tag:blogger.com,1999:blog-7330743589015826802024-03-14T02:15:26.912-04:00Healthcare StandardsCommentary and Education on Current and Emerging Healthcare StandardsKeith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.comBlogger1933110tag:blogger.com,1999:blog-733074358901582680.post-90626234752813843902023-07-27T12:01:00.002-04:002023-07-27T12:01:58.055-04:00TLS 1.2, Server Name Indication (SNI) and SOAP via CXF<p>It seems that I am destined to become a deep expert in the vagaries of TLS these days. My most recent challenge was in figuring out why <a href="https://datatracker.ietf.org/doc/html/rfc6066">Server Name Indication</a> (SNI) extensions weren't simply working in my BC-FIPS implementation that I talked about in the <a href="https://motorcycleguy.blogspot.com/search/label/BCFIPS">last few posts</a>.</p><h2 style="text-align: left;">Background on SNI</h2><p>For a brief moment, let's talk a little about <a href="https://datatracker.ietf.org/doc/html/rfc3546#page-8" target="_blank">SNI</a>. TLS is a lower layer session protocol on top of TCP that encrypts communication. HTTP and HTTPS are higher layer (Application) protocols on top of TLS. When you connect to an IP address over TCP, then initiate a TLS connection, the application layer hasn't yet seen the HTTP request, let alone the Host header. SNI serves, in TLS, the same function as the HTTP <a href="https://datatracker.ietf.org/doc/html/rfc7230#section-5.4" target="_blank">Host header</a>. Effectively, this works in the same way that the HTTP Host header does.</p><p>In HTTP, the Host header allows one server to service multiple web sites or DNS endpoints, but unless SNI is used each endpoint must be served with the same certificate, either using a wildcare or multiple alternate names. SNI allows one host to service multiple sites with different certificates for each site.</p><h2 style="text-align: left;">Integrating SNI with Apache CXF and BCFIPS</h2><div>Reading through BCFIPS documentation, you'd think at first that all you need to do is enable SNI extensions by setting <b><a href="https://downloads.bouncycastle.org/fips-java/BC-FJA-(D)TLSUserGuide-1.0.9.pdf#page=21" target="_blank">jsse.enableSNIExtension=true</a></b>. Sadly, that's not quite enough, as section <a href="https://downloads.bouncycastle.org/fips-java/BC-FJA-(D)TLSUserGuide-1.0.13.pdf#page=13" target="_blank">3.5.1 Server Name Identification</a> states.</div><div><br /></div><div></div><blockquote><div>"... Unfortunately, when using HttpsURLConnection SunJSSE uses some magic
(reflection and/or internal API) to tell the socket about the "original hostname" used for the
connection, and we cannot use that same magic as it is internal to the JVM. </div><div><br /></div><div>To allow the endpoint validation to work properly you need to make use of one of three
workarounds:"</div><div></div></blockquote><div>And then goes on further to suggest the recommended workaround as follows:</div><div><br /></div><div></div><blockquote><div>3. The third (and recommended) alternative is to set a customized SSLSocketFactory on the
HttpsURLConnection, then intercept the socket creation call and manually set the SNI
host_name on the created socket. We provide a utility class to make this simple, as shown
in the example code below. </div></blockquote><blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><span style="font-family: courier; font-size: x-small;">// main code block </span></div><div><span style="font-family: courier; font-size: x-small;">{ SSLContext sslContext = ...;</span></div><div><span style="font-family: courier; font-size: x-small;"> URL serverURL = ...;</span></div><div><span style="font-family: courier; font-size: x-small;"> URLConnectionUtil util = new URLConnectionUtil();</span></div><div><span style="font-family: courier; font-size: x-small;"> HttpsURLConnection conn = </span> </div></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><span style="font-family: courier; font-size: x-small;"> (HttpsURLConnection)util.openConnection(serverURL);</span></div><div><span style="font-family: courier; font-size: x-small;">}</span></div></blockquote></blockquote>That's pretty simple. What <span style="font-family: courier; font-size: small;">URLConnectionUtil.openConnection</span> does is wrap the socket factory provided by conn (see <a href="https://docs.oracle.com/en/java/javase/11/docs/api/java.base/javax/net/ssl/HttpsURLConnection.html#setSSLSocketFactory(javax.net.ssl.SSLSocketFactory)">HttpsURLConnection.setSSLSocketFactory</a>) with one that calls a method to set the server name extension in createSocket after calling the original createSocket method found in the connection.<p></p><div>So, looking at CXF, it's the HttpURLConnectionFactory class that calls url.openConnection. We could simply override that class and replace with a call to util.openConnection, according the code in that class. Here's the original.</div><div><br /></div><div><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px; padding: 0px 0px 0px 2px;">
<div style="background-color: white; font-family: Consolas; font-size: 8pt; white-space: nowrap;">
<p><span style="color: black;"></span><span style="color: #7f0055; font-weight: bold;"> public</span><span style="color: black;"> HttpURLConnection createConnection(TLSClientParameters </span><span style="color: #6a3e3e;">tlsClientParameters</span>,<br /><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: black; font-size: 8pt;">Proxy </span><span style="color: #6a3e3e; font-size: 8pt;">proxy</span><span style="color: black; font-size: 8pt;">, URL </span><span style="color: #6a3e3e; font-size: 8pt;">url</span><span style="color: black; font-size: 8pt;">) </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">throws</span><span style="font-size: 8pt;"> IOException {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">HttpURLConnection </span><span style="color: #6a3e3e; font-size: 8pt;">connection</span><span style="font-size: 8pt;"> =<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">(HttpURLConnection) (</span><span style="color: #6a3e3e; font-size: 8pt;">proxy</span><span style="font-size: 8pt;"> != </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">null </span><span style="font-size: 8pt;">? </span><span style="color: #6a3e3e; font-size: 8pt;">url</span><span style="font-size: 8pt;">.openConnection(</span><span style="color: #6a3e3e; font-size: 8pt;">proxy</span><span style="font-size: 8pt;">) </span><span style="font-size: 8pt;">: </span><span style="color: #6a3e3e; font-size: 8pt;">url</span><span style="font-size: 8pt;">.openConnection());<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">if</span><span style="font-size: 8pt;"> (</span><span style="color: #0000c0; font-size: 8pt; font-style: italic; font-weight: bold;">HTTPS_URL_PROTOCOL_ID</span><span style="font-size: 8pt;">.equals(</span><span style="color: #6a3e3e; font-size: 8pt;">url</span><span style="font-size: 8pt;">.getProtocol())) {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">if</span><span style="font-size: 8pt;"> (</span><span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;"> == </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">null</span><span style="font-size: 8pt;">) {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;"> = </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> TLSClientParameters();<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">try</span><span style="font-size: 8pt;"> {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">decorateWithTLS(</span><span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;">, </span><span style="color: #6a3e3e; font-size: 8pt;">connection</span><span style="font-size: 8pt;">);<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">} </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">catch</span><span style="font-size: 8pt;"> (Throwable </span><span style="color: #6a3e3e; font-size: 8pt;">ex</span><span style="font-size: 8pt;">) {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">throw</span><span style="font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> IOException(</span><span style="color: #2a00ff; font-size: 8pt;">"Error while initializing secure socket"</span><span style="font-size: 8pt;">, </span><span style="color: #6a3e3e; font-size: 8pt;">ex</span><span style="font-size: 8pt;">);<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">return</span><span style="font-size: 8pt;"> </span><span style="color: #6a3e3e; font-size: 8pt;">connection</span><span style="font-size: 8pt;">;<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}</span></p></div>
</div><div>And my modest adjustment to the first two lines:</div><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px; padding: 0px 0px 0px 2px;">
<div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;">
<p> URLConnectionUtil <span style="color: #6a3e3e;">util</span> = <span style="color: #7f0055; font-weight: bold;">new</span> URLConnectionUtil(<br /><span style="color: #6a3e3e; font-size: 8pt;"> tlsClientParameters</span><span style="font-size: 8pt;"> == </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">null</span><span style="font-size: 8pt;"> ? </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">null</span><span style="font-size: 8pt;"> : </span><span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;">.getSSLSocketFactory()<br /></span><span style="font-size: 8pt;"> );<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">HttpURLConnection </span><span style="color: #6a3e3e; font-size: 8pt;">connection</span><span style="font-size: 8pt;"> =<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">(HttpURLConnection) (</span><span style="color: #6a3e3e; font-size: 8pt;">proxy</span><span style="font-size: 8pt;"> != </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">null </span><span style="font-size: 8pt;">? </span><span style="color: #6a3e3e; font-size: 8pt;">util</span><span style="font-size: 8pt;">.openConnection(url, </span><span style="color: #6a3e3e; font-size: 8pt;">proxy</span><span style="font-size: 8pt;">) </span><span style="font-size: 8pt;">: </span><span style="color: #6a3e3e;">util</span><span style="font-size: 8pt;">.openConnection(url));</span></p></div></div>But for some reason, that didn't work.</div><div><br /></div><div>Debugging this, what I found was that the decorateWithTLS method also wraps connection's socket factory, but it fails to actually look at the server socket factory that may have already been set on the HttpsUrlConnection that was passed into it.</div><div><br /></div><div>Here's a picture of that method.</div><div><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjNd0Y-hnNsDd2MJheQ2z9IsFRHKbglBsyhOT_JTbpPvVcV0VEEqRP9aXM0RGWf5sF8GDZFtPf2vm_whp6HKhu85JZdjzGLdgArHKcsSkCheSOgQVhyUmgrp4W9cxDXno5KdwIkQV_OwZiPRDGf4JpUhH6GL0Hk6-zyvlUn4pVN-BFeJSWRZ_fVyGxFA04" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="516" data-original-width="717" height="461" src="https://blogger.googleusercontent.com/img/a/AVvXsEjNd0Y-hnNsDd2MJheQ2z9IsFRHKbglBsyhOT_JTbpPvVcV0VEEqRP9aXM0RGWf5sF8GDZFtPf2vm_whp6HKhu85JZdjzGLdgArHKcsSkCheSOgQVhyUmgrp4W9cxDXno5KdwIkQV_OwZiPRDGf4JpUhH6GL0Hk6-zyvlUn4pVN-BFeJSWRZ_fVyGxFA04=w640-h461" width="640" /></a></div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: left;">It goes on for almost another 100 lines, doing all sorts of weird gyrations that low level code that needs to work with multiple libraries often to, including reflection and a bunch of other oddities.</div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: left;">What's missing here, is an initial check to see if connection is already an HttpsURLConnection, and if so, if it's already got an SSL Socket Factory set other than the default. In that situation, that's the socket factory (created by URLConnectionUtil) that needs to be wrapped yet again. Looking through everything this method does, I realized:</div><div class="separator" style="clear: both; text-align: left;"><ol style="text-align: left;"><li>I don't care about other than JSSE implementations.</li><li>My socketFactory is always set when I enter this method, and that's the one to use.</li></ol><div>So, I replaced the middle if statement in my overridden function with:</div><div><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px; padding: 0px 0px 0px 2px;">
<div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;">
<p> <span style="color: #7f0055; font-weight: bold;"> if</span> (<span style="color: #0000c0; font-style: italic; font-weight: bold;">HTTPS_URL_PROTOCOL_ID</span>.equals(<span style="color: #6a3e3e;">url</span>.getProtocol())) {<br /><span style="font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">if</span><span style="font-size: 8pt;"> (</span><span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;"> == </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">null</span><span style="font-size: 8pt;">) {<br /></span> <span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;"> = </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> </span><span style="background-color: #d4d4d4; font-size: 8pt;">TLSClientParameters</span><span style="font-size: 8pt;">();<br /></span> <span style="font-size: 8pt;">}<br /></span> <span style="font-size: 8pt;">HostnameVerifier </span><span style="color: #6a3e3e; font-size: 8pt;">verifier</span><span style="font-size: 8pt;"> = SSLUtils.</span><span style="font-size: 8pt; font-style: italic;">getHostnameVerifier</span><span style="font-size: 8pt;">(</span><span style="color: #6a3e3e; font-size: 8pt;">tlsClientParameters</span><span style="font-size: 8pt;">);<br /></span> <span style="color: #6a3e3e; font-size: 8pt;">connection</span><span style="font-size: 8pt;">.setHostnameVerifier(</span><span style="color: #6a3e3e; font-size: 8pt;">verifier</span><span style="font-size: 8pt;">);<br /></span> <span style="font-size: 8pt;">}</span></p></div>
</div></div></div>Which very much simplifies everything, as all the decorateWithTLS does of interest for me is to set the host name verifier.</div><div><br /></div><div>So, that is how I enabled SNI with BCFIPS in an older version of Apache CXF. There's other code you will need as well, because you'll have to get that subclass that creates the connection into the factory used by the Conduit. That's outlined below.<br /><br /></div><div><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px; padding: 0px 0px 0px 2px;">
<div style="background-color: white; font-family: Consolas; font-size: 8pt; white-space: nowrap;">
