TABLE OF CONTENTS INTRODUCTION USE CASES FOR CONVERSION BETWEEN DIRECT AND XDR DATAMOTION XDR IMPLEMENTATION GLOSSARY OF TERMS



Similar documents
Practical Guidance to Implement Meaningful Use Stage 2. Secure Health Transport for Certification and Meaningful Use

The Direct Project Overview

The Direct Project Reference Implementation Architecture

Direct Secure Messaging: Improving the Secure and Interoperable Exchange of Health Information

How To Use Direct Messaging

How To Communicate In Healthcare With Direct Secure Messaging

Illinois Health Information Exchange Client Readiness Technical Assessment Checklist

IHE IT Infrastructure Technical Framework Supplement. Document Encryption (DEN) Trial Implementation

Transglobal Secure Collaboration Program Secure v.1 Gateway Design Principles

Bridging People and Process. Bridging People and Process. Bridging People and Process. Bridging People and Process

Options for encrypted communication with AUDI AG Version of: 31 May 2011

Data Provenance. Functional Requirements Document: Developed in Response to the Data Provenance Task Force Recommendations. Version 1.

EHR Vendor Support for Meaningful Use Stage 2 Certification and Implementation Direct Basics & Transitions of Care. February 19, :00 PM EST

uently Asked NextGen Questions Share Frequently Asked uently Asked Questions Frequently Asked FAQ Pre-General Release (April-June 2014)

New Security Features

March PGP White Paper. Transport Layer Security (TLS) & Encryption: Complementary Security Tools

IMAGE SHARING. Review and Update - A Fond Farewell to CDs 2012

Navigating the Trends in Health Care Today. MEDITECH Solutions for Meaningful Use and Interoperability

Prepared by Noam H. Arzt, PhD HLN Consulting, LLC

Business and Technical Description of Commercial Systems The scope of the technical solution is further described below.

Clearswift Information Governance

Exchanging Medical Records Online with Direct

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Statewide Send and Receive Patient Record Exchange. Technical Specification

Arizona Health Information Exchange Marketplace. Requirements and Specifications Health Information Service Provider (HISP)

PrivaSphere Gateway Certificate Authority (GW CA)

Policy Based Encryption Essentials. Administrator Guide

Clinical Document Exchange Integration Guide - Outbound

EHR Interoperability Framework Overview

<your organization logo> Make the Connection to <your organization name>

StreamServe Encryption and Authentication

Quest Collaboration Services How it Works Guide

Structured Data Capture (SDC) Trial Implementation

CA DLP. Release Notes for Advanced Encryption. r12.0

Open Platform. Clinical Portal. Provider Mobile. Orion Health. Rhapsody Integration Engine. RAD LAB PAYER Rx

Expanded Support for Medicaid Health Information Exchanges

Developers Integration Lab (DIL) System Architecture, Version 1.0

Boundary Encryption.cloud Deployment Process Overview

Web Services Trust and XML Security Standards

Transport Layer Security (TLS) About TLS

redcoal SMS for MS Outlook and Lotus Notes

Setting Up an AS4 System

Quest Collaboration Services 3.5. How it Works Guide

New Security Features

McAfee Gateway 7.x Encryption and IronPort Integration Guide

IHE IT Infrastructure White Paper. Health Information Exchange: Enabling Document Sharing Using IHE Profiles

CA Performance Center

StreamServe Persuasion SP4 Encryption and Authentication

Securing Web Services With SAML

Structured Data Capture (SDC) Draft for Public Comment

Dell One Identity Cloud Access Manager How to Configure for High Availability

ConCert by HIMSS Certification: An Overview

StreamServe Persuasion SP5 Encryption and Authentication

Chapter 9. IP Secure

SAP HANA Cloud Integration CUSTOMER

mkryptor allows you to easily send secure s. This document will give you a technical overview of how. mkryptor is a software product from

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Information on Syslog For more information on syslog, see RFC Released: December 2006 Interoperability issues: None. Table 1: Syslog at a Glance

CA Nimsoft Service Desk

Chapter 6 Electronic Mail Security

Administration Guide. Wireless software upgrades

Burning Issues Health Information Exchange Webinar Series Session 2: HIE for Meaningful Use Stage 2 Summary of Care Record for Transitions of Care

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Model User Guide for Implementing Online Insurance Verification

Centers for Disease Control and Prevention, Public Health Information Network Messaging System (PHINMS)

Commonwealth of Massachusetts Executive Office of Health and Human Services. The Golden Spike Integration Options 8/20/2012

Title Draft Pan-Canadian Primary Health Care Electronic Medical Record Content Standard, Version 2.0 Data Extract Specifi cation Business View

