Tuesday, November 24, 2015

#Health Articles saved on Delicious by @ekivemark

It’s Tuesday, November 24, 2015 at 09:00AM
and time to bring you some Delicious #Health posts

via WordPress http://2.healthca.mp/1OpXADm

Monday, November 23, 2015

OAuth Trust Whitelist API Specification

I recently published a post on the HHS IDEA Lab blog as part of my role as Entrepreneur-In-Residence. That post referred to a WhiteList API I have proposed. That linked to a document on Google Drive. Some people have issues reaching Google Docs/Drive so I am posting the specification here too.

OAuth Trust Whitelist API

Document Information

Author: Mark Scrimshire (mark@ekivemark.com)

Google Drive Link for comments: http://2.healthca.mp/1PK5pXy

Version: 1.0


The Centers for Medicare and Medicaid Services is building a next generation BlueButton service. This will be a REST API that will present HL7 FHIR structured data resources.

The service will enable Medicare beneficiaries to connect their data to the applications, services and research programs they trust.

CMS needs to be able to perform some basic validation of the third party application before issuing an application key.

The purpose of this specification is to create a whitelist API that reaches out to direct messaging trust bundle providers to confirm that an entity is a valid member of a legitimate trust bundle.

The whitelist API will validate the data provided and return either a 404 Not found or a 200 Ok with a datetime entry that identify when the certificate for the entity expires.


The whitelist API is intended for organizations, such as CMS, that want to validate requests for third party application access against existing healthcare industry validation services such as DirectTrust or NATE (National Association for Trusted Exchange).

The API will use OAuth2 to control authorization and the API will be offered over a secure HTTPS/SSL connection.

API Payload

The call to the Whitelist API endpoint will be a PUT request with a JSON payload as follows:


“requested_by”: requester_email,

“bundle”: bundle_id,

“domain”: domain,

“owner”: owner_email,

“shared_secret”: shared_secret,


requested_by: this is the email address of the person making the application for, the originating site. This is typically a developers really administrator in the third party application development organization.

bundle_id: this is an id to allow the whitelist API to recognize which trust bundle the entity is registered in. This allows a trust organization to accommodate multiple trust bundles.

domain: the is the domain that is registered in the trust bundle for the entity.

owner: this is the email of the organization representative that controls the entity account within the trust bundle. This is typically the email address of the person who applied for their organization to join the given trust bundle.

shared_secret: this is a key that is maintained for the entity outside of the trust bundle certificate. It is a key that is known only to the administrative owner of an entity in the trust bundle.

API Actions

The Whitelist API will assess the content of the JSON payload.

If the submitter provides incorrect information the API will return a 404 “Not found” http response.

If all of the fields are supplied correctly the API will identify the trust certificate for the entity and return the expiry date in a JSON response as follows:


“expires”: “YYYYMMDD.HHMM”



via WordPress http://2.healthca.mp/1NLp7fR

Thursday, November 19, 2015

Developing trust for Health APIs inc. #bluebutton and #bbonFHIR

As part of my work as Entrepreneur-In-Residence at CMS, I am working on the next generation of BlueButton as a data API. Within CMS we refer to this as BluebuttonOnFHIR. As part of this work I have been thinking about how to establish trust for the third party applications that want to connect to the API.

In order to establish a solution for this baseline of trust I have put forward the idea of whitelist APIs. These could be hosted by current trust bundle administrators such as NATE and DirectTrust.

You can find out more about this whitelist API via a post I have published today on the HHS IDEALab Blog. Check it out here:

via WordPress http://2.healthca.mp/1OhrdXt

Tuesday, November 17, 2015

#Health Articles saved on Delicious by @ekivemark

It’s Tuesday, November 17, 2015 at 09:00AM
and time to bring you some Delicious #Health posts

via WordPress http://2.healthca.mp/1NB9I1r

Tuesday, November 10, 2015

#Health Articles saved on Delicious by @ekivemark

It’s Tuesday, November 10, 2015 at 09:00AM
and time to bring you some Delicious #Health posts

via WordPress http://2.healthca.mp/1NHp6Oh

Monday, November 09, 2015

#Connect2Health ONC interoperability Roadmap

Today I am in National Harbor at the Gaylord Resort and Conference Center.i am here for the mHealth Summit.

I am sitting in on the ONC Interoperability Roadmap session. It was interesting to hear Steve Posnack resist the use of the term “portal” and embrace the “Customer Facing Application.”

ONC Health IT Certification is expanding to Health IT Module instead of EHR Modules. EHR is just one type of technology in health care.

EHR is moving to a modular basis. There is no “complete EHR” certification.

ONC Health IT Certification can support:
– EHR Incentive programs
– Long-term care and post-acute care
– Chronic Care Management
– Behavioral Health
– Public policy programs.