<p><span style="color: #7f0055; font-weight: bold;">public</span><span style="color: black;"> </span><span style="color: #7f0055; font-weight: bold;">class</span><span style="color: black;"> HTTPConduit </span><span style="color: #7f0055; font-weight: bold;">extends</span> URLConnectionHTTPConduit {<br /><span style="color: #7f0055; font-size: 8pt; font-weight: bold;"> public</span><span style="color: black; font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">static</span><span style="color: black; font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">class</span><span style="color: black; font-size: 8pt;"> Factory </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">implements</span><span style="font-size: 8pt;"> HTTPConduitFactory {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #646464; font-size: 8pt;">@</span><span style="font-size: 8pt;">Override<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">public</span><span style="font-size: 8pt;"> org.apache.cxf.transport.http.HTTPConduit createConduit(HTTPTransportFactory f, Bus b,<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">EndpointInfo localInfo, EndpointReferenceType target) </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">throws</span><span style="font-size: 8pt;"> IOException {<br /></span><span style="font-size: 8pt;"><br /><span style="color: #7f0055;"><b> </b></span></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">HTTPConduit conduit = </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> HTTPConduit(b, localInfo, target);<br /></span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> // Perform any other conduit configuration here<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">return</span><span style="font-size: 8pt;"> conduit;<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">public</span><span style="font-size: 8pt;"> HTTPConduit(Bus b, EndpointInfo ei, EndpointReferenceType t) </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">throws</span><span style="font-size: 8pt;"> IOException {<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">super</span><span style="font-size: 8pt;">(b, ei, t);<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;"><span style="color: #3f7f5f;">// Override the default connectionFactory.<br /></span></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">connectionFactory = </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> ConnectionFactory();<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">}<br /></span><span style="font-size: 8pt;">}</span></p></div>
</div>Elsewhere in your application, you should include an @Bean declaration to create that bean in one of your configuration classes.</div><div><br /></div><div>@Configuration class MyAppConfig {</div><div> // ...</div><div> @Bean HTTPConduitFactory httpConduitFactory() {</div><div> return new HTTPConduit.Factory();</div><div> }</div><div> ...</div><div>}</div>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com1tag:blogger.com,1999:blog-733074358901582680.post-15678730843601962582023-07-13T11:24:00.006-04:002023-07-26T11:01:24.765-04:00Debugging TLS Protocol Failures in BC-FIPS and Spring Applications<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEit-60qO20CeOnTJe4k2dUcE8_0BRO375x54dSzwZqrYRqr-VVl8HeHRbCEmnavqQLOjGYQ2tqZEyORpB_CbXSKVMUM6yXduqRfrLFObqGPrE_1fUn1ip7gsk4bfKD1u65VeKgQOSt-SgVKlxfhX1D4zhxbQlC-v1N1eVeIlkTWcYwDqPADqGcogMWlHAg" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img alt="" data-original-height="1123" data-original-width="1588" height="226" src="https://blogger.googleusercontent.com/img/a/AVvXsEit-60qO20CeOnTJe4k2dUcE8_0BRO375x54dSzwZqrYRqr-VVl8HeHRbCEmnavqQLOjGYQ2tqZEyORpB_CbXSKVMUM6yXduqRfrLFObqGPrE_1fUn1ip7gsk4bfKD1u65VeKgQOSt-SgVKlxfhX1D4zhxbQlC-v1N1eVeIlkTWcYwDqPADqGcogMWlHAg" width="320" /></a></div>Debugging TLS protocol failures can be a nightmare. With JSSE, you can use the old standby java JVM option: <br /><span style="font-family: monospace, monospace;"><span style="background-color: #f8f9fa; font-size: 14px;"> -Djavax.net.debug=ssl,handshake,<br />data,trustmanager,help<br /> <br /></span></span>to get detailed reporting of what is happening. Usually that provides more than enough (in fact too much) information to debug the protocol problem, but when using BCFIPS, guess what, it doesn't work anymore. Why? Well, while these command line arguments make debugging easier, they also transmit decrypted information to the console, which is a huge leak of encrypted information.<p></p><p>So, what's a developer to do?</p><p>BCFIPS uses java.util.logging to provide reports on protocol failures. These reports do NOT include decrypted information, but do include enough information to tell you exactly where the protocol failure happened. But to enable java.util.logging to work with a SpringBoot application using <a href="https://logback.qos.ch/">Logback</a> as its logging agent you have to jump through just a few small hoops.</p><p>First, you need to include <a href="https://www.slf4j.org/legacy.html#jul-to-slf4j" target="_blank">jul-to-slf4j</a> in your dependencies. This is a bridge between java.util.logging and SLF4J implementations.</p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;">
<div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;">
<p> <<span style="color: #268bd2;">dependency</span>><br /><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"><</span><span style="color: #268bd2; font-size: 8pt;">groupId</span><span style="font-size: 8pt;">>org.slf4j</</span><span style="color: #268bd2; font-size: 8pt;">groupId</span><span style="font-size: 8pt;">><br /></span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"><</span><span style="color: #268bd2; font-size: 8pt;">artifactId</span><span style="font-size: 8pt;">></span><span style="background-color: #ceccf7; font-size: 8pt;">jul</span><span style="font-size: 8pt;">-to-slf4j</</span><span style="color: #268bd2; font-size: 8pt;">artifactId</span><span style="font-size: 8pt;">><br /></span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"></</span><span style="color: #268bd2; font-size: 8pt;">dependency</span><span style="font-size: 8pt;">></span></p></div>
</div><p></p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;">
<div style="background-color: white;">
<p style="font-family: Consolas; font-size: 8pt; margin-top: 15px; white-space: nowrap;"></p><div style="-webkit-text-stroke-width: 0px; background-color: white; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; padding: 0px 0px 0px 2px; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;"><div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;"></div></div><p></p><p style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space-collapse: collapse; widows: 2; word-spacing: 0px;">Next you'll need to activate the bridge during application startup. It's a good idea to do this as early as possible (before bean loading even).</p><div style="padding: 0px 0px 0px 2px; white-space-collapse: collapse;">
<div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;">
<div style="padding: 0px 0px 0px 2px;">
<div style="font-size: 8pt;">
<p></p></div>
</div><p><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">import</span><span style="font-size: 8pt;"> org.slf4j.bridge.SLF4JBridgeHandler;<br /><br /></span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> ...<br /><br /></span> public static void main(String ... args) {<span style="font-size: 8pt;"><br /></span><span style="font-size: 8pt;"> SLF4JBridgeHandler.</span><span style="color: #0066cc; font-size: 8pt; font-style: italic; text-decoration-color: rgb(0, 102, 204); text-decoration-line: underline; text-decoration-style: solid;">removeHandlersForRootLogger</span><span style="font-size: 8pt;">();<br /></span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;">SLF4JBridgeHandler.</span><span style="font-size: 8pt; font-style: italic;">install</span><span style="font-size: 8pt;">();<br /></span><span style="font-size: 8pt;"><br /></span><span style="font-size: 8pt;"> </span><span style="font-size: 8pt;"> ...<br /><br /></span></p></div>
</div><p style="-webkit-text-stroke-width: 0px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space-collapse: collapse; widows: 2; word-spacing: 0px;">Once you've done all of the above, you will start getting BCFIPS logs reported via Logback. But Logback and the SLF4J Bridge has a cost, so you want to add a bit of optimization. You'll want to avoid some of the extra cost by implementing the LevelChangePropagator to propogate LogBack configuration back to JUL so that you don't have to worry about some of the overhead for disabled logging methods.<span style="color: teal; font-family: Consolas;"><span style="font-size: 10.6667px; text-wrap: nowrap;"> </span></span></p><p style="font-family: Consolas; font-size: 8pt; margin-top: 15px; white-space: nowrap;"><span style="color: teal; font-size: 8pt;"><</span><span style="background-color: #d4d4d4; color: #3f7f7f; font-size: 8pt;">configuration</span><span style="color: teal; font-size: 8pt;">><br /></span><span style="color: teal; font-size: 8pt;"> <</span><span style="color: #3f7f7f; font-size: 8pt;">contextListener</span><span style="color: black; font-size: 8pt;"> </span><span style="color: #7f007f; font-size: 8pt;">class</span><span style="color: black; font-size: 8pt;">=</span><span style="color: #2a00ff; font-size: 8pt; font-style: italic;">"ch.qos.</span><span style="background-color: #ceccf7; color: #2a00ff; font-size: 8pt; font-style: italic;">logback</span><span style="color: #2a00ff; font-size: 8pt; font-style: italic;">.classic.jul.LevelChangePropagator"</span><span style="font-size: 8pt;"><span style="color: teal;">><br /></span></span><span style="font-size: 8pt;"><span style="color: teal;"> </span></span><span style="font-size: 8pt;"><span style="color: #3f5fbf;"><!-- reset all previous level configurations of all j.u.l. loggers --><br /></span></span><span style="font-size: 8pt;"><span style="color: #3f5fbf;"> </span></span><span style="color: teal; font-size: 8pt;"><</span><span style="color: #3f7f7f; font-size: 8pt;">resetJUL</span><span style="color: teal; font-size: 8pt;">></span><span style="font-size: 8pt;">true</span><span style="color: teal; font-size: 8pt;"></</span><span style="color: #3f7f7f; font-size: 8pt;">resetJUL</span><span style="color: teal; font-size: 8pt;">><br /></span><span style="color: teal; font-size: 8pt;"> </</span><span style="color: #3f7f7f; font-size: 8pt;">contextListener</span><span style="font-size: 8pt;"><span style="color: teal;">><br /></span></span><span style="font-size: 8pt;"><span style="color: #3f5fbf;"><br /></span></span></p><p style="font-family: Consolas; font-size: 8pt; margin-top: 15px; white-space: nowrap;"><span style="font-family: "Times New Roman"; font-size: medium; text-wrap: wrap;">To enable reporting on protocol errors, </span></p><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;"><span style="color: teal;"> </span></span><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;"><span style="color: #3f5fbf;"><!-- Enable BC Debug Logging by setting level to DEBUG or TRACE --><br /></span></span><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;"><span style="color: #3f5fbf;"> </span></span><span style="color: teal; font-family: Consolas; font-size: 8pt; white-space: nowrap;"><</span><span style="color: #3f7f7f; font-family: Consolas; font-size: 8pt; white-space: nowrap;">logger</span><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;"> </span><span style="color: #7f007f; font-family: Consolas; font-size: 8pt; white-space: nowrap;">name</span><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;">=</span><span style="color: #2a00ff; font-family: Consolas; font-size: 8pt; font-style: italic; white-space: nowrap;">"org.bouncycastle.jsse.provider"</span><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;"> </span><span style="color: #7f007f; font-family: Consolas; font-size: 8pt; white-space: nowrap;">level</span><span style="font-family: Consolas; font-size: 8pt; white-space: nowrap;">=</span><span style="color: #2a00ff; font-family: Consolas; font-size: 8pt; font-style: italic; white-space: nowrap;">"INFO"</span><span style="color: teal; font-family: Consolas; font-size: 8pt; white-space: nowrap;">/></span><p style="font-family: Consolas; font-size: 8pt; margin-top: 15px; white-space: nowrap;"><span style="font-family: "Times New Roman"; font-size: medium; text-wrap: wrap;">Once you've done all of the above, you will start getting your logs reported to Logback.</span></p><p style="margin-top: 15px;"><span style="font-family: "Times New Roman"; font-size: medium; white-space: normal;">I tracked down my problem to an issue with TLS 1.2 Renegotiation, where my client was trying to connect to a server that first allowed the connection, and then renegotiated with client authentication to get to my client certificate. BCFIPS disables renegotiation by default, to enable it under a limited set of circumstances (that are secure) you can add:<br /></span> <span style="font-family: courier;">-Dorg.bouncycastle.jsse.client.acceptRenegotiation=true </span><br />to your java command line, or set it in System properties at application startup.</p><p style="margin-top: 15px;"><br /></p></div></div><p></p>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com1tag:blogger.com,1999:blog-733074358901582680.post-20279156938528196682023-07-10T13:02:00.002-04:002023-07-26T11:01:30.084-04:00Dynamically Reloading TLS Trust and Identity Material<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzEzCwmW5H6yFio-S4GSGnO3ZBTBn3DKg6QKVRLJMRSzi3XRK_GivLiOXb85H3uTzJWirmW4_nKbq4UECJpIFEkiZvnEewNp9Vtu6_AUyLVNJzSNArmgf5LNGFpbwaG1sr_BOesn2JY4jx_i0mjXuIDzqEYfzypBQZfv97jjXeWMF0hWC4ymkjs1YOZ84/s640/friends-gaad263dc9_640.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="640" data-original-width="640" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzEzCwmW5H6yFio-S4GSGnO3ZBTBn3DKg6QKVRLJMRSzi3XRK_GivLiOXb85H3uTzJWirmW4_nKbq4UECJpIFEkiZvnEewNp9Vtu6_AUyLVNJzSNArmgf5LNGFpbwaG1sr_BOesn2JY4jx_i0mjXuIDzqEYfzypBQZfv97jjXeWMF0hWC4ymkjs1YOZ84/s320/friends-gaad263dc9_640.jpg" width="320" /></a></div>Wouldn't it be nice if you didn't have to restart your server to dynamically update keys, certificates or trust stores? I've spend a good bit of time on this across both client and server implementations and so I have a few pointers. If you've read the last <a href="https://motorcycleguy.blogspot.com/2023/06/tls-fips-and-bouncy-castle-certified.html">two </a><a href="http://motorcycleguy.blogspot.com/2023/06/addressing-technical-challenges-with-bc.html" target="_blank">posts</a>, you know I've been working through <a href="https://motorcycleguy.blogspot.com/2023/06/tls-fips-and-bouncy-castle-certified.html">requirements</a> and <a href="http://motorcycleguy.blogspot.com/2023/06/addressing-technical-challenges-with-bc.html">implementation</a>. Now I'm going to add this auto-renewal of trust and key material to that effort.<p></p><p>Most folks will just need to deal with setting up trust and key managers for their web application. That's fairly straightforward. The challenge that I face with this particular application is that there are at least three different ways that trust and key material is provided to the underlying application, depending on how the connection is handled.