USING SSL/TLS WITH TERMINAL EMULATION

Optus SMS for MS Outlook and Lotus Notes

UN/CEFACT STANDARD BUSINESS DOCUMENT HEADER Technical Specification Version

Stage 2 Eligible Professional Meaningful Use Core Measures Measure 15 of 17 Last Updated: August, 2015

IHE cross-enterprise document sharing for imaging: interoperability testing software

D . A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information:

Setting up Microsoft Office 365

Index of Innovative Analytics in Healthcare

HotSpot Enterprise Mobile Printing Solution. Security Whitepaper

GlobalSign Enterprise Solutions

AS2 AND EDI OVER THE INTERNET FAQ

4.0. Offline Folder Wizard. User Guide

Open EMS Suite. O&M Agent. Functional Overview Version 1.2. Nokia Siemens Networks 1 (18)

Digital certificates and SSL

Connectivity to Polycom RealPresence Platform Source Data

TEST INSTRUCTIONS FOR CROSS VENDOR EXCHANGE TABLE OF CONTENTS

Transcription:

TABLE OF CONTENTS INTRODUCTION USE CASES FOR CONVERSION BETWEEN DIRECT AND XDR Conversion from Direct SMTP+S/MIME Messages to XDR Conversion from XDR to SMTP+S/MIME Data Transmission between two EHRS that use XDR XDM to XDR Handoff DATAMOTION XDR IMPLEMENTATION GLOSSARY OF TERMS

Electronic data exchange in healthcare is commonly utilized via network environments based on the SOAP-based Web Services protocols with detailed metadata. They utilize a family of IHE profiles, each applied to a different type of use case, which have a common metadata model and make use of Web Services in a common way. Implementation of data exchange in these environments is based on the XDR (Cross-Enterprise Document Reliable Interchange) and XDM (Cross-enterprise Document Media Interchange) specifications. XDR is a SOAP-based standard protocol for the description and encoding of data. It uses a web based point-to-point push network communication permitting Direct interaction between healthcare systems. XDM specification describes the format of the XML-based payload utilized to transfer documents and metadata using email attachments and physical media. It also supports the use of web services to transfer data. XDR protocol with XDM payloads is utilized in the EHR systems deployed by major vendors such as Epic and MEDITECH, and predate the Direct Project by many years. In order to provide a uniform data delivery mechanism for the healthcare industry, such environments need to interoperate with the more recently introduced Direct Project that uses SMTP (RFC 5322) protocol as the primary content delivery mechanism. This paper covers the use cases associated with utilizing the XDR protocol for Direct Secure Messaging and its interoperability with SMTP for transferring healthcare-related documents between the following endpoints: A Direct HISP sending SMTP+S/MIME messages to an EHR that uses XDR. An EHR sending XDR messages to a Direct HISP that uses SMTP+S/MIME. An EHR sending XDR messages to another EHR that uses XDR via a single Direct HISP. An EHR sending XDR messages to another EHR that uses XDR via multiple Direct HISPs. For this use case, the paper also covers the topic of packaging conversion between XDR to XDM and back. In this case, an SMTP message is sent from a Direct user to an EHR system, which supports a SOAP endpoint. The HISP converts the message from an SMTP+S/MIME to SOAP/XML. A Direct Secure Message with files is sent from a provider s desktop to the Direct HISP. The HISP then converts the message to an XDM ZIP format. The necessary metadata is extracted from the XDM message by the XDR protocol, converted to a SOAP XML format, and sent to an Epic or MEDITECH system. The recipient then downloads the message from the EHR System.

The following use case is illustrated in the diagram below: A message is delivered via SMTP+S/MIME to a HISP; the received message is decrypted via a private key store. The intended recipient s address is verified via an address book database. The metadata from the XDM is extracted and converted to an XDR format. This message is then sent over TLS to an EHR, which then delivers it to a Direct Message Recipient.

In this case an XDR/SOAP message is sent through an EHR system. Upon receiving the message, the HISP converts it to an SMTP+S/MIME message which is then delivered securely to the recipient. The following use case is illustrated in the diagram below: An XDR formatted message is sent from an EHR to a receiving HISP. The XDR metadata is converted to an XDM message with a ZIP file, and the destination address is extracted from the XDR metadata. The destination address certificate is located from an address book. The S/MIME message is signed with a private key from a private key store. The S/MIME message is then encrypted with the destination certificate and sent encrypted to a Direct Message recipient.

There are two (2) different delivery scenarios when data is transmitted from one EHR to another EHR: When both EHRs are on the same HISP, a C-CDA message is encoded to an XDR message. The message is sent using SOAP web services over TLS to the HISP. The HISP will then send the message to the receiving EHR over TLS and the EHR will convert it back to a C- CDA formatted message. This is illustrated in Figure 3.

