Implementation Group Meeting 2010-05-18

From Direct Project
Jump to navigation Jump to search
NHIN IG 05182010.pdf

Notes from NHIN Direct Implementation Group Meeting

Date: May 18, 2010
Time: 2pm-3pm
Allscripts, Atlas Development, CareSpark, Cerner, CGI Federal, Clinical Groupware Collaborative, CSC, eClinicalWorks, Epic, FEI, GE, Greenway Medical Technologies, Harris Corporation, HealthBridge, Healthcare Information Xchange of NY, HLN Consulting, High Pine Associates IBM, Massachusetts eHealth Collaborative, MedAllies, Medicity, MedPlus, Inc./Quest Diagnostics, MedNet, Microsoft, Mirth Corporation, Oregon Strategic Workgroup for HIT Oversight Council, Redwood Mednet, Relay Health, Social Security Administration, SureScripts, RIQI, VA, VisionShare, Siemens, Atlas Medical and MOSS

Action Items from this meeting

Due Date

Brian Behlendorf will update the Trust Model Options Page ( include his proposal

Brian Behlendorf

Decisions from last meeting

Due Date
Karen will write up her contribution on the Wiki about her “Cross” and Arien will blog this at the same time as well
Karen & Arien
All members who have feedback on the Face-to-Face Meeting should share their thoughts on the Wiki

Notes from Meeting
· Feeling a little bit of fatigue
· Work through this next three weeks
Review of the Deliverables for June 10th Meeting
· Need core specifications & services descriptions
· Tracking all of these on the Wiki on the Deliverables Tracker:
User Story WG

  • To date WG has:
    • Developed and reached consensus about a set of Use Stories broken down by priority (1, 2 & 3) presented at the June 6th meeting.
  • This week, the WG set action items to:
    • Communicate with the Comprehensive HIE WG to formalize user stories that speak to the overlap between NHIN Direct and NHIN Exchange

Content Packaging
· To date WG has:
o Created a draft proposal
o Continued conversation about the Content Container Specification & provided updates
· Last week, the WG:
o Agreed that detailed decisions about how best to use MIME encoding may depend on the specific concrete implementation that is selected. We will need to keep in synch with the concrete implementation groups.
o Discussed in some detail the issues involved in mapping between a traditional email-like message and an XDR message
§ Key question is how to handle the “patient information” data. XDR assumes the use of more complex metadata than RFC2822
§ One option is to define a simple subset of XDR data for the “routing” header, and to put the rest of the metadata inside an encoded XDM object, embedded in the message body.
§ Can we define a ‘gateway’ that can perform these mappings? This lead to a discussion over whether or not the HISP would have access to the embedded metadata (or would it be blocked by encryption of the payload?)
o Discussed the highly divergent types of practice settings which would benefit from using NHIN-Direct. There was general agreement that we should define a “glide path” that allowed for use of simple and widely available messaging approaches (that smaller practice settings could quickly leverage) onward to more comprehensive message header and content models (that more established practice settings could leverage via comprehensive EHR technologies.)
o This means that we should not require the presence of a community MPI at initial stages of deployment, etc.

Security and Trust
· To date WG has:
· To date WG has:
o Created a Basic Trust Model, Keys for Consensus:
· This week, the WG set action items to:
o Harmonize conversations on the Wiki and on calls
o Read/comment on Sean Nolan’s post on the challenges of multiple simultaneous trust circles and using TLS
o Frame and elevate policy tradeoff for consumption by policy people
o Set up a time to speak with Dixie Baker about Technology/Policy
o Brian will update the Trust Model Options Page ( include his proposal
Comprehensive HIE Interoperability WG
· To date WG has:
Created an mapping of the Abstract Model to IHE/NHIN transactions:
· Last week, the WG set action items to:
Improve the scenario for NHIN Direct and NHIN Exchange combined use
Begin discussion in the wiki about Keith Boone's proposal to map minimal routing metadata to XDR metadata requirements

Individual Involvement WG

  • To date WG has:
Provided guidance to other workgroups around individual involvement
User Stories
Content Packing
Patient to Provider Considerations:
· Last week, the WG set action items to:
Reviewed “Patient to Provider” messages – Issues and Implementation
Arranged a follow-up on “Patient to Provider” policy issues for later this week with Deven McGraw – HIT Policy Committee

Addressing & Directories WG
· To date WG has:
Proposed & reached consensus on the Addressing Specification:
· Last week, the WG set action items to:
Carry the issue of the Addressing/Directories WG to the NHIN Direct Policy Steering Committee
Write & review a charter
Review & Update IHE specification