</p><p>The basic idea is to set up a polling thread that periodically checks for changes in trust material, and then when that happens, go off and single anyone that has registered to those change events to update trust material in whatever way they need.</p><p>For my uses, inbound connections go through the server, which is what most will have to deal with. But I also have two different types of outbound connections which are configured in different ways. Some are SOAP using Apache CXF, others are RESTful API calls made through the HttpsURLConnection class (those APIs aren't that difficult to work with, and so don't need much more). But each requires a different way to communicate trust and identity material to the system.</p><p>Let's start with the first, and most common:</p><p>Since Apache Tomcat 8.5 there is an API that enables you to reload key and trust material through the protocol handler for the connection. During Embedded Tomcat setup (if you do it programatically), you create a <a href="https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/catalina/connector/Connector.html" target="_blank">Connector</a> and add it to the service. This connector is where you will add the <a href="https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/tomcat/util/net/SSLHostConfig.html" target="_blank">SSLHostConfig</a> and setup the protocol parameters (e.g., connection timeout, max connections), et cetera through a protocol handler derived from <a href="https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/coyote/http11/AbstractHttp11Protocol.html" target="_blank">AbstractHttp11Protocol</a>.</p><p>Somewhere in this process you will eventually wind up with three things:</p><p></p><ol style="text-align: left;"><li>The Connector connector.</li><li>The SSLHostConfig configuration.</li><li>The protocol handler nioProtocol.</li></ol><div><span><span> // Configure SSL</span><br /></span></div><div><span> </span>connector<span>.addSslHostConfig(configuration);</span><br /></div><div><span><span> // Get the protocol handler</span><br /></span></div><div><span> Http11NioProtocol nioProtocol = (Http11NioProtocol) </span>connector<span>.getProtocolHandler();</span><br /></div><div><span><span> // Do any configuration to it to the protocol handler.</span><br /></span></div><div><span><span><span> </span><span> ...</span><br /></span></span></div><div><span><span><span><br /></span></span></span></div><div><span><span><span>After all of this is where you add the magic. What you are doing here is calling a method to add a runnable to a list of methods to call when trust or key material needs to be updated. I use this model because three different components need to do something to update trust and key material in the system I'm working with.</span></span></span></div><div><span><span><span><br /></span></span></span></div><div><span><span><span><span> // set up to reload configuration.</span><br /></span></span></span></div><div><span><span><span><span><span> <span> addSslTrustChangedListener(() -> nioProtocol.reloadSslHostConfigs());</span></span><br /></span></span></span></span></div><div><br /></div><div><span>My actual implementation of the runnable is a little more complex, because I reuse portions of code that access key and trust stores, but generally, the main idea is to call reloadSslHostConfigs() to force a refresh of key and trust material.</span></div><div><span><br /></span></div><div>CXF is a bit easier. I'm still using XML configuration for the HTTPConduit that is used, but the for the bean containing the <a href="https://cxf.apache.org/javadoc/latest/org/apache/cxf/configuration/jsse/TLSClientParameters.html" target="_blank">TLSClientParameters</a> on that conduit, I set up a runnable to refresh the socket factory thus:</div><div><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;">
<div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;">
<p> <span style="color: #646464;"> @Bean</span>(name=<span style="color: #2a00ff;">"</span><span style="background-color: #ceccf7; color: #2a00ff;">tlsParamsClientWs</span><span style="color: #2a00ff;">"</span>)<br /><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">public</span><span style="font-size: 8pt;"> TLSClientParameters getTLSClientParameters() {<br /></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="font-size: 8pt;">TLSClientParameters </span><span style="color: #6a3e3e; font-size: 8pt;">p</span><span style="font-size: 8pt;"> = </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> TLSClientParameters();<br /></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="font-size: 8pt;"><span style="color: #3f7f5f;">// Force reload of Socket Factory<br /></span></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #6a3e3e; font-size: 8pt;">p</span><span style="font-size: 8pt;">.setSSLSocketFactory(getSocketFactory());<br /></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="font-size: 8pt;"><span style="color: #3f7f5f;">// Add listener to update the factory.<br /></span></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="font-size: 8pt;">addSslTrustChangedListener(() -> </span><span style="color: #6a3e3e; font-size: 8pt;">p</span><span style="font-size: 8pt;">.setSSLSocketFactory(getSocketFactory(</span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">true</span><span style="font-size: 8pt;">)));<br /></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">return</span><span style="font-size: 8pt;"> </span><span style="color: #6a3e3e; font-size: 8pt;">p</span><span style="font-size: 8pt;">;<br /></span><span style="color: #646464; font-size: 8pt;"> </span><span style="color: #646464; font-size: 8pt;"> </span><span style="font-size: 8pt;">}</span></p></div>
</div></div><div><span>This method constructs the bean that contains the client parameters, and the adds a listener that forces an update of the SSLSocketFactory. You may be able to just update the parameters and let the factory be created for you, I need a bit more control for my application. Note: getSocketFactory() and getSocketFactory(boolean forceReload) methods aren't shown here.</span></div><div><span><br /></span></div><div><span>For my outbound restful connections which for now use HttpUrlConnection since they aren't that complicated, I have one last method which relies on bean that that eventually calls the getSocketFactory() method referenced above.</span></div><div><span><br /></span></div><div><span>This enables all of my inbound and outbound connections to dynamically response to updates in trust material with the addition of a scheduled executor that checks for changes to files every 10 seconds (configurable), and then calls each trust changed listener (catching exceptions inside the loop so that an exception thrown by any single listener doesn't break the next one.</span></div><div><span><br /></span></div><div><span>I'm not going to reproduce all of the code, it's fairly straightforward. You can use something like the Java WatchService (see </span><a href="https://dzone.com/articles/how-watch-file-system-changes">https://dzone.com/articles/how-watch-file-system-changes</a>) or working with <a href="https://commons.apache.org/proper/commons-io/javadocs/api-release/index.html?org/apache/commons/io/monitor/package-summary.html">commons.io.monitor</a> classes.</div><div><br /></div><div>This is the basic idea though:</div><div><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;"><div style="font-family: Consolas; font-size: 8pt; text-wrap: nowrap;">
<p></p></div>
</div></div><div><div><span style="white-space: pre;"> </span>public void startMonitoring() {</div><div> ScheduledExecutorService s = Executors.newSingleThreadScheduledExecutor();</div><div> s.scheduleAtFixedRate(this::updateTrust, 10, 10, TimeUnit.SECONDS);</div><div> }</div><div><br /></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>public void updateTrust() {</span></div><div></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>try {</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>if (checkForUpdates()) {</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>for (Runnable trustChangedListener : trustChangedListeners) {</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>try {</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>trustChangedListener.run();</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>} catch (Exception e) {</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>LOGGER.error("Failed to update trust material", e);</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>}</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>}</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>reloadCount = getReloadCount() + 1;</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>clientStoreOutOfDate = serverStoreOutOfDate = false;</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>LOGGER.info("Key and Trust stores updated.");</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>}</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>} catch (IOException e) {</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>LOGGER.error("Could not determine trust material update status", e);</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>}</span></div><div><span style="white-space: normal;"><span style="white-space: pre;"> </span>}</span></div></div><div><span> </span></div><p></p><p>You will probably have to do a bit of work to make this operate in your own environment, but now you can see how to integrate it with both server and client endpoints in several different ways.</p>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com1tag:blogger.com,1999:blog-733074358901582680.post-41248493094552159892023-06-30T21:10:00.001-04:002023-07-26T11:01:37.085-04:00Addressing technical challenges with BC-FIPS<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgFcjl5qJk9xpjtv6S44josKtGM9Zs2jeJ25REYHEX5wtBQLYsAJxk3sanfHNF6TSl5naZmkJtfxfm5txhAxY4YyLFQJPEIdD2hevRJO6qJEnF_7S0sGfecJ-cVVa26xr8AD_6-ldILUc2q4gdPtkdeSpDjPj2_PYFxctVLH4TfEN3nIMmIdloIsy2E8Ds" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img alt="" data-original-height="267" data-original-width="335" height="240" src="https://blogger.googleusercontent.com/img/a/AVvXsEgFcjl5qJk9xpjtv6S44josKtGM9Zs2jeJ25REYHEX5wtBQLYsAJxk3sanfHNF6TSl5naZmkJtfxfm5txhAxY4YyLFQJPEIdD2hevRJO6qJEnF_7S0sGfecJ-cVVa26xr8AD_6-ldILUc2q4gdPtkdeSpDjPj2_PYFxctVLH4TfEN3nIMmIdloIsy2E8Ds" width="301" /></a></div><br />Last week I talked about the requirements for implementing <a href="https://motorcycleguy.blogspot.com/2023/06/tls-fips-and-bouncy-castle-certified.html" target="_blank">TLS and a certified encryption module</a> (specifically Bouncy Castle FIPS or <a href="https://www.bouncycastle.org/fips-java/" target="_blank">BC-FIPS</a>). Today I'm going to tell you a bit more about technically how one my go about this, and the specific technical challenges that you may run into.<p></p><p>First of all, BC-FIPS provides some installation instructions that a) no longer work with JDK-11, and b) also don't play well with Spring Boot uber-jar class loading using standard Classpath override mechanisms. I never found root cause for this problem, all I wound up doing was simply dynamically loaded the BC-FIPS security modules at application startup.</p><p>These (non-working) instructions include modifications needed to the JDK, specifically the java.security file and lib/ext folders.</p><p>There are three aspects of this configuration:</p><p></p><ol style="text-align: left;"><li>Creating a compliant SecureRandom (this is described in the BC-FIPS documentation).</li><li>Installing the BC FIPS Security Provider</li><li>Installing the BC JSSE Security Provider</li></ol><p></p><p>I do this in a static method BEFORE database initialization. The reason for this is that DB initialization code needs to be able to get a FIPS compliant socket factory to initialize the connection pool.</p><p></p><div style="padding: 0px 0px 0px 2px;">
<div style="font-family: Consolas; font-size: 8pt; white-space: nowrap;">
<p><span style="background-color: white; color: black;"> </span><span style="background-color: white; color: #7f0055; font-weight: bold;">private</span><span style="background-color: white; color: black;"> </span><span style="background-color: white; color: #7f0055; font-weight: bold;">static</span><span style="background-color: white; color: black;"> </span><span style="background-color: white; color: #7f0055; font-weight: bold;">void</span><span style="background-color: white;"> init() {</span><br /><span style="background-color: white; font-size: 8pt;"> </span><span style="background-color: white; font-size: 8pt;"><span style="color: #3f7f5f;">// This is necessary initialization to use BCFKS module<br /></span></span><span style="background-color: white;"> </span><span style="background-color: white; font-size: 8pt;">CryptoServicesRegistrar.</span><span style="background-color: white; font-size: 8pt; font-style: italic;">setSecureRandom</span><span style="background-color: white; font-size: 8pt;">(</span><span style="background-color: #d4d4d4; font-size: 8pt; font-style: italic;">getSecureRandom</span><span style="font-size: 8pt;"><span style="background-color: white;">());<br /></span></span><span style="background-color: white;"> </span><span style="background-color: #ceccf7; font-size: 8pt;">Security.</span><span style="background-color: white; font-size: 8pt; font-style: italic;">insertProviderAt</span><span style="background-color: white; font-size: 8pt;">(</span><span style="background-color: white; color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"><span style="background-color: white;"> BouncyCastleFipsProvider(), 1);<br /></span></span><span style="background-color: white;"> </span><span style="background-color: #ceccf7; font-size: 8pt;">Security.</span><span style="font-size: 8pt; font-style: italic;">insertProviderAt</span><span style="font-size: 8pt;">(</span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> BouncyCastleJsseProvider(), 2);<br /></span><span style="background-color: white; font-size: 8pt;">}</span></p><p><span style="background-color: white; font-size: 8pt;"><br /></span></p></div></div><p></p><div style="background-color: white; font-family: Consolas; font-size: 8pt; white-space: nowrap;">