If the EHRs are parts of two (2) different HISPS, the delivery between these two (2) EHRs is different: Figure 4 - EHR-EHR delivery using different HISPs While the above uses cases cover end-to-end delivery of a direct message through various different methodologies, there have been some lingering questions as to the specific message format of the XDM to XDR handoff when the data is converted from XDR into SMTP with XDM payload and back. The Direct Project Wiki http://wiki.directproject.org/xdr+and+xdm+for+direct+messaging+working+version Section 5.2 ( Packaging Conversion from XDM to XDR ) provides detailed guidelines as to how the conversion should take place. Typically, the contents of an XDM message are sent as a zip file, and the EHR will accept the message, extract the ZIP file and the XML, and deliver the message as shown in Figure 1. The IHE specification does not specify how the zip files are attached. The specified guideline is: if there are several zip attachments, each one of them has to be tested for compliance with XDM before being implemented.

From the above referenced document: An XDM zip package contains a root directory, which includes a set of manifest content, and an IHE_XDM directory, which contains a set of subdirectories, each of which contain a packaged context with a metadata file equivalent to that provided in a XDR transaction. A single XDR transaction has to be constructed for each XDM subdirectory that has a metadata file. Additional details for the conversion are referenced at the end of Section 5.2 in the cited document. The table below is adopted from the educational material on the topic of XDR/XDM conversion provided by the ONC. http://www.healthit.gov/sites/default/files/soapdeepdive.pdf summarizes the payload conversions that take place in these scenarios. RFC5322+MIME RFC5322+XDM SOAP+XDR RFC5322+MIME No conversion No conversion Receiver expected to be able to handle MIME packages Transport Conversion Metadata created RFC5322+XDM No conversion Receiver expected to be able to handle XDM packages No conversion Transport Conversion Metadata simply transformed SOAP + XDR Transport Conversion Transport Conversion No conversion Metadata simply transformed Metadata simply transformed Package delivered as XDM Package delivered as XDM The cell highlighted in the table represents the use case of transmission from XDR sender to SMTP recipient as illustrated in the diagram below.

As an EHNAC-accredited HISP, DataMotion participates in the DirectTrust bundle and can enable exchanging of Direct Secure Messages between the users of DataMotion and other HISPs. When the DataMotion client (typically an ACO) has an EHR that utilizes the XDR protocol for communicating with other healthcare entities, DataMotion bridges the gap between XDR protocols to Direct Addresses as illustrated in Table 1. The diagram below illustrates an example of sending an XDR message to a recipient that uses SMTP represented in the crossover of the last row and first column in Table 1 above. The recipient can be a user of DataMotion or of another HISP.

ACO CCDA EHR HISP Metadata ONC S/MIME SOAP TLS XDM XDR Acute Care Organization Continuing Care Document Architecture which allows healthcare entities to efficiently exchange patient information between points of care Electronic Health Record- health related information that conforms to nationally recognized interoperability standards Health Information Service Provider is an email service provider that follows the Direct Project standards for providing users with a secure email address for secure communication. It is defined as data about data. It identifies the creator, time and date, purpose, etc. of the data. The Office of the National Coordinator of Health Information Technology Secure/Multipurpose Internet Mail Extensions is a standard for encryption and signing MIME data. It is widely used in healthcare email communications. Simple Access Object Protocol is a web services protocol used quite a bit in the healthcare industry to exchange information across enterprises. Transport Layer Security Cross-enterprise Document Media Interchange: specification that describes the format of the XML-based payload utilized to transfer documents and metadata using email attachments and physical media. Cross-enterprise Document Reliable Interchange is a standard protocol for the description and encoding of data. It uses a web based point to point push network communication permitting direct interaction between healthcare systems.

Copyright 2008-2014, DataMotion, Inc. ( DataMotion ). ALL RIGHTS RESERVED. Your right to print, copy, reproduce, publish or distribute this document or parts of this document is limited by copyright law. DataMotion is a registered trademark of DataMotion, Inc. All other brand and product names are trademarks or registered trademarks of their respective companies. The information contained in this document is subject to change without notice. THIS DOCUMENT IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND. IN NO EVENT SHALL DATAMOTION BE LIABLE FOR INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND ARISING FROM ANY ERROR IN THIS DOCUMENT, INCLUDING WITHOUT LIMITATION ANY LOSS OR INTERRUPTION OF BUSINESS, PROFITS, USE, OR DATA. Use Cases for XDR, (Cross-enterprise Document Reliable Interchange) Publication Date: November 24. 2014 Printed in the United States of America. DataMotion, Inc. Confidential and Proprietary Information. Published By: DataMotion, Inc. 200 Park Avenue Florham Park, NJ 07932 USA 1 800-672-7233 or +1 973-455-1245 http://www.datamotion.com/

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information