CMS Chronic Care Management program points to ONC Health IT Certification Program.


  • Health IT developers to conspicuously disclose in plain language on their web site, marketing materials, communication statements and other assertions .

ONC Surveillance of Certified Health IT.

  • Monitoring of Complaints
  • Randomized Surveillance (2% of annually certified health IT at one or more locations.)

Patient Matching:
– Safety Provision for transitions of care / referral summaries.
– Record and exchange unique Device identifiers.

Health Disparities:

  • more granular recording and exchange (race, ethnicity, gender, sexual orientation)

DSP – Data Segmentation for Privacy: standard for exchanging sensitive health information.

2015 Base EHR Definition: reg: 170.315(a)(5-9, 11,14) + more….

  • Focuses at a minimum of the functionalities that all users of certified Health IT possess

Common Clinical Data Set / Common MU Data Set.

Unique Device Ids for implantable devices
Health concerns

The 2015 Edition of ONC Certification seems to allow more modularization. Organizations can tune their systems to meet the needs of their providers and patients.

Question: MACRA – Develop metrics for interoperability: required by July 1, 2016.

Medical Device interoperability: Not much included in current road map. A target for the next edition of the road map.

Flexibility to allow customization of CCDA. eg. including notes.
Unstructured notes are something important for providers. it is being reviewed in the advisory committee process.

Transitions of Care Documents:

Why is structured data leading to documents rendering to hundreds of pages.

[tag health cloud, bluebutton]

Mark Scrimshire
IT and Health Data Ninja

Mark is available for challenging assignments at the intersection of Health and Technology using Big Data, Mobile and Cloud Technologies. If you need help to move, or create, your health applications in the cloud let’s talk.
Blog: http://2.healthca.mp/1b61Q7M
email: mark@ekivemark.com
Stay up-to-date: Twitter @ekivemark

I am currently HHS Entrepreneur-in-Residence working at CMS on an assignment to update BlueButton for Medicare Beneficiaries. This involves creating a Data API. Watch out for more about BlueButton on FHIR.

The views expressed on this blog are my own.

I am also a Patient Engagement Advisor, CTO and Co-Founder to Medyear.com. Medyear is a powerful free tool that helps you collect, organize and securely share health information, however you want. Manage your own health records today.

Medyear: Less Hassle, Better Care.

via WordPress http://2.healthca.mp/1lgyvBo

Tuesday, November 03, 2015

#Health Articles saved on Delicious by @ekivemark

It’s Tuesday, November 03, 2015 at 09:01AM
and time to bring you some Delicious #Health posts

via WordPress http://2.healthca.mp/1Q3u2OX

Thursday, October 29, 2015

We are the center of Healthcare’s future

This blog post is part of the ‘Think Further’ series sponsored by Fred Alger Management. For more “Think Further” content, please visit http://2.healthca.mp/1HdSfKn.

There is a perfect storm brewing, one that will drastically reshape Healthcare. The change will come more slowly than many hope but far faster than anyone imagined. For too long healthcare has treated the patient as an object rather than a person. Treatments have been focused on symptoms and not causes.

In the US, healthcare accounts for around 18% of the economy. Costs continue to escalate at a rate than outstrips the growth in earnings of consumers. Yet the health outcomes from all this spending put us in the middle of the pack of nations. Healthcare is a tax on the competitiveness of the US economy and companies can’t escape this tax by continuing to pass a greater portion of healthcare costs on to their employees. Healthcare needs a reset and that reset is coming. We are entering the era of consumer-driven retail healthcare.

A Tipping Point is coming

Consumers (aka Patients) have been the outsider in the Healthcare system. Healthcare companies have traded information about patients and not with patients. But a tipping point is coming.

The past seven years have seen a confluence of change and the pace is accelerating.

The Economy

The recession in 2008/9 and it’s lingering after effects together with escalating healthcare costs drove employers to revamp employee health benefits. The net impact was a larger portion of health costs shifted on to the shoulders of individuals and families. This shift continues today. It can be argued that the recession has done more than anything to drive change in healthcare.

Legislation and Regulations

The Federal Government has driven massive change through the Recovery Act and the Affordable Care Act. This, coupled with Presidential Executive Orders to make increasing amounts of government data available in machine-readable form, has created massive entrepreneurial opportunities to put previously dormant data to new uses in healthcare.

We are now entering a new phase where policy and regulation is driving change based upon quality outcomes and “alternative payment models.”


Quantified Self: the ability to measure almost every aspect of ourselves and the emergence of this in the consumer mainstream, as wearables, drastically changes the balance of power in Healthcare. Now consumers are generating information about their lives at a volume that dwarfs the volume of information that any individual physician or healthcare organization holds about them.