<p><span style="color: black;"> </span><span style="color: #3f5fbf;">/**<br /></span><span style="color: #3f5fbf; font-size: 8pt;"> * Generate a a NIST SP 800</span><span style="color: #7f7f9f; font-size: 8pt;">-</span><span style="color: #3f5fbf; font-size: 8pt;">90A compliant secure random number<br /></span><span style="color: #3f5fbf; font-size: 8pt;"> * generator.<br /></span><span style="color: #3f5fbf; font-size: 8pt;"> *<br /></span><span style="color: #3f5fbf; font-size: 8pt;"> * </span><span style="color: #7f9fbf; font-size: 8pt; font-weight: bold;">@return</span><span style="color: #3f5fbf; font-size: 8pt;"> A compliant generator.<br /></span><span style="font-size: 8pt;"><span style="color: #3f5fbf;"> */<br /></span></span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">private</span><span style="color: black; font-size: 8pt;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">static</span><span style="color: black; font-size: 8pt;"> SecureRandom getSecureRandom() {</span></p><p><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;">/*<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * According to NIST Special Publication 800-90A, a </span><span style="color: #3f7f5f; font-size: 8pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">Nonce</span><span style="color: #3f7f5f; font-size: 8pt;"> is<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * A time-varying value that has at most a negligible chance of<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * repeating, e.g., a random value that is generated anew for each</span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"><br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * use, a </span><span style="color: #3f7f5f; font-size: 8pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">timestamp</span><span style="color: #3f7f5f; font-size: 8pt;">, a sequence number, or some combination of<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * these.<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> *<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * The </span><span style="color: #3f7f5f; font-size: 8pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">nonce</span><span style="color: #3f7f5f; font-size: 8pt;"> is combined with the entropy input to create the initial<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="color: #3f7f5f; font-size: 8pt;"> * DRBG seed.<br /></span><span style="color: #7f0055; font-weight: 700;"> </span><span style="font-size: 8pt;"><span style="color: #3f7f5f;"> */<br /></span></span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;"> byte</span><span style="font-size: 8pt;"> [] </span><span style="color: #6a3e3e; font-size: 8pt;">nonce</span><span style="font-size: 8pt;"> = ByteBuffer.</span><span style="font-size: 8pt; font-style: italic;">allocate</span><span style="font-size: 8pt;">(8).putLong(System.</span><span style="font-size: 8pt; font-style: italic;">nanoTime</span><span style="font-size: 8pt;">()).array();<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">EntropySourceProvider </span><span style="color: #6a3e3e; font-size: 8pt;">entSource</span><span style="font-size: 8pt;"> = </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> BasicEntropySourceProvider(</span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">new</span><span style="font-size: 8pt;"> SecureRandom(), </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">true</span><span style="font-size: 8pt;">);<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">FipsDRBG.Builder </span><span style="color: #6a3e3e; font-size: 8pt;">drgbBldr</span><span style="font-size: 8pt;"> = FipsDRBG.</span><span style="font-size: 8pt; font-weight: bold;"><span style="color: #0000c0;"><i>SHA512<br /></i></span></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">.fromEntropySource(</span><span style="color: #6a3e3e; font-size: 8pt;">entSource</span><span style="font-size: 8pt;">).set</span><span style="background-color: #ceccf7; font-size: 8pt;">SecurityS</span><span style="font-size: 8pt;">trength(256)<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="font-size: 8pt;">.setEntropyBitsRequired(256);<br /></span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: 700;"> </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">return</span><span style="font-size: 8pt;"> </span><span style="color: #6a3e3e; font-size: 8pt;">drgbBldr</span><span style="font-size: 8pt;">.build(</span><span style="color: #6a3e3e; font-size: 8pt;">nonce</span><span style="font-size: 8pt;">, </span><span style="color: #7f0055; font-size: 8pt; font-weight: bold;">true</span><span style="font-size: 8pt;">);<br /></span><span style="font-size: 8pt;">}</span></p></div><div style="padding: 0px 0px 0px 2px;"><div style="font-family: Consolas; font-size: 8pt; white-space: nowrap;"><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;">
</div></div>
</div><p>The code above effectively does what making changes to the JDK's java.security (as recommended by BC-FIPS documentation). I make all the recommended changes except the ones that initialize the security providers, because I cannot configure the JDK to load the BC classes from the lib/ext folder since that is no longer supported in JDK-11. The alternative suggested is to put the location of those classes on your classpath during application startup. However, I also discovered that doesn't work, likely due to conflicts with how uber-jar classloading works (as in fact, those classes technically are on the classpath in the uber-jar). I also swap out the default keystore format from JKS to BCFKS to ensure compliance with BC-FIPS KeyStore requirements. Technically JKS is fine for Certificate stores, but frankly, I didn't even want to enable JKS support in case something broke somewhere else.</p><p>If your database is in the cloud (e.g., AWS or Azure), you may need to add a certificate to cacerts to enable the database connection using JSSE (BC-FIPS or native Java JSSE code). I just do this to the cacerts file in the deployed JDK.</p><p></p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;">
<div style="background-color: white; color: black; font-family: "Consolas"; font-size: 8pt; white-space: nowrap;">
<p style="background-color: #e8f2fe;"><span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;"> keytool</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">keystore</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">cacerts</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">storepass</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">SECRET</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">noprompt</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">trustcacerts</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">importcert</span> -alias <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">awscert</span> -file certificate.der</p></div>
</div>Next, to convert cacerts to BCFIPS format, this is what you will need to do:<p></p><p></p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;">
<div style="background-color: white; color: black; font-family: "Consolas"; font-size: 8pt; white-space: nowrap;">
<p><span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;"> keytool</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">importkeystore</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">srckeystore</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">cacerts</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">srcstoretype</span> JKS -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">srcstorepass</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">changeit</span> \</p>
<p> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">destkeystore</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">jssecacerts</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">deststorepass</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">changeit</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">deststoretype</span> <span style="background-color: #ceccf7;">BCFKS</span> -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">providername</span> BCFIPS \</p>
<p> -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">providerpath</span> <span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">lib</span>/<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">bc</span>-<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">fips</span>-1.0.2.3.jar</p></div>
</div>This does the conversion, and will create a new file "jssecacerts" in the BCFKS format. The JDK looks for jssecacerts before cacerts, and so now I have both formats still hanging around in case I need them.<p></p><p>A simpler way to do this conversion is with KeyStore Explorer, I tool I often use to inspect/modify key and trust store content. This tool already has BCFKS support built in, even if it may not be BCFIPS compliant (straight BC also supports the BCFKS format, it's just not a certified component).</p><p>Finally, you'll have to change how you configure SSL/TLS for your server and/or client components. Our system programatically configures using beans for KeyStore, TrustStore, et cetera, but other servers may just use property or configuration values (e.g., server.xml for Tomcat).</p><p>Anywhere the default keystore type is present, you'll need to change the type of keystore to BCFKS, and if the provider type is specified, you'd use BCFIPS (as for keytool commands above).</p><p>If you want to get a KeyManagerFactory, TrustManagerFactory, or SSLContext programatically, here's how you'd get those:</p><p></p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;"><div style="background-color: white; color: black; font-family: "Consolas"; font-size: 8pt; white-space: nowrap;"><p style="background-color: #e8f2fe;"><span style="color: black;">KeyManagerFactory keyMgrFact = KeyManagerFactory.getInstance(</span><span style="color: #2a00ff;">"PKIX"</span><span style="color: black;">, </span><span style="color: #2a00ff;">"</span><span style="background-color: #ceccf7; color: #2a00ff;">BCJSSE</span><span style="color: #2a00ff;">"</span><span style="color: black;">);<br /></span>TrustManagerFactory <span style="font-size: 8pt;">trustMgrFact = TrustManagerFactory.getInstance(</span><span style="color: #2a00ff; font-size: 8pt;">"PKIX"</span><span style="font-size: 8pt;">, </span><span style="color: #2a00ff; font-size: 8pt;">"</span><span style="background-color: #ceccf7; color: #2a00ff; font-size: 8pt;">BCJSSE</span><span style="color: #2a00ff; font-size: 8pt;">"</span><span style="font-size: 8pt;">);<br /></span><span style="font-size: 8pt;">SSLContext sslContext = SSLContext.getInstance(</span><span style="color: #2a00ff; font-size: 8pt;">"TLS"</span><span style="font-size: 8pt;">, </span><span style="color: #2a00ff; font-size: 8pt;">"</span><span style="background-color: #ceccf7; color: #2a00ff; font-size: 8pt;">BCJSSE</span><span style="color: #2a00ff; font-size: 8pt;">"</span><span style="font-size: 8pt;">);</span></p></div></div><p></p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px;"><div style="background-color: white; color: black; font-family: "Consolas"; font-size: 8pt; white-space: nowrap;"><div style="padding: 0px 0px 0px 2px;">
</div><p style="background-color: #e8f2fe;"></p><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;"></p><div style="background-color: white; padding: 0px 0px 0px 2px;"><div style="background-color: white; color: black; font-family: Consolas; font-size: 8pt; white-space: nowrap;"></div></div><p></p><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Anywhere the default keystore type is present, you'll need to change the type of keystore to BCFKS, and if you need to specify the KeyStore provider, you'd specify BCFIPS as the provider.</p><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">This ensures that all encryption used to protect key and trust material is FIPS compliantly encrypted. Sadly, the encryption used for JKS nor PKCS12 formats are themselves compliant.</p><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">In the continuing saga of this effort, I just recently completed another set of code changes that ensures that I can just drop in new key and trust stores on a shared file system, and all my servers will automatically reconfigure themselves with the latest and greatest. This greatly simplifies updating certificates for annual renewals or for other reasons, with zero downtime. More on that later.</p></div></div>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com0tag:blogger.com,1999:blog-733074358901582680.post-62757522134654048742023-06-22T00:02:00.004-04:002023-06-22T00:02:58.443-04:00TLS, FIPS and the Bouncy Castle Certified Encryption Module<h3 style="text-align: left;"><table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right;"><tbody><tr><td style="text-align: center;"><a href="https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="309" data-original-width="330" height="309" src="https://upload.wikimedia.org/wikipedia/commons/thumb/d/d3/Full_TLS_1.2_Handshake.svg/330px-Full_TLS_1.2_Handshake.svg.png" width="330" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-size: x-small;">Image Courtesy of Wikipedia</span></td></tr></tbody></table>History</h3><p>Becoming educated in a topic seems to offer opportunities to become yet further educated, or in other words, once you've demonstrated expertise in a particular technology, more problems related to it will come your way. So be careful what you work on.</p><p>Many years ago, I had to work out how to implement the IHE ATNA profile. I spent quite a bit of time on this project and became rather expert at diagnosing TLS problems, and configuring Tomcat to support the IHE Audit Trail and Node Authentication Profile (<a href="https://wiki.ihe.net/index.php/Audit_Trail_and_Node_Authentication" target="_blank">ATNA</a>). So much so that I first wrote on my experiences in the <a href="https://wiki.ihe.net/index.php/ATNA_FAQ" target="_blank">IHE ATNA FAQ</a>.</p><p>Java, has come quite a ways since then. When the ATNA FAQ was originally written, I think I was using JDK 1.4 or 1.5, which did not have great support even for TLS 1.0. Now Java is has cranked JDK versions past 11 all the way to 21. Although, for reasons I will explain below, mine only goes to 11 for this post (I do use JDK 17 for other development).</p><div><a href="https://datatracker.ietf.org/doc/html/rfc8446" target="_blank">TLS</a> has also come a long way, releasing new versions, first 1.1, then 1.2, most currently 1.3, and I'm damn near certain there will be a 1.4 and maybe even a 1.5. Many a system supports TLS. But often, when working for large corporations or government agencies, you need to go even further, using a NIST Certified FIPS implementation of TLS. That's one of the problems I've had to work with a team to solve.</div><h3 style="text-align: left;">Problem Statement</h3><div>I'm presently embarked upon completely integrating FIPS certified encryption into a Java application that I'm working on (it's already integrated for inbound and outbound communications, this is for other uses). That application runs on JDK 11 in a Spring Boot 1.5 Java application running inside an Alpine Linux based Docker container, and had already used Bouncy Castle for its crypto activities. Getting all the details right in that environment is a tricky prospect, as I will explain in later posts. This is just the intro so that folks can understand a bit more about the requirements to be met.