federated directory service (fds) ihe it profile proposal sören bittins (ecr, fraunhofer isst)...
TRANSCRIPT
Federated Directory Service (FDS) Federated Directory Service (FDS)
IHE IT Profile ProposalIHE IT Profile Proposal
Sören Bittins (eCR, Fraunhofer ISST) Sören Bittins (eCR, Fraunhofer ISST) November, 18th 2008November, 18th 2008
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Editors
• Olaf Rode, Ben Kraufmann (Fraunhofer ISST)Olaf Rode, Ben Kraufmann (Fraunhofer ISST)
• Gottfried Heider (eHealth Consultants)Gottfried Heider (eHealth Consultants)
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Current Situation
• Distributed private hospital chains, state-owned hospitals and doctorsDistributed private hospital chains, state-owned hospitals and doctors
• HCP are not usually interconnected among each other = “offline”HCP are not usually interconnected among each other = “offline”
• Communication by mostly traditional means:Communication by mostly traditional means:– Telephone, Fax, Letter, PatientTelephone, Fax, Letter, Patient
• Localisation also by traditional means:Localisation also by traditional means:– Yellow Pages, Directory AssistanceYellow Pages, Directory Assistance
• Only intra-enterprise digital communication:Only intra-enterprise digital communication:– Not secured by state-of-the-art methodologiesNot secured by state-of-the-art methodologies– Usually not applicable for external communicationUsually not applicable for external communication– Triple-effort: localise, authenticate, and communicate (with) external Triple-effort: localise, authenticate, and communicate (with) external
partnerspartners
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Basic Requirements
• Digital communication requires:Digital communication requires:– localisationlocalisation– identificationidentification– addressingaddressing– authenticationauthentication
• Those issues demand for adequate directory services that Those issues demand for adequate directory services that can be used across affinity domainscan be used across affinity domains
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Objectives of FDS
• Federated, distributed and interconnected directory services Federated, distributed and interconnected directory services greatly improve this process:greatly improve this process:– Re-use of already existing but strongly isolated directories (e. g. PWP)Re-use of already existing but strongly isolated directories (e. g. PWP)– More secure and in full compliance to data-protection and –safety More secure and in full compliance to data-protection and –safety
regulationsregulations– Enable cooperative and potentially cross-border / cross-organisationalEnable cooperative and potentially cross-border / cross-organisational
health-care applicationshealth-care applications– Lay the foundation for a secure and reliable exchange of digital Lay the foundation for a secure and reliable exchange of digital
documentsdocuments– More efficient and much fasterMore efficient and much faster– Fully traceable and comprehensibleFully traceable and comprehensible
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
FDS Inter-connection
Affinity Domain
Federated Directory Service
Directories
PWP
OrganizationsDirectory
Services Directory
...
Affinity Domain
Federated Directory Service
Directories
OrganizationsDirectory
Devices Directory Affinity Domain
Federated Directory Service
Directories
OrganizationsDirectory
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Federated Directory Service
• FDS enables the linkage of originally intra-enterprise/-domain FDS enables the linkage of originally intra-enterprise/-domain directory services directory services
• FDS manages and coordinates the data exchange of all FDS manages and coordinates the data exchange of all participantsparticipants
• FDS enables multiple deployment options, such as hierarchical FDS enables multiple deployment options, such as hierarchical organisational structures or lateral peer-to-peer networksorganisational structures or lateral peer-to-peer networks
• FDS profiles the communication and requests for upmost FDS profiles the communication and requests for upmost compatibility and harmonisation between all participantscompatibility and harmonisation between all participants
• FDS aims at providing a foundation for further integration FDS aims at providing a foundation for further integration profiles that foster and ensure interoperability in healthcareprofiles that foster and ensure interoperability in healthcare
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Actors and Transactions
Directory Consumer Directory Gateway
Directory Provider
searchDirectory
searchDirectory
forwardSearchRequest
DNS Server
findDirectory[ITI-23]
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Proposed Standards & Systems
• The proposed profile should use existing directory The proposed profile should use existing directory standards (i. e. LDAP as profiled by DICOM Suppl. 67)standards (i. e. LDAP as profiled by DICOM Suppl. 67)
• The use of DSML is proposedThe use of DSML is proposed• Federation and trust establishment/brokerage should be Federation and trust establishment/brokerage should be
based on the respective WS* stack (e. g. using the based on the respective WS* stack (e. g. using the recommendations of the HL7 v3 transport specification)recommendations of the HL7 v3 transport specification)
• Entity Identification Service (Service Functional Model Entity Identification Service (Service Functional Model Specification, OMG Technical Spec.)Specification, OMG Technical Spec.)
