Point-of-care Identity Management (PCIM)

Size: px

Start display at page:

Download "Point-of-care Identity Management (PCIM)"

Daniella Benson
8 years ago
Views:

1 Point-of-care Identity Management (PCIM)

2 Principle #1 Incorrect association of patient and device data can contribute to improper treatment which can be harmful or fatal to patients.

3 Principle #2 The design process for any clinical use of device data shall include identification of the means by which correct association of device data with a particular patient will be assured, and a rigorous risk analysis covering the ways correct association can fail and how the risks can be mitigated.

data with a particular patient will be assured, and a rigorous risk analysis

4 The risk analysis and design analysis flow from study of the use cases for the total system of systems exchanging information of patientdevice associations. As part of this, it is necessary to identify the specific information exchanges that need to exist for systems to communicate about associations between patient identities and device identities in the use cases.

As part of this, it is necessary to identify the specific information exchanges that need

5 The purpose of the PCIM profile is to specify transactions that meet those needs for identified use cases.

6 Identity assertion Anybody can say anything about any entity. Within the scope we are looking at, different assertions have different value for establishing a reliable unique identity. There must be criteria for good enough There must be mechanisms for resolving conflicts if discrepant association assertions exist in the system of systems

establishing a reliable unique identity.

7 Unique identities and identification factors Within the relevant domain (e.g. hospital, national, worldwide), a unique identifier belongs to no more than one person In some situations, identity is defined or confirmed using more than one attribute if a patient (identification factor), for example, date of birth, name and mother s maiden name.

person In some situations, identity is defined or confirmed using more than one

8 Need flexibility in where in the system you create assertions of patient-device association Ex. the device could do the main part of the job (authorized person admits patient to device by barcoding wristband). Some system is used to read barcodes of patient, device, person making the association.

the device could do the main part of the job (authorized person admits

9 System Issues What is the single source of truth for patientdevice associations (if such a thing exists)

10 Conflict resolution There may be times when inconsistent Patient-Device association assertions exist in the system To what extent can automation help in a particular point in the workflow? But in general when inconsistency detected: then user interface presents information to a person for so that they may resolve the problem

11 Is there a need to support a device asking what patient it is associated with? Intuitive answer is yes?

12 Some Transactions Device to Patient Association Assertion Device to Patient Association Query Device to Patient Association Conflict Notification

13 ID-less data? Is it proper to permit transactions in the system of systems that lack patient demographic data? Possible answer: yes, but not in the enterprisefacing interfaces. That is, that would be dangerous outside a stated boundary, but there is a place for it between components of the system of systems that synthesizes what gets sent to the enterprise

demographic data? Possible answer: yes, but not in the enterprisefacing interfaces.

14 ID-less Devices Some devices have little perceived need and little capability for dealing with patient identity data, but somewhere within the system of systems the association to patient identity must be asserted and verified.

data, but somewhere within the system of systems the

15 ID-less devices Proposition: it is the ID-less devices that are most in need of identity-management services in order to be patient-safe! Implication: there is a place for ID-less data, just not escaping the bounds of the deviceoriented system of systems

16 Hypothetical System of Systems (of Systems ) Device-oriented System of Systems The Great Divide Enterprise Systems Conflict resolution dialogs UI Monitor Infusion Pump ID-less Data Barcode reader Identity broker Central Station ADT info exchanges Identified Data Patient Index EMR

dialogs UI Monitor Infusion Pump ID-less Data Barcode reader Identity

17 Proto-slides

Integrating Radiation Oncology workflow with HIS. Rishabh Kapoor, MS University of Florida

Integrating Radiation Oncology workflow with HIS Rishabh Kapoor, MS University of Florida The Problems Lack of information exchanged between Radiation Oncology information system (ROIS) with Hospital Information