I was just checking out the draft test procedure (PDF) for access of image results under Meaningful Use stage 2, §170.314 (a)(12).
This is the test that vendors seeking certification of their EHR products must complete and provide evidence of passing.
Often, EHR vendors get imaging wrong, but I think the authors of the test procedure got it mostly right. At least in terms of the requirements.
Essentially, the EHR must allow an authenticated and authorized user to be able to discover that exam images for a patient are available, and access the images (and associated “narrative”) in the EHR, or integrated systems, without requiring the user to re-authenticate, or search for the patient or exam.
Said another way, the system must have some form of Single Sign On (SSO) with the imaging system (or subsystem, if part of the EHR), and share the existing patient and exam context from the EHR to the imaging system.
A couple of comments…
- I have seen SSO done well and poorly (read as: insecurely) between EHRs and imaging systems. When done poorly, it if often due to technical limitations in the EHR and/or imaging systems. Or, it is simply because the integration and/or IT staff lack the knowledge or effort to do it right (read as: securely). I have found that HIE and portal vendors and enterprise viewers are generally better equipped to properly handle SSO than EHR and PACS products (probably because they are generally based on newer technology and are often deployed in multi-facility environments that demand interoperability).
- Integration from the EHR to a patient folder or specific exam has been around since PACS was first launched from an EHR well over a decade ago. What often gets lost is that users often want to compare exams side-by-side (e.g. pre-op and post-op). So, the imaging system may need to expand the context beyond a specific exam to allow this. As long as EHRs keep behaving like filing cabinets, the imaging viewer vendors will have to solve this.
- The typical method of having an EHR be aware that an exam’s images are available for viewing is to push a modified HL7 ORU message, containing info about the exam, from the image manager to the EHR. The EHR then normally parses the info and uses it, along with a URL (or similar) string template, to create a context-sensitive link that can launch the viewer and present the desired exam. Some EHR can provide multiple exam identifiers, when the imaging viewer supports it, to show more than one exam in a single view. More modern methods for an EHR to discover the availability of an exam’s images is to use a REST-based query method, much like defined in DICOM‘s QIDO-RS (Query based on ID for DICOM Objects by RESTful Services) standard (in development).
- An additional note on the URL to launch the viewer in context mentioned above: check out IHE’s work on the new integration profile Invoke Image Display (IID).
Some other test procedures that could be related to imaging…
- Here (PDF) is the test procedure on authentication, access control, and authorization. And here is one on automatic log-off. I would have liked to see some requirements for SSO, like Kerberos or OAuth.
- This test procedure on integrity requires a hash to be calculated and validated. This may (should) also be required for image exchange.
- For the requirement for emergency access, if the imaging system does not allow the EHR to securely manage this (this can be done, by the way), the imaging system may have to also provide an emergency access override function (which means that the unique identity of the user had better have been passed securely to the imaging system, or it will have no idea to whom it is granting access).