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
IHE Profile Grouping
• XUA:XUA: for the authentication against FDS directory for the authentication against FDS directory gatewaysgateways
• XPP:XPP: for authorisation of directory access operations for authorisation of directory access operations• ATNA:ATNA: for mutual node authentication for mutual node authentication • PWP:PWP: for potential instantiation of the FDS directory for potential instantiation of the FDS directory
provider actorprovider actor
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Real-World Necessity
• Real-world experience while rolling-out health care networks in Real-world experience while rolling-out health care networks in Germany:Germany:– Missing or non-standardized directories are the #1 sore spot for every Missing or non-standardized directories are the #1 sore spot for every
co-operative healthcare scenario in a federated environmentco-operative healthcare scenario in a federated environment– Inadequate Inadequate identificationidentification means may cost means may cost efficiencyefficiency– Inadequate Inadequate localisation/addressinglocalisation/addressing means cost valuable means cost valuable timetime– Inadequate Inadequate authenticationauthentication means may cost means may cost compliancecompliance
• FDS is a building-block of high significance :FDS is a building-block of high significance :– Physicians who refer a patient to a hospital needs:Physicians who refer a patient to a hospital needs:
• the correct address of the hospital (e. g. eMail)the correct address of the hospital (e. g. eMail)
• its current digital certificate (e. g. for encrypting the referral letter)its current digital certificate (e. g. for encrypting the referral letter)
• the intra-enterprise OID of the responsible department (e. g. for granting the intra-enterprise OID of the responsible department (e. g. for granting access authorization for a health record)access authorization for a health record)
IT Infrastructure Technical CommitteeIT Infrastructure Technical Committee
Further Synergy Potential
• Cross-National solutions for co-operative health care:Cross-National solutions for co-operative health care:– Border-line winter sports regions: Germany and Austria Border-line winter sports regions: Germany and Austria
– Cooperative health care in Benelux-States: France, Belgium,Cooperative health care in Benelux-States: France, Belgium,LuxembourgLuxembourg
• Pan-European Scope – epSOS ePrescription:Pan-European Scope – epSOS ePrescription:
– A patient needs medicine that is already prescribed in the home country when in another A patient needs medicine that is already prescribed in the home country when in another country. In this case the pharmacist should be able to electronically access the prescription country. In this case the pharmacist should be able to electronically access the prescription from the same eHealth interface used for prescriptions ordered in the local country. When from the same eHealth interface used for prescriptions ordered in the local country. When medicine is dispatched, the system should notify the home country node of the foreign medicine is dispatched, the system should notify the home country node of the foreign patient about the dispensed drugs.patient about the dispensed drugs.
– A medical professional decides to prescribe medicine to a visiting patient from another A medical professional decides to prescribe medicine to a visiting patient from another country. To assist the medical professional to make the best decision on the country. To assist the medical professional to make the best decision on the pharmaceutical strategy to be used, the patient's medical and pharmaceutical history from pharmaceutical strategy to be used, the patient's medical and pharmaceutical history from her home country will be available through the patient summary. When the electronic her home country will be available through the patient summary. When the electronic prescription is finalized, a copy of the prescription will also be sent to the patient's national prescription is finalized, a copy of the prescription will also be sent to the patient's national node for inclusion in the national medication summary.node for inclusion in the national medication summary.