</div><h3 style="text-align: left;">Bouncy Castle</h3><p>Anyone who does anything with Java and TLS probably is familiar with the <a href="http://Bouncycastle.org" target="_blank">Legion of the Bouncy Castle</a> (BC) Crypto libraries. And if you've been doing Health Information Exchange development work, you are also likely to be aware of NIST <a href="https://csrc.nist.gov/publications/detail/fips/140/2/final" target="_blank">FIPS 140-2</a>. Some of you may even have used BC in FIPS compliant mode (or perhaps had to enable FIPS on your Windows Servers or elsewhere in Java code). </p><p>I haven't seen a lot of attention on using FIPS certified encryption (except in AWS or Azure's Government Cloud environments), and less so in pure Java software implementation. The point of using a certified encryption module is to be sure that the encryption is secure, and the point of having a FIPS compliant mode is to ensure that other insecure encryption capabilities cannot be used. These are essential requirements in a system where the potential impact to confidentiality, integrity or availability is of at least <a href="https://csrc.nist.gov/glossary/term/moderate_impact_system" target="_blank">moderate</a> concern. In healthcare, I believe we'd all agree that it's at least that important when exchanging healthcare data. And also, there's a federal standard for the term "moderate", as found in the lesser known <a href="https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.199.pdf" target="_blank">FIPS 199</a>.</p><p>The straight BC libraries, while supporting encryption, aren't NIST Certified Modules. That's an extra step that requires testing from NIST NVLAP certification laboratories, much like ONC Certification is also performed by accredited laboratories. Instead, you have to use the <a href="https://www.bouncycastle.org/fips-java/" target="_blank">FIPS Certified versions of the Bouncy Castle Libraries</a>. These libraries are largely compatible with the non-certified libraries, but are missing some capabilities those libraries have, frankly because those capabilities aren't certifiable. They support encryption certainly, but may use ciphers that aren't considered to be secure.</p><p>The BC FIPS libraries are currently NIST certified for up to JDK-11. If you look at BC's <a href="https://www.bouncycastle.org/fips_java_roadmap.html" target="_blank">roadmap</a> for FIPS certified modules you will see that the first BC FIPS release supporting JDK versions higher than 11 are 1.0.2.4, and 2.0, and those should both support JDK 17. The 2.0 stream is being submitted through testing using FIPS 140-3, while 1.0.2.4 is tested under FIPS 140-2 requirements. The first NC FIPS 1.x release that will be tested under 140-3 will be 1.0.3. While FIPS 140-2 is still the minimum requirement for many government agencies (for those classified as FIPS Moderate), those agencies will require FIPS 140-3 certified modules in the near future. After 2026, there won't be any FIPS 140-2 certified products (the certification expires), and any new products are now being certified are currently being certified under FIPS 140-3.</p><p>Bouncy Castle FIPS modules are freely available for download via <a href="https://mvnrepository.com/search?q=fips" target="_blank">Maven</a>, but the latest and greatest code bases are only available to support contract holders.</p><p>There are other suppliers of NIST Certified encryption modules for Java, but the Legion of the Bouncy Castle is probably the most widely known, and has the broadest use by other respected software providers (e.g., RedHat, Oracle, and <a href="https://www.google.com/search?q=BC-FIPS" target="_blank">many others</a>). Some Java implementations rely on OpenSSL, another widely known crypto package. I prefer to stick with pure Java solutions when I can, so OpenSSL is not my most favorite option. It's also difficult to configure in Tomcat (which isn't to say that Bouncy Castle is easy, just not as hard).</p><p>Now that I've bored you to tears with the requirements that I have to work with, and the solution that was selected (BC-FIPS), later posts will talk more about the implementation details, so that maybe more Java based Healthcare IT applications will take on this prospect. It would be nice if someday all encryption in Health IT was done by encryption modules that were rigorously tested and which refused to implement insecure protocols (such as SSL, TLS 1.0 or 1.1). But until implementing such encryption is a LOT easier in Java (and other) applications, that's going to be a hard row to hoe.</p>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com0tag:blogger.com,1999:blog-733074358901582680.post-54096464235786666452023-06-20T00:48:00.000-04:002023-06-20T00:48:32.687-04:00My HTI1 comments to @ONC_HealthIT<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjZzUuHD_gA6HPq3IL1kRdC0_dVEV8IzEBDAH_JFAaL-g0xLtqUd7fruaQ975_3cjvKci6wAp-3tqok2gXOvTFiBG-Y6eTA0VaS5DNSoiSR3aQMUmI7cv6DG3U6863692s60EBNRvrURCC02mKy575ttvThV7Fdglvhq9HajsfAfrPUy63GTvEm2ydZIAo" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img alt="" data-original-height="32" data-original-width="32" height="200" src="https://blogger.googleusercontent.com/img/a/AVvXsEjZzUuHD_gA6HPq3IL1kRdC0_dVEV8IzEBDAH_JFAaL-g0xLtqUd7fruaQ975_3cjvKci6wAp-3tqok2gXOvTFiBG-Y6eTA0VaS5DNSoiSR3aQMUmI7cv6DG3U6863692s60EBNRvrURCC02mKy575ttvThV7Fdglvhq9HajsfAfrPUy63GTvEm2ydZIAo=w200-h200" width="200" /></a></div>This is what I just submitted for HTI-1 comments. It's a text file, not a PDF or Word document with a lovely cover letter. ONC doesn't need all that. It's generally ordered in the same way as their comment template, but I chose NOT to comment on a bunch of things, and I didn't label it. Frankly, that all goes back to <a href="https://www.regulations.gov/comment/HHS-ONC-2023-0007-0016" target="_blank">my first comment</a>: <span style="background-color: white; color: #333333; font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; font-size: 14px;">This rule is so extensive, and covers so much new detail that the current deadline for submission of comments is simply too short to process the material adequately.</span><p></p><p>There's a ton of small issues with spelling and grammar. It's what happens when all I have is 30 minutes to summarize everything I've just spent this 4-day weekend working on when I wasn't BBQ-ing or playing video games or reading cheap Sci-fi novels or something else.</p><p>For what it's worth, I've put over 80 hours of thought into reading, commenting on, and getting feedback from others on this particular rule (at least 10 of that this weekend).</p><p>------------</p><p>Stop producing such large rules every two to three years. Instead, consider adding smaller chunks of optional certification criteria more frequently (e.g., annually) to address specific topics (e.g., Public Health reporting, Scheduling, Subscriptions, et cetera) and give adequate time for implementation. Make a schedule for updating the rule (every three years), and stick to it, and leave out the kitchen sink. I love and hate the RFI questions. It's a good way to get out the vote, as it were, each big rule essentially being a presidential election. At the same time, it's extra work in an already huge endeavor that could be better served by an annual strategic RFI inquiry.</p><p>Please do discontinue year themed editions. The years were always wrongly applied in any case.</p><p>Yes, please do use the definition of "Revised Certification criteria" as defined in the proposed rule.</p><p>Please do adopt the most current published versions of USCDI, FHIR US Core and C-CDA Companion Guide, but provide a reasonable time period for implementation, no less than two years after publication of a final rule, and preferably 3.</p><p>Please use current guidance on Sex Parameters for Clinical Use (rather than the badly named Sex for Clinical Use) and do not treat this a patient observation. You could literally kill somebody if you mess this up and get it confused with Sex/Gender. Pay more attention to the parts of this that are truly important, which are those parts that are outside of Male - Typical and Female Typical, where these observations need MORE work.</p><p>Where the dictionary will do, please stop defining terms to mean something in conflict.</p><p>Provide already has an adequate dictionary definition, what more do you need? If there is something extra, please say it.</p><p>Demographics is already observations about a person useful for classification, why do you need to add observations to the name?</p><p>A singular fairness measure doesn't exist. Corbett-Savises and Goel describe 3 mechanisms to ensure fairness, and in one of these, 8 different measures; Berk et al give 7, and Corbett-Savises and Goel already describe area under the ROC Curve. </p><p>Others have shown that if effects differ between groups, fairness is not possible to establish. Read page 69 in the chapter on Fairness in "The Alignment Problem" by Brian Christian. Instead, report on how fairness was approached, and leave it as text.</p><p>There simply isn't a single number here yet, and there likely won't be for some time.</p><p>The new DSI criteria raises an issue of anti-competiviness that ONC should consider carefully. Certified algorithms have a higher regulatory bar. Uncertified algorithms can be used and built on APIs. Providers will use both. Consider carefully how the impact of requiring certified clinical decision support capabilities in a Base EHR (for which providers are incented by CMS) interacts with the need to promote competition. Ensure that this regulation and further like it don't create a requirement to generate a one-off feature to meet the criteria, but can instead promote and advance clinical decision support use in EHR systems in a fair and competetive way. In other words, ensure that certified clinical decision support has a percieved benefit other than just checking a box on a feature list for Base EHR system.</p><p>The Predictive decision support definition should include the word clinical:</p><p>Predictive decision support intervention means technology intended to support **clinical** decision-making based on algorithms or models that derive relationships from training or example data and then are used to produce an output or outputs related to, but not limited to, prediction, classification, recommendation, evaluation, or analysis. </p><p>Yeah, NTP is good enough as it is.</p><p>Start using industry standard ways of defining SLAs if you are going to start including SLAs such as performance times in a rule.</p><p>e.g., 95% of requests are completed in 15 minutes.</p><p>Please stop referencing draft content in section 299. Yes, I understand ONC is coordinating 10 or more different moving parts but if I can get it done in time as an unpaid volunteer, then people who are being paid by an ONC contract should be able to get it done in time as well. Otherwise, find other contractors who can. It feels sloppy.</p><p>Patient demographics and observations. Leave the title "Patient Demographics" They are all demographics. All demographics can be classified as observations about the patient. The name change does little to add clarity and instead promotes a distinction between classically concieved demographics and novel demographics that really makes that latter second class citizens in data collection.</p><p>DS4P sucks. It's not a good implementation guide, for CDA or for FHIR. It does little to explain how to use existing FHIR features to meet an existing need, it's been primarily driven by VA and one ambulatory vendor with an add-on product, with little adoption anywhere else. This work needs a do-over. The CDA work requires hundreds of lines of XML to do what the V3 RIM indended in one line. The FHIR work provides NO conformance criteria (profiles on uses of defined terminology on FHIR resources). There's nothing at all that addresses how to express break glass (essential when security tags are introduced with an exception for emergency care).</p><p>You really should look into what is going on with the IHE Patient Consent on FHIR (PCF) profile for future rulemaking.</p><p>Josh Mandel is awesome. I love some of what Argonaut has done. But honestly, Scheduling misses the boat for patient needs in a broad sense, and as currently specified only serves providers or payers with an existing relationship to a consumer needing an appointment. This needs more patient/consumer focused attention.</p><p>On RFI inquiries: ONC clearly needs someone to help them develop a plan for strategic adoption of standards. This is part marketing, part industry leadership, part alliance development, and then several parts execution in standards development. ONC focuses well on the latter part of this, but fails to accomplish it elsewhere. Argonaut and Da Vinci initiatives seem to have improved on the former parts, but there are still missing constituencies, especially those focused on patient empowerment. Some of those missing constituencies lack the marketing, industry leadership and standards awareness skills necessary to pull it off. ONC could help here, but the model used by Helios for Public Health is not one that seems to be developing the necessary industry leadership or momentum to drive itself forward without continued ONC and CDC support, and there's no such group as yet for patient empowering initiatives.</p><p>I like the focus that the TECFA manner allows QHIN and QHIN participants to focus on interoperability using nationally recognized standards. I think it could be more clearly written.</p><p>With regard to data segmentation, I've previously developed FHIR APIS for Certified EHR systems that allow data to be restricted at the patient, visit or observation level, limiting access for different users and purposes of use. The first step is to ensure that systems are able to tag the data in certain ways for a limited set of use cases, the second is to ensure that sensitive data assocaited with a "restricted" visit can be tied back to that visit so that the restricted associated with that visit (e.g., a self-pay visit) can be identified, and then lastly to ensure that only users with specific access (e.g. emergency care, or with access to restricted visits) can access such data, and only when those accesses are requested. There is no rocket science in this effort, but a lot of due dilligence. The key challenges are:</p><p>1. Ensuring that data access layer understand the <br /> a. The associated user access priviledges and <br /> b. Requested purpose of use<br />2. Only retrieve and return data that is allowed by 1a and 1b.</p><p>Most EHRs do NOT have or drive this capability into product. It's expensive to rework systems that weren't designed with this kind of security at the outset.