HOME

TheInfoList



Click Here for Items Related To - HIE Of One
OR:
HIE Of One on:   [Wikipedia]   [Google]   [Amazon]

HIE of One is a free software project developing tools for patients to manage their own health records. HIE stands for Health Information Exchange, an electronic network for sharing health information across different organizations, hospitals, providers, and patients. This is one of a growing number of tools for encrypted data exchange within the healthcare sphere. Journalist
Doc Searls David "Doc" Searls (born July 29, 1947), is an American journalist, columnist, and a widely read blogger. He is the host of FLOSS Weekly, a free and open-source software (FLOSS) themed netcast from the TWiT Network, a co-author of ''The Cluetra ...
claims that a major structural problem with health care in the United States is that it is paid for by insurance companies and not patients, thus robbing patients of the power they would normally have as customers in a free market. Searls writes that the best approach I have seen so far to this challenge is HIE of One, a project of two MDs, Adrian Gropper and Michael Chen." He notes that HIE of One provides a patient-centered toolkit built around open source software and open data exchange standards. Prof. Phillip Windley, former Chief Information Officer of the State of Utah, has noted the positive impact that HIE of One could have on privacy and consent. A proposal for using HIE of One, in conjunction with
blockchain A blockchain is a type of distributed ledger technology (DLT) that consists of growing lists of records, called ''blocks'', that are securely linked together using cryptography. Each block contains a cryptographic hash of the previous block, a ...
technology, was reviewed by the US Office of the National Coordinator (ONC), winning an award from the ONC on the basis that the proposal was innovative, viable, and significant. The project rests on the premise that patients should authorize the sharing of their own health data, instead of leaving these decisions up to hospitals and other healthcare providers, who offer generic and opaque disclosure forms. The elements of sharing health data can be broken down into storage, authorization, and transmission. HIE of One has
decentralization Decentralization or decentralisation is the process by which the activities of an organization, particularly those regarding planning and decision making, are distributed or delegated away from a central, authoritative location or group. Conce ...
solutions for each of these elements and provides an open platform on which far more capabilities can be built, such as decision support, analytics, public health efforts, and coordinated health care.


Background and name

For most of their medical histories, doctors shared minimal information about patients. Before the computer age, a doctor might have a phone conversation with a specialist before sending over a patient or send a few pages of a Continuity of Care Document (CCD) to the next healthcare provider or nursing facility. Many important aspects of treatment were dropped along the way, leading to suboptimal outcomes and duplication of work. The advent of electronic records theoretically enabled much better care coordination, and the field of health information exchange (HIE) grew up around electronic records. Data sharing currently revolves around large, expensive organizations called Health Information Exchanges and industry-led efforts such a
CommonWell
However, such data exchanges have made slow progress, as found in a literature survey by the Agency for Healthcare Research and Quality. Studies cited by that survey found the HIEs hard to use. An official 2016 government study found uneven progress, with a few states succeeding and many lagging. HIE of One, in contrast, dispenses with these middlemen by allowing each patient to direct the data flow using an automated policy-driven authorization server. Data sharing is carried out through protocols run by the patient and the people to whom she wishes to grant access (doctors, clinical researchers, family members, etc.).
OpenID HEART project
developed the protocols forming the basis of HIE of One. HEART grew out of a pair of meetings at the MIT Media Lab in 2014 designed to charter work on adding a healthcare-specific authorization layer to a RESTful API. Once the scope and charter were defined, the workgroup began under the rules of the OpenID Foundation, with industry and government representatives as co-chairs.


Storage

The success of HIE One depends on shifting the sharing of patient data out of isolated doctors' offices and into patient authorization servers. Most patients will likely use cloud computing for the authorization server because robust cloud systems back up data and manage security measures. However, authorization servers can also be on a stand-alone computer or dedicated appliance at the patient's home, such as a
FreedomBox FreedomBox is a free software home server operating system based on Debian, backed by the FreedomBox Foundation. Launched in 2010, FreedomBox has grown from a software system to an ecosystem including a DIY community as well as some commercial p ...
.


Authorization

Patient control over access to her own data is the central goal of HIE of One, so authorization is the key feature. HIE of One employs standard technologies, including the OpenID
OAuth OAuth (short for "Open Authorization") is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. T ...
and OpenID Connect standards, and User-Managed Access (UMA) from the
Kantara Initiative Kantara Initiative, Inc. is a non-profit trade association that works to develop standards for identity and personal data management. It focuses on improving trustworthy use of identity and personal data in the area of digital identity managemen ...
. Both the patient and the person requesting access to the data authenticate and provide an identity. The patient delegates control over personal data held by a hospital system or other resource server using a typical OAuth flow. The requesting party authenticates and provides identity claims to the HIE of One authorization server specified by the patient. The HIE of the One authorization server can accept direct login (username/password or multi-factor), federated identity, and even
self-sovereign identity Self-sovereign identity (SSI) is an approach to digital identity that gives individuals control over the information they use to prove who they are to websites, services, and applications across the web. Without SSI, individuals with persistent ...
.


Transmission

HIE of One theoretically can use any RESTful ( Representational state transfer) standard available for data transmission, as long as it is controlled by a supported authorization standard such as
OAuth2 OAuth (short for "Open Authorization") is an open standard for access Delegation (computer security), delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but witho ...
.
Fast Healthcare Interoperability Resources The Fast Healthcare Interoperability Resources' (FHIR, pronounced "fire") standard is a set of rules and specifications for exchanging electronic health care data. It is designed to be flexible and adaptable, so that it can be used in a wide rang ...
(FHIR) is emerging as the healthcare industry's choice for formatting data and transmitting it over the Web.


Sources

{{reflist Health software