Consumers trusting their data to the cloud and the evolution of “Big Data” is revealing new insights as a result of data analysis that previously was impossible, or uneconomic, to carry out.

We are already seeing this trend in pharma where there appears to be a shift from finding the miracle drug to composing drug cocktails that are tuned to an individual patient’s genetic profile.

Consumers in the driving seat

These tectonic shifts are circling healthcare and driving unstoppable change. Physician incentives are aligning around quality and effectiveness. This is driving a shift in focus from episodic care to preventative care.

As physicians are increasingly rewarded based on outcomes they are becoming more open to new ways of caring for their patients. Wellness and prevention programs are becoming more important and new care delivery models, such as telehealth will become increasingly common.

As consumer bear a larger portion of health costs and have greater visibility in to the total cost of their care they are becoming more amenable to the use of retail clinics and other retail health solutions.

One area of uncertainty is around the emerging health insurance marketplaces. Outside the largest self-insured employers there is a scenario that sees employers choosing to pay penalties and provide their employees with money to make their own choice for healthcare in the marketplace. This could see consumers have more control over their health insurer. This in turn could see the average duration of a contract increase. A growing group of consumers would have the power to choose the insurance plan that works for them. This could drive a flight to quality and service. This in turn could increase the pressure on insurers to focus on wellness and prevention.

What does the future hold?

We are just starting to see glimpses of the future of healthcare. Over the next five to ten years we can expect these trends play out with greater impact.

The release of open health data has stimulated a vibrant entrepreneurial economy in healthcare. As consumers move to the center of healthcare they will look for applications and services they can trust to help them throughout their health journey. These applications and platforms will help them consolidate their information from many different sources. Helping them reconcile and correlate multiple and disparate data sources. These platforms will not just consume data. They will also enable consumers to share data with whomever they trust. We are already starting to see this happen. The industry is moving towards a developer friendly platform known as FHIR – Fast Health Interoperability Resource framework. All parts of healthcare are actively embracing FHIR to solve interoperability challenges. It is not just the traditional Electronic Medical Record Vendors that are evaluating FHIR. We are seeing all sectors of the industry and other innovators embracing FHIR.

FHIR is potentially the most important development to cut across all areas of healthcare. With consumers able to aggregate their data from consumer devices and merge it with healthcare data, the tipping point is upon us. The healthcare system will be forced to embrace and accept the consumer as a partner. This is the most significant change that is primed to disrupt healthcare.

HIPAA – the Achilles heel of Healthcare

HIPAA: The Health Insurance Portability and Accountability Act of 1996 has long been used by the industry to prevent the sharing of information. Even with the patient themselves. The Office of Civil Rights at the US Department of Health and Human Services has made it clear that the patient has a right to their own data, in electronic format. This is the industry’s Achilles heel. The Patient is the ONLY person across the healthcare system that has the right to their health information. As Interoperability becomes more real, the patient will truly move to the center and be able to choose their trusted partners in their health journey, choosing who they trust with their data compiled from inside and outside the traditional healthcare system.

Patient empowerment is truly the blockbuster application in health care that will shape the industry for the foreseeable future.


Mark Scrimshire

IT and Health Data Ninja

Mark is currently HHS Entrepreneur-in-Residence assigned to CMS to update BlueButton for Medicare Beneficiaries by creating a Data API using HL7 FHIR.  Mark is also CTO and Co-Founder at Medyear.com a powerful free tool that helps you collect, organize and securely share your health information.  Manage your own health records today.  Medyear: Less Hassle, Better Care.

Blog: http://2.healthca.mp/1b61Q7M
Stay up-to-date: Twitter @ekivemark

The views expressed in this post are my own.

via WordPress http://2.healthca.mp/1PSFYDd

Tuesday, October 27, 2015

#Health Articles saved on Delicious by @ekivemark

It’s Tuesday, October 27, 2015 at 09:02AM
and time to bring you some Delicious #Health posts

via WordPress http://2.healthca.mp/1Ny2oWI

@StevensonU #Adulting101: Your Passion. Your Brand: Creating Opportunity in Social Media

On Monday evening I gave a talk to a group of Stevenson University students. This was part of the Student Activities “Adulting101” series that prepares students for life after college. Students are frequently taught what not to put on Social Media but rarely taught how to tap social media to fuel their passions and create opportunities as they architect their career.

I was asked to present a talk on how Social Media can be used to create your own personal brand. One that reflects your passions and creates career opportunities.

Prospective employers frequently use Google to learn about the candidates they are considering making job offers to. It is no longer sufficient to lock down your Facebook accounts. Instead you need to be thinking about how those Google searches reflect your passions and the career opportunities you are seeking.

The presentation is available on Slideshare here: http://2.healthca.mp/1jN1rR4



via WordPress http://2.healthca.mp/1N3R46r