</p><p>I would focus first on the "restricted" visit use case (e.g., self-pay visit). </p><p>1. Define the security flag associated with this visit.<br />2. Define the access roles and priviledges associated with the use of this information.<br />3. Define the application functions associated with the display of this information to a user in<br />a. The EHR<br />b. The PHR<br />c. treatment, payment and operations use cases.<br />d. Other disclosers.<br />4. Define the mechanism by which purpose of use is communicated via APIs (e.g., Scope, HTTP Category Header)<br />5. Define the application functions to support "break the glass functionality"<br />6. Define what happens when restricted data is requested but not authorized (e.g., via search).<br />a. Can a user know that restricted data exists?<br />b. Is this a feature available only to some users but not to others? (e.g., provider can know that restricted data exists that will be shown if they have break the glass privileges, but others will NOT be shown any indication).</p>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com0tag:blogger.com,1999:blog-733074358901582680.post-13883347752556522752023-06-02T11:36:00.004-04:002023-06-02T11:37:18.734-04:00HTI1 Robin's Eggs<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEggpZpXUIFc0Kzdl6hDdL03Z-GWFLSNBodNQOiBMGN_EPIZmvnwVzdWueRJn6-N4zJYk6Acy5AjQLyAIOU-J5wNorVbyiNceSOeW-rgHf4-PAELG71cpQuxjNDYVrCneAKJ1EeDYCTS7Lo4KLtczpH26zPjgt0tXgouvk6vZprfaHhgoeCGbodHE6et" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img alt="" data-original-height="679" data-original-width="679" height="240" src="https://blogger.googleusercontent.com/img/a/AVvXsEggpZpXUIFc0Kzdl6hDdL03Z-GWFLSNBodNQOiBMGN_EPIZmvnwVzdWueRJn6-N4zJYk6Acy5AjQLyAIOU-J5wNorVbyiNceSOeW-rgHf4-PAELG71cpQuxjNDYVrCneAKJ1EeDYCTS7Lo4KLtczpH26zPjgt0tXgouvk6vZprfaHhgoeCGbodHE6et" width="240" /></a></div><br />For those who've been reading this blog for a decade or more, you probably know what a <a href="http://motorcycleguy.blogspot.com/2010/07/and-next-ad-hoc-motorcycle-guy-harly.html">Robin's Egg</a> is. For those who don't, click the preceding link.<p></p><p>And while Robin is no longer with us, these eggs live on in her memory. For those who want their Robin's eggs for HTI-1, you can find them <a href="https://drive.google.com/drive/folders/1GVlNd4PluQ-gE4gyKwDWUrN0bJxybcq0?usp=sharing" target="_blank">here</a>.</p><p>There are two files you can grab: </p><p></p><ol style="text-align: left;"><li>An <a href="https://docs.google.com/document/d/1EtY6srF5TvYu5D8Q_3kqKxk0z_voibD2/edit?usp=drive_link&ouid=110278290452728885635&rtpof=true&sd=true" target="_blank">edited version of ONC's 508 Compliant Word document</a> containing the text of the rule. Most of the reformatting is simply adding headings to the damn thing so that it has a navigable table of contents.</li><li>A <a href="https://docs.google.com/spreadsheets/d/1oCj3rM5pOiGC9s3gJL38iVt43B9aTz2i/edit?usp=drive_link&ouid=110278290452728885635&rtpof=true&sd=true" target="_blank">spreadsheet containing all 36 tables</a> from HTI-1.</li></ol><p></p><p><br /></p><p><br /></p>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com0tag:blogger.com,1999:blog-733074358901582680.post-70795935332966490752023-05-24T13:02:00.001-04:002023-05-24T13:02:21.590-04:00HTI1, the raw tweet stream on the next round of @ONC_HealthIT's CEHRT requirements<p> <span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;">My long overdue tweet-through of</span><span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;"> </span><a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="box-sizing: border-box; color: #1da1f2; cursor: pointer; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em; text-decoration-line: none;">@ONC_HealthIT</a><span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;">'s</span><span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;"> </span><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="box-sizing: border-box; color: #1da1f2; cursor: pointer; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em; text-decoration-line: none;">#HTI1</a><span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;"> </span><span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;">rule begins.</span><span style="background-color: white; font-family: lato, sans-serif; font-size: 1.7rem; letter-spacing: -0.003em;"> </span></p><p><span style="background-color: white; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 19px; letter-spacing: -0.057px;">The stream is over 100 tweets long. I'm making the raw data available first, I'll summarize it later.</span></p><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661037699627663361" dir="auto" id="tweet_2" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Highlights: Certification has new requirements for decision support, patient demographics, and observation and electronic case reporting (eCR), + updates to USCDI. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661039513131536389" dir="auto" id="tweet_3" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The TOC provides more highlights:<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw0ym7wXsAItvpK.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="B. Summary of Major Provisi..." class=" b-loaded" src="https://pbs.twimg.com/media/Fw0ym7wXsAItvpK.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661039846268231681" dir="auto" id="tweet_4" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">ONC learned from experts on commenting on long documents. They make the text available in Word, and provide a comment template. <a class="entity-mention" href="https://twitter.com/IHEIntl" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@IHEIntl</a> and <a class="entity-mention" href="https://twitter.com/HL7" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@HL7</a> have benefited from comment templates for decades. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661040621635661830" dir="auto" id="tweet_5" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is a long rule, 6<strike>29</strike>67 pages in length. I may have to take a break or two going through it. I'll likely segment the Decision Support Interventions (<a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>) as a separate topic for later. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661042190620008450" dir="auto" id="tweet_6" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Thematically, <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> references encouragement of economic growth through advancement of Health IT, health equity, and transparency in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661043072841531407" dir="auto" id="tweet_7" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In the theme of "there can be only one", yearly themed certification criteria are going away. There will only be ONE certification criteria as of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. This will avoid confusion, and prior rules already made the need for upgrading mandatory under conditions of certification. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661044451450421253" dir="auto" id="tweet_8" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The first change of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is the switch from USCDI v1 to USCDI v3. The jump of two versions may surprise some, but I honestly don't see it as being that big of a deal. The advancement of USCDI is done quite well and is very transparent. See<div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://www.healthit.gov/isa/united-states-core-data-interoperability-uscdi" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://www.healthit.gov/isa/united-states-core-data-interoperability-uscdi" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">United States Core Data for Interoperability (USCDI)</span>Please checkout the landing page of United States Core Data Interoperability (USCDI)</a><a href="https://www.healthit.gov/isa/united-states-core-data-interoperability-uscdi" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://www.healthit.gov/isa/united-states-core-data-interoperability-uscdi</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661045406900314113" dir="auto" id="tweet_9" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Another possible double promotion in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is from the C-CDA Companion Guide Release 2.0 to Release 4.0 if HL7 finishes it in time, or Release 3.0 if not. Again, I'm all for this.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Although seeing 2 in a row makes me wonder about the rest... like promotions in brain candy SciFi <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661046456810102784" dir="auto" id="tweet_10" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Another slew of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> updates to terminology standards in §170.207<br style="box-sizing: border-box;" />(a) Problems<br style="box-sizing: border-box;" />(c) Laboratory tests<br style="box-sizing: border-box;" />(d) Medications<br style="box-sizing: border-box;" />(e) Immunizations<br style="box-sizing: border-box;" />(f) Race & ethnicity<br style="box-sizing: border-box;" />(m) Numerical references<br style="box-sizing: border-box;" />(n) Sex<br style="box-sizing: border-box;" />(o) SOGI data<br style="box-sizing: border-box;" />(p) Social, psych & behavioral data<br style="box-sizing: border-box;" />(r) Provider type<br style="box-sizing: border-box;" />(s) Patient insurance <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661047015982104577" dir="auto" id="tweet_11" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">These <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI</a> terminology changes will impact §170.315 (a,b,c and f).<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />There's also a name change from in §170.207(o) from “sexual orientation and gender identity” to “sexual orientation and gender information” <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661047540547039233" dir="auto" id="tweet_12" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">So far, I'm likely to be largely supportive of these changes in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. Like many, I've long been an advocate of keeping the terminology used in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> systems up to date on a regular basis. If this is a challenge for your Health IT vendor, you need a new one. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661048817439981587" dir="auto" id="tweet_13" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Electronic case reporting will get a deeper dive later in my review of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> chose NOT to make a choice between <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/FHIR" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#FHIR</a> and <a class="entity-mention" href="https://twitter.com/HL7" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@HL7</a> CDA for eCase reporting, in fact, it appears to NOT even choose a standard, saying "consistent with" where both CDA & FHIR options exist <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661049282424610816" dir="auto" id="tweet_14" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">If you saw the HIMSS interop showcase demonstration of eCase Reporting with FHIR, what you mostly saw was slideware. That's because many are still working towards it, but have presently deployed CDA versions. Thus, the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> choice seems appropriate as it ... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661049831064846339" dir="auto" id="tweet_15" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">... allows the industry to move towards FHIR for eCase reporting, yet leaves them with a CDA standards based solution for now so that those certifying under <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> can proceed forward with both. In a few years, I suspect only FHIR will be supported. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661050285169557506" dir="auto" id="tweet_16" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Someone needs to understand that <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> sets a <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/FHIR" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#FHIR</a> under eCR, and that folks implementing eCR solutions need to move faster in getting FHIR deployed. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661050800842457100" dir="auto" id="tweet_17" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I'll talk more about <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/eCR" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#eCR</a> in more detail later, just like I will with Decision Support Interventions <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>. These are both topics requiring focus and detail. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661052948057669659" dir="auto" id="tweet_18" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>: **predictive decision support intervention** <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> "means technology intended to support decision-making based on algorithms or models that derive relationships from ... data ... used to produce ..., prediction, classification, recommendation, evaluation, or analysis.<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw0-nPhXwAI8b_L.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Image" class=" b-loaded" src="https://pbs.twimg.com/media/Fw0-nPhXwAI8b_L.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661054644750016513" dir="auto" id="tweet_19" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">"intervention risk management" is a key phrase in the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> discussions in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>.<br style="box-sizing: border-box;" />"We propose three intervention risk management practices: (1) risk analysis, (2) risk mitigation, and (3) governance." <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661055425909866503" dir="auto" id="tweet_20" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/IRM" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#IRM</a> ~= "... practices to promote transparency regarding how ... certified health IT analyzes and mitigates risks, at the organization level, ... developers establish policies & implement controls for governance, including ... data ... acquired, managed, and used ..."<a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HIT1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HIT1</a><span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw1BCDNXwAQQqwJ.