Hi Eric, others,
In order to prepare for BPPC testing at connectathon, it would be good to have the policies we want to use defined upfront.
We need to define
· whether patients without a signed consent document would grant access to their record or not (opt-out or opt-in)
· the actual policies in text and their OIDs
I suggest we just use a few very simple policies, for example
1. patient agrees to sharing all information
2. patient agrees to sharing all information but the information recorded in practice setting “Psychiatry” (<Code code="Psychiatry" display="Psychiatry" codingScheme="Connect-a-thon practiceSettingCodes" />) should not be visible to anyone
3. patient declines to share any information
We would need only one of 1. or 3. based on the default policy chosen.
Would that make sense?
We would be able to prepare our consent form template and access control rules based on the policies (and OIDs) chosen.
Mark.
Mark J. Sinke
Lead Software Architect
Forcare BV
Tel +31 30 699 1930
Mob +31 646 255 635
Fax +31 30 699 5300
Hi,
I posted the questions below to be able to prepare for Vienna. So far neither Eric nor anyone from the mailing list has answered privately or publicly.
Shall we just go ahead, issue policy OIDs and prepare our system to handle the 3 types of policy described below?
Thanks,
I will check the test definitions. I thought we had defined codes for the BPPC tests.
Steve
Mark,
Lynn reminded me the BPPC tests do define the policy codes to use for testing. See the test BPPC_Content_Creator and BPPC_Consumer_Enforcement.
Steve
From: ihe-europe-200...@googlegroups.com [mailto:ihe-europe-200...@googlegroups.com]
On Behalf Of Mark Sinke
Sent: Wednesday, April 15, 2009 07:43 AM
To: Mark Sinke; ihe-europe-200...@googlegroups.com; Eric Poiseau
Cc: dev
Subject: [ihe-europe-2009-connectathon:263] Re: BPPC testing at connectathon
Hi,