urgent, work done in CCC and CommonWell. This work will be brought out into the open. We will learn that this is NOT  at technical problem, the standards support what is needed. This is a 'business' operational issue, and a 'privacy' issue. Meaning businesses don't want to change what they are gathering, yet everyone gathers different information. If we must  do patient matching, then we must all gather the same demographics with the same level of accuracy (Level of Assurance). For example, everyone must gather the SSN completely, not just the last four digits. This brings up the 'privacy' problem that this creates. We will not see a universal patient ID, but we will see what sure looks like one. It will simply be a well-structured-and-normalized mashup of the demographics all hashed together. This will fail to match sometimes, but it won't have false matches (false-positive).

Profiles. Simply the  USA will realize the need for Profiles. This  might not be "IHE" profiles universally. I am okay with that. I fully expect that HL7-FHIR will produce some profiles this year. I fully expect that HHS/ONC/HIT-Sc/HIT-Pol/S&I-Framework will come up with a concept closer to a 'profile'.  This is not far off, but not being done today with purpose. The purpose will come when the community sees what IHE does with DS4P. The result is simple and measurable. 

And everything else. Yes Security, Privacy, and HIE will continue to evolve and mature. This is going along at the right pace. Many want it faster, but faster is not how one moves such a large industry like healthcare. Especially since healthcare is very much thousands of competing organizations with highly educated and driven individuals as the workers. My themes from last year will continue to be the right themes: Mobile, Safety, and Services.

Optimism
Overall I am excited at our progress. It really is a team-sport. There are far more people 'doing' than ever before. There is a more common goal than ever in the past, and the majority of efforts are all clearly toward that goal. 
No comments:

Saturday, December 21, 2013

Eating an Elephant -- How to approach IHE documentation on Health Information Exchange (HIE)


Any standard is not easy to approach. This is especially problematic when that standard is so central to a concept that affects so many. The
Health Information Exchange as a mechanism to Exchange Health Information under some Organization or Federation of Organizations.

HIE Background and Introduction

Most high level document from IHE is the white paper on what an HIE is and the various methods of communications that are profiled in IHE
Health Information Exchange: Enabling Document Sharing Using IHE Profiles - Published 2012-01-24

Second most high is the Volume 1 material on the different profiles. The format of an IHE profile very specifically has volume one material targeting the users and product management. Volume 1 (ITI TF-1): Integration Profiles (rev 10.1 added 2013-10-25)
This is where one will find XDS, XDR, XCA and the other profiles explained in terms of their benefit. This explanation in the context of the ITI committee is rather abstract, as ITI doesn't deal with any specific domain of healthcare. Thus it is all about the IT Infrastructure.

Third most high is the section 4.1 of Volume 3, that outlines specifically the high-level concepts behind the Document Sharing metadata.  Volume 3 (ITI TF-3):

This metadata description has been re-documented as IHE came to understand how hard it was to read. It historically was written over 10 years little by little. So it was time to take a step back and document it more formally. So it now contains an abstract/conceptual definition, and platform specific definition. This will likely be further refined as IHE approaches RESTful

HIE Profile details

The fourth most deep is best to get from the other IHE domains. The reason is that these other domains focus on actual workflows, not just the infrastructure to support workflows. So you will find better explanations of how to translate a clinical need into detailed encoding of documents. Each of these have a Document Content profile, a profile of some document standard (DICOM SR, HL7 CDA, PDF) and how it maps into the HIE framework
The Deepest that IHE goes is found in Volumes 2 and 3. Specifically in the ITI Technical Framework this is where XDS and family are documented in detail.
  • Volume 2a (ITI TF-2a): Transactions for the following profiles CT, PSA, EUA, PIX, RID, XDS, ATNA, PDQ, PWP, NAV
  • Volume 2b: (ITI TF-2b): Transactions for the following profiles PAM, XDM, XUA, XDS, XCA, PIX V3, MPQ
  • Volume 3 (ITI TF-3): Contains Section 4 Cross-Transaction Specifications and Section 5 on the ITI Content Specifications
  • Volume 3 (ITI TF-3): Detailed descriptions in the section 4.2 and 4.3 of Volume 3 is very specifically targeting the programmer or one picking the specifics of the technologies and vocabularies. These are the deepest detail we have on the metadata.
  • There are also supplements that are not yet in "Final" state. Specifically the Mobile Healthcare Documents, the RESTful API to XDS/XDR/XCA