Abstract Model WG
· To date WG has:
o Proposed & reached consensus on the NHIN Direct Project Abstract Model
· Update:
o Abstract Model Workgroup weekly meetings have been cancelled and removed from the calendar.
o Future topics for the workgroup will be addressed by one-time meetings.
o If the volume of material builds again, a weekly meeting can be put back in place if necessary.
· The Abstract Model WG will spin up again later in the process to work on the Interaction Model/Service Orchestration Model

Concrete Implementation WG

· To date, the WG has:
o Created four implementation groups (briefings on the next slides)
· Two working REST implementations (one Java, one Ruby on Rails).
o Status is feature complete for both with respect to a one HISP model.
o Experimenting with different security models for HISP-HISP security, and both implementations provide slightly different approaches
· Code:
o RoR code has full working test cases, both internal integration, some unit, and an external client driver with full test tools.
o Java code has some basic unit tests and a Python client driver.
o Neither are production ready, but neither are throwaway code either -- both handle edge cases, implement security, etc.
o Java code has multiple active committers. Rails code is an army of one...
· Advantages are documented in recent mailing list post on the benefits of REST
· Overall approach is to make "email" the format, transport and backbone of NHIN-Direct --- adding an S/MIME-based encryption and signature layer so that the system supports our emerging requirements around security and trust.
· Sample deployment configurations: Full Service HISP or Large Organization, Existing ISP and Gateway, Existing ISP and Client Plug-in
· Primary participants are Cerner and Microsoft. We are actively soliciting more support and recently summarized our argument in favor of the approach here: The case for SMTP
· Most work so far has gone into coding. Key pieces are:
o nhin-d-agent: .NET implementation working, Java implementation in development. This is the core of our implementation and we are desperate for closure from S&T to finalize it.
o SMTP/POP3 Gateway: We are building a plug-in for the Windows SMTP/POP3 servers to use for our pilot. SMTP is in place, code to be checked into nhin-d-smtp shortly. POP3 in progress.
o Certificate Stores: This is really part of nhin-d-agent, which abstracts the certificate store as a separate piece. We have currently implemented in-memory and machine-based stores which will be checked in shortly. We are looking to do an LDAP implementation but may wait on that for a bit.
o Certificate Admin: Not yet started although the certificate stores implement much of the underlying functionality so this is mostly UI.
o DNS distribution of certs: In progress, about 30% through writing a .NET client to fetch TXT records. This will not be necessary on all platforms.
o Client SMTP/POP3 Gateway: In progress.
· We are confident we will be able to complete the capability worksheet in a compelling way and will have an unfinished draft for 5/25.
· Our weakest area right now is the Comprehensive HIE story.
· Come help!
· Documentation Status:
o 1. Updated the Software Map portion of the XMPP Implementation Development Team.
o 2. Gathering feedback on items to enhance the documentation on the XMPP Development Team page.
· Technical Implementation Status:
o 1. Working version of the code per the software map has been created.
o 2. Currently working on Content Specification implementation. (Converting custom message content to fit the MIME Format).
o 3. Need to work on TLS and Security specifications next.
o 4. Trying to resolve SVN Access to Google code to check-in software. (Having a little trouble with my tortoise client).
· Community Activities Status:
o 1. Scheduling an XMPP Implementation Overview between 1pm and 3pm EST on Thursday 5/20/2010 to on-ramp new members of the team.
o 2. Share the information about the cloud instance, source code and other artifacts
· Last week, the WG set action items to:
o Comment on the Implementation Capability Worksheet
o Have a demo day on June 25th
· Interaction Model/Service Orchestration Model
o Dan Russler’s output is the
o Computable models that map to abstract model and the computable model

Implementation Geographies
· To date, the WG has:
o Early list of potential geographies:
o Early list of operational considerations
· Last week, the WG set action items to:
Review the Implementation Operational Plan and the success metrics therein

Future WG
· Testing WG
· Documentation WG
WG Schedule
· User Story Review WG Mondays 11am-12pm EST
· Content Packaging WG Wednesdays 1pm-2pm EST
· Security & Trust WG Thursdays 2pm-3pm EST
· Comprehensive HIE Interop WG Tuesdays 2pm-3pm EST
· Individual Involvement WG Thursdays 1pm-2pm EST
· Implementation Geographies WG Fridays 2pm-3pm EST
· Addressing & Directories WG Wednesdays 3:30pm-4:30pm EST
· Abstract Model Review WG Wednesdays 11am-12pm EST
· Concrete Implementation WG Tuesdays 12pm-1pm EST