On January 27, 2015, the Office of the National Coordinator (ONC) Health IT Standards Committee accepted recommendations with minor revisions from the Data Provenance Task Force led by Lisa Gallagher, HIMSS’ VP of Technology Solutions. Over the past month, the task force reviewed the Standards and Interoperability (S&I) Framework Data Provenance Initiative’s (the Initiative’s) published and approved Use Case and executive summary documents to answer specific and targeted questions from ONC.
ONC charged the Task Force with determining the first step in the area of data provenance standardization that would be the most broadly applicable and immediately useful to the industry given the community-developed Data Provenance Use Case. The three supporting questions that the Task Force was charged with answering are included below followed by their recommendations.
1) Do the 3 scenarios in the Use Case, and the Use Case’s identified scope, address key data provenance areas, or is something missing?
The Task Force advised that the current use case may be “overscoped,” and recommended that the Initiative focus should begin from the perspective of an electronic health record (EHR), including provenance for information created in the EHR (“source provenance”) and when it is exchanged between two parties. The Task Force stressed that “The notion of “who viewed/used/conveyed the data without modification along the way” is not important for provenance, as long as the information was not changed.”
Clear differentiation between communication/information interchange requirements and system requirements was also recommended with an emphasis that converting between different transport protocols should be lossless, i.e., retain integrity, in terms of provenance of the payload/content. It is also important that systems remain agnostic of transport technologies. Additionally, the definition of “change” to data and the implications for provenance should be considered, along with the implications of security aspects such as traceability and audits and their impact on the trust decision. The Task Force also advised the Initiative to capture policy considerations and request further guidance from the Health IT Policy Committee, if applicable.
Finally, the TF recommended that the Initiative review and consider an FDA project, guidance, and regulations related to provenance for clinical research data, as it provides a definition for “source data,” and a core set of provenance requirements that may provide a useful model.
2) The Use Case is broad and spans a lot of challenges. Where in the Use Case should the Initiative start in terms of evaluating standards to meet Use Case requirements?
The Task Force introduced a recurring theme across the set of recommendations– the Initiative should clearly differentiate a core/basic set of provenance requirements for the use case that, ideally, would apply to other use cases as well. The TF stressed that, while recommending that the Initiative start with a use case related to exchange of data between EHRs, the work on core requirements would also apply to other use cases, such as the content received from a source system where the source system is patient-controlled.
The Task Force noted that the Initiative should continue its work to determine if “Origination of the Patient Care Event Record Entry” is in scope, for example, if data was manually entered into the EHR or came from a device. The FDA eSource Exchange guidance document may provide some guidance in this area. Also recommended was review of the CDISC Operational Data Model (ODM), and consideration of related requirements that may have implications for the core set of provenance requirements (i.e. regulatory, program specific), such as medical record retention, data receipts, and esMD (digital signature).
3) Are there any architecture or technology specific issues for the community to consider?
With regard to the question of refining provenance capabilities for CDA/C-CDA while supporting FHIR, the Task Force recommended consideration of related work with existing HL7 projects (CDA/C-CDA provenance, FHIR Provence Project, Privacy on FHIR), Source Data Capture (SDC) work and the 21CFR 11 regulation, which establishes FDA regulations on electronic records and electronic signatures, among other security standards. The Task Force emphasized that the provenance of content should be lossless for information exchange.
The Task Force recommendations were accepted by the Committee with friendly amendments to include the development of a clear definition of “lossless” and clarifying language on integrity. Final recommendations will be drafted by the Committee once the amendments have been made and submitted to ONC via a transmittal letter by mid-February.