Deployment Guides

Detailed descriptions of what those that are deploying an HIE would need to consider is found in a ‘handbook’. This is useful to others, but is specifically focused on those responsible for deployment, policy, vocabulary management, and those long term concepts. It is rather focused on XDS, but the concepts are useful for any of the document sharing exchange methods
Template for XDS Affinity Domain Deployment Planning - Revised 2008-12-02

Detailed descriptions of Privacy and Security concepts are in the other ‘handbook’. This is useful to the programmer, but is more useful to the security and privacy developers and those deploying.
Access Control - Published 2009-09-28

I cover many ways to bringing this Access Controls to life including using the newest concepts of data tagging to enable federation of access control enforcement.
 
I also have plenty of other blog articles covering all the various "Topics" that I cover.

There are various levels of complexity found in the IHE IT Infrastructure Technical Framework Appendix found in Volume 1 and Volume 2(x). The volume 1 should be less technical but this isn't always as well done. Volume 2x is mostly completely for the programmer or software architect.
Volume 2x (ITI TF-2x): Appendices A through W and Glossary

IHE and HIE Webinars

I could say that higher than any of this is our Webinars… but I think that is stretching to be called documentation.
http://www.ihe.net/Webinars/

Conclusion

So, like eating an elephant, one must take it one bite at a time. There are many more resources too. I have liked what some of the HIE vendors have done.
No comments:

Sunday, December 15, 2013

On Infuence

My methods of Influence are quiet and patient. Keith wrote on his blog "On Influence" about the ways that he influences. All really good and classic methods of leading and influencing. I agree with everything said, but do things slightly different, some might say totally different. Keith likes to be seen and likes to socialize with the influential. This is shown with his Klout score of 61 today. Yeah, Klout is not that important, but it is recognized by those that like to recognize it.

I however have a Klout score of 47, which is rather high for me. I usually only have a score in the 30s. The difference is that I am less interested in being seen and recognized. I guess I am simply more of a classic geeky engineer. I prefer to act more like Larry Niven's Pierson's Puppeteers, lead from behind the scene. That is not to say that I don't speak with people that do like to be visible. I like to feed those who take on a visible role with information.

The most useful "Influencing" tool that I have, I learned from my Grandfather. My Grandpa Jake was a construction engineer and architect. He was the Superintendent on the Frank Lloyd Wright designed Johnson's Wax Building. One day when my brother-in-law asked "How come you are so quiet Grandpa?" He said "I never learned anything while I was talking." I take this to heart. I do know things about Healthcare Interoperability, Medical Device Safety, Privacy, Security, etc. But I don't know everything, so I try to do more listening than talking. I hope this comes through as better informed opinions when I do speak. I don't mind speaking, and will when asked. I just don't use it as a primary way of influencing.

I do agree with Keith on the importance of associating yourself with activities that will succeed, and also the importance of being willing to fail early. I too use my blog to throw ideas against the open world to see if they are possibly useful or good. It is always good to get positive reinforcement, but more useful to me to hear when I am wrong.

I will add that a very important aspect of Influence in Open Healthcare and Open Standards is a willingness to wait a long time for success. This is not a place for those that want results tomorrow or even this-year. If you are not willing to wait a very minimum of 5 years, and more likely 8 or 10 years; then you should not get excited about this line of work. The things I am working on this year are not likely to be successful for at best 5 years, and I am willing to see it through. During those 5 years lessons will be learned and tweaks will be made. Very little survives this 5 year 'trial implementation' phase unchanged. This goes back to the listening principle. One of the first blog posts I did in 2009 was on the IHE Access Control white paper that I helped write, the fundamentals of this are still being 'discovered' by people and organizations such as the HL7 Healthcare Classification System (HCS) and Data Segmentation for Privacy (DS4P)

I do hold a co-chair position in HL7 Security WG. Politically one must have a co-chair position to be seen as authoritative. Many people think that I am a co-chair in IHE, but I keep avoiding it.

Enough about me:

No comments:
Subscribe to: Posts (Atom)