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Image" class=" b-loaded" src="https://pbs.twimg.com/media/Fw1BCDNXwAQQqwJ.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661056002333065228" dir="auto" id="tweet_21" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I had to jump ahead just to understand the implications of what appears in the introduction. I'm really only at page 22 of the intro in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> but had to move ahead 100+ pages just to understand what "intervention risk management" (<a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/IRM" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#IRM</a>) was in <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a>'s collective minds. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661056698709168128" dir="auto" id="tweet_22" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Back to simple stuff in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>:<br style="box-sizing: border-box;" />Network Time Protocol (NTP), yes, version? Pick one. Any currently implemented version is likely good enough. I agree. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661062789513854976" dir="auto" id="tweet_23" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Next up: FHIR US Core v6.0 if ready in time, otherwise v5.0.1. If you were counting, that's three double promotions in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. I think this shows some of the challenges <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> has in keeping the standards and related guides updated. Still not opposed though. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661063333456363538" dir="auto" id="tweet_24" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Note, that's FHIR US Core, not Core FHIR that's being updated to version 6.0 in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. So far, I've found no mention of FHIR R4B either via search, so I'm assuming it's NOT to be (or 4B). <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661063865013092372" dir="auto" id="tweet_25" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">SMART on FHIR only gets a single promotion in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>, from v1 to v2. And tokens get to last only an hour. And endpoint URLs must be published.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Sounds good so far. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661066225479303178" dir="auto" id="tweet_26" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">So, in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> Patient Demographics changes to "Patient Demographics and Observations" in apparent deference to people who think some of the SOGI or other observations aren't demographic data. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661066542690320411" dir="auto" id="tweet_27" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">My dictionary says demographics are: "statistical data relating to the population and particular groups within it." It's also correct that some of these are "observations". It's not a hill I will die on, but it feels stupid. The former is correct and need not change in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661066917359108126" dir="auto" id="tweet_28" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">On the other hand, I'm very concerned about "Sex for Clinical Use", because right now this seems to be a reversion to "birth sex" or something, and it's VERY ill-defined.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />There are numerous sexual characteristics that are relevant for clinical use & these vary based on context. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661067989137993728" dir="auto" id="tweet_29" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Are we talking about genes? Endocrinology? Organs?<br style="box-sizing: border-box;" />In the days of ANSI/HITSP, somewhere we enumerated a dozen clinically significant gender/sex related aspects which might have clinical relevance based on context. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> takes too simple an approach for an important topic. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661068943115599930" dir="auto" id="tweet_30" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">If you want to get clinical, then damn it all, get clinical in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. This is NOWHERE close to clinical:<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />* Female<br style="box-sizing: border-box;" />* Male<br style="box-sizing: border-box;" />* Unknown<br style="box-sizing: border-box;" />* Something else, please specify<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw1M3STWwAcAaUZ.jpg" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Image" class=" b-loaded" src="https://pbs.twimg.com/media/Fw1M3STWwAcAaUZ.jpg" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661069917410476052" dir="auto" id="tweet_31" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The side effect of this data element in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>, given lack of specificity addressing real concerns of Lab, Imaging, Procedures and Clinical Testing is to enable providers to assign gender as they see it. It's NOT clinical & likely to be abused in parental (I know better) form. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661076709922226193" dir="auto" id="tweet_32" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The other danger is that this uses the same terminology with contextually sensitive definitions. This is completely inappropriate for how to use terminology. The definition of the term DOES NOT change with context. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> should NOT go down this path. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661108191214575633" dir="auto" id="tweet_33" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">On a positive note, two additional demographics (NOTE, I don't call them observations, though some might argue with me) including pronouns and name to use for the patient are included under this same section. So, this part of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is not all bad. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661108788802342912" dir="auto" id="tweet_34" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Transitions of care is being updated in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> to align with USCDI v3. This is pretty much a no-brainer that I fully support (except for Sex for Clinical Use <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a>). <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661158040630968322" dir="auto" id="tweet_35" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> proposes to add the ability to tag data as being restricted:<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(14) </span>Patient requested restrictions.<br style="box-sizing: border-box;" />i) .. enable a user to flag whether such data needs to be restricted ... used or disclosed as set forth in 45 CFR § 164.522;<br style="box-sizing: border-box;" />ii) Prevent any data flagged ... from ... use ... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661160035584552962" dir="auto" id="tweet_36" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> presents a reasonable first approach at enabling fine-grained sensitive data tagging. The key challenge for many <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> providers is figuring out how to implement it. ... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661160660246339585" dir="auto" id="tweet_37" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">One approach to implementing <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> fine-grained sensitive data tagging is to have a way to communicate authorizations and purpose of use to the data access tier, and let it provide only what is authorized. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661162616109105154" dir="auto" id="tweet_38" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">... been there ... released it even. It's perfectly reasonable, if a little invasive.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />The restricted access of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is very much aligned to support 45 CFR 164.522 (see <a class="entity-url" data-preview="true" href="https://www.law.cornell.edu/cfr/text/45/164.522" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">law.cornell.edu/cfr/text/45/16…</a>), and that gives you hints about tagging.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />So does <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/FHIR" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#FHIR</a>:<div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://hl7.org/fhir/R4/security-labels.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://hl7.org/fhir/R4/security-labels.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="https://hl7.org/fhir/R4/security-labels.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://hl7.org/fhir/R4/security-labels.html</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661163089071407106" dir="auto" id="tweet_39" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Finally in this first section, <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HIT1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HIT1</a> proposes "to make explicit in the introductory text in § 170.315 that health IT developers voluntarily participating in the Program must update their certified Health IT Modules and provide that updated certified health IT to customers ... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661163428986093582" dir="auto" id="tweet_40" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">OK, Section 1 of the executive summary done, only 4 more sections to go until we get to the real meat. So far I'm on page 27 of 629 in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. This isn't so bad is it?<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />;-) <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661164700875337728" dir="auto" id="tweet_41" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The next four sections of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> actually go quickly:<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span>Basically proposes that once a component certified, developers have to keep up with <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> rules for certification, and must provide it in a timely manner.<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw2kZ4SWIAAkTzC.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Image" class=" b-loaded" src="https://pbs.twimg.com/media/Fw2kZ4SWIAAkTzC.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661165481439510529" dir="auto" id="tweet_42" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Section 3 of the summary addresses how <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> corrects an oversight on how continuous real-world testing is tracked.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />"by requiring health IT developers to include in their real world testing results report the newer version of those certified Health IT Module(s) ..." <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661169207873093632" dir="auto" id="tweet_43" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> adds 9 CEHRT measures<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">1. </span>C-CDAs obtained by Mechanism<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span>C-CDA reconcilliation<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">3. </span>Apps Supported<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">4. </span>Use of FHIR in Apps &<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">5. </span>" in Bulk Data Access<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">6. </span>Electronic Health Information Export<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">7. </span>Immunization Submitted to IIS &<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">8. </span>" History/Forecasts<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">9. </span>Individuals’ Access <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661170156687568897" dir="auto" id="tweet_44" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The devil will be in the details of those measures. Is what they are asking for reasonable? Perhaps even knowable? The system best able to count C-CDAs may not have a clue about mechanism of exchange. This will be an area for deeper scrutiny of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> for EHR vendors. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661171469827600385" dir="auto" id="tweet_45" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Table 2 on Page 365 of the word document provides a table of measures:<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw2qoJMXoAEbEqH.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Individual Access to EHI: I..." class=" b-loaded" src="https://pbs.twimg.com/media/Fw2qoJMXoAEbEqH.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661173833431121921" dir="auto" id="tweet_46" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Section 5 is a continuation of <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a>'s efforts to differentiate provider organizations and the like (e.g., supporting consultant organizations) who develop certified apps from commercial entities who develop them commercially in its defining a <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> developer in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661176974365032454" dir="auto" id="tweet_47" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And finally under <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>, QHINs and their participants get to focus on being networks using QTF and don't have to offer alternatives... or worry about a couple of other details.<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw2vVeKWcAMxL15.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Image" class=" b-loaded" src="https://pbs.twimg.com/media/Fw2vVeKWcAMxL15.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661177375365758979" dir="auto" id="tweet_48" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In other words, QTF / QHIN / TECFA is the way of the future, and we aren't going back ...<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661178362608472069" dir="auto" id="tweet_49" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">OK, we've finished the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> executive summary at page 32 of this monstor rule, and are about to get to my favorite part:<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />.<br style="box-sizing: border-box;" />.<br style="box-sizing: border-box;" />. skipping<br style="box-sizing: border-box;" />.<br style="box-sizing: border-box;" />.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />I've just skipped a dozen pages of background and are now reading about the CEHRT program updates. <span class="entity-video-gif" style="box-sizing: border-box;"><video autoplay="" controls="" loop="" muted="" poster="https://pbs.twimg.com/tweet_video_thumb/Fw2w6gkWAAATl-f.jpg" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin-top: 10px; max-width: 100%; width: 700px;"></video></span> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661179893298651136" dir="auto" id="tweet_50" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">That starts around page 44, but with more electronic magic I'm moving ahead to page 599: The rule itself<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />The executive summary gives me a briefing of what I'm about to review next. From page 44 to 599 is a bunch of explanation of what the regulators writing <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> were thinking. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661180284102930433" dir="auto" id="tweet_51" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">By skipping that (but going back to it as necessary), I can avoid their influence for another 30 pages, and "The <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> Rule" is what my folks have to abide by, the preface is explanation and justification for it. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661181838272913409" dir="auto" id="tweet_52" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> rule, <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> updates its definitions first (always good practice). 2015 goes away, Base EHR and Certification criteria stay with the year modifer.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Revised certification criteria is defined as one might expect, but with the formality of regulation. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661182571965739009" dir="auto" id="tweet_53" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">For some reason, <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> defined "Provide":<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />"Provide means the action or actions taken by a health IT developer of certified Health IT Modules to make the certified health IT available to its customers."<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />I'm unsure why "make available for use, supply" was insufficient (Oxford) <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661183152956604417" dir="auto" id="tweet_54" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Predictive decision support intervention = tech intended to support decision-making based on algorithms ... that derive relationships from training ... data ... used to produce an output ... related to ... prediction, classification, recommendation, evaluation, or analysis. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661184379823988740" dir="auto" id="tweet_55" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">This definition is broken. I've written and worked on ML-based systems using training data. I've also read the Alignment Problem by Brian Christian (see <a class="entity-url" data-preview="true" href="https://amzn.to/3owgBkj" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">amzn.to/3owgBkj</a>), and the thematic overiew in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> (including Health Equity), and so understand where this is going. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span><div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://amzn.to/3owgBkj" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://amzn.to/3owgBkj" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="https://amzn.to/3owgBkj" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://amzn.to/3owgBkj</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661185490438041607" dir="auto" id="tweet_56" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> says "on algorithms or models that derive relationships from training or example data"<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Examples:<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">1. </span>Aggregate data about cause of death & demographics e.g., actuarial tables<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span>10 years of telemetry from speech recognition<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">3. </span>a high frequency words list from clinical notes <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661186227788193793" dir="auto" id="tweet_57" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">4. </span>An X-ray image database<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">5. </span>An EHR database with 10 years of history<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">6. </span>an extraction of articles from the national library of medicine or other clinical sources<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">7. </span>The ICD-10-CM index and text.<br style="box-sizing: border-box;" />8-14. All of the aforementioned, annotated by experts.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661186597033766913" dir="auto" id="tweet_58" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">All of this is material I've personally worked with to develop algorithms and models. All of it is used to support decision making. All of it in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661187273247825921" dir="auto" id="tweet_59" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">My point being, most of what we do that adds values is based on "example data", and precious little of that is related to unexplained behavior in ML systems based on training.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Risk stratification<br style="box-sizing: border-box;" />Natural Language Processing and tagging<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Yet, it is also subject to bias... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661187931158052868" dir="auto" id="tweet_60" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">The key challenge in this definition for me right now is that it isn't restricting itself to clinical decision making, instead, any decision making. And that's where I think <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is headed a bit off the rails.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />That may change in a few pages. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661188637088677888" dir="auto" id="tweet_61" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">But my gut tells me that ANY decision support aide could be considered by a lawyer to be subject to any <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> rule using that definition. That may NOT promote better IT, it could suppress it, because folks scared about regs may avoid innovation after talking their lawyers. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661189317820071937" dir="auto" id="tweet_62" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I'll see how it's used later, but my quick fix for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> would be to add clinical between "support" and "decision-making", restricting the use of it. It's very much aligned with the original intent, as the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> requirements are an alternative CDS approach for the first few years. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661189628781555718" dir="auto" id="tweet_63" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Now we get to some simple stuff, and then raise my blood pressure again, and then go back to simple stuff in the second on standards at 45 CFR 170.20X in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661190200725217286" dir="auto" id="tweet_64" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> moves to C-CDA STU Companion Guide Release 3.<br style="box-sizing: border-box;" />It also adopts FHIR and CDA standards for Electronic Case Reporting. These are solidly grounded, compatible with each other (developed by the same people even)<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />So far, so good. This is all solid advancement work. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661190519077126146" dir="auto" id="tweet_65" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">As much as I hate it that <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/ECR" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#ECR</a> is way behind on the FHIR implementation side, I think <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> made a good choice to allow both FHIR and C-CDA here in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>, providing a path forward. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661190800154279938" dir="auto" id="tweet_66" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">For 45 CFR 170.207 Vocabulary standards for representing electronic health information,<br style="box-sizing: border-box;" />almost all the advancement is good with ONE solid exception <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661191293689536514" dir="auto" id="tweet_67" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">If you guessed that I'm going to start bitching about the stupidity of Sex for Clinical Use <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a>, you aren't quite right. It's NOT the concept. It's the implementation.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />The concept of needing to know about sex-linked traits for clinical care is totally appropriate. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661191839326650368" dir="auto" id="tweet_68" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">To tie it all back to two grossly overused terms "Male" and "Female" with meanings differing based on context (Clinical Use, Administrative Use, Lab Use, Imaging Use) operates on the context switching strength of human minds, rather than the clarity found in good terminology. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661192241447043075" dir="auto" id="tweet_69" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">A good terminology has a principal that you have a preferred term, it has a definition, possibly some alternative names (possibly in multiple languages), and a code. The DEFINITION does not change based on context. It always means what it means.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661193776340037632" dir="auto" id="tweet_70" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In the proposed use, and selection of the standard for labeling "Sex for Clinical Use" in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> suggests LOINC codes, but no value set. Fine, I'll use 46909-0 Sex. <a class="entity-url" data-preview="true" href="https://loinc.org/46098-0/" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">loinc.org/46098-0/</a><br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Is that NOT what you meant? Get specific.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Oh, you mean these? <a class="entity-url" data-preview="true" href="https://www.healthit.gov/isa/sites/isa/files/webform/uscid_webform/2801/SFCU%20use%20case%20examples.pdf" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">healthit.gov/isa/sites/isa/…</a><div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://loinc.org/46098-0/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://loinc.org/assets/images/loinc-details-page-card.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://loinc.org/46098-0/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">LOINC 46098-0 Sex</span>In LOINC, sex refers to the biological sex of an organism, which is most commonly determined based on anatomy and physiology or genetic (chr... See page for copyright and more information.</a><a href="https://loinc.org/46098-0/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://loinc.org/46098-0/</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661194376247230473" dir="auto" id="tweet_71" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Show me the codes, because using <a class="entity-url" data-preview="true" href="http://search.loinc.org/" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">search.loinc.org</a>, I cannot find them.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />And the proposed answer sets in that list are a serious crock of **** because they overload the meaning of the terms male and female giving them different meanings in different contexts.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span><div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="http://search.loinc.org/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="http://search.loinc.org/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="http://search.loinc.org/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">http://search.loinc.org</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661195104340570112" dir="auto" id="tweet_72" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Am I hot under the collar about how badly <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> is currently proposed <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>? You bet I am. It's because of how easily as proposed it could have the unintentional effects on LGBTQ+ care seekers who find themselves reading their labs & feeling misgendered on the basis of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661195539252166657" dir="auto" id="tweet_73" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">That kind of psychological damage is triggering enough to cause death.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Use different, contextually relevant terms to deliver information about sex-linked patient traits relevant for laboratory, imaging, clinical testing or procedure information.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />You will save lives. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661195779774480384" dir="auto" id="tweet_74" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">OK, I'm going to take a short break from that rant on <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. I'm sure you will hear more about it. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661196243161296896" dir="auto" id="tweet_75" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">One more note, I said unintended consequences. Because the basis of work of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> is NOT a bad idea. It's a good one. But it needs a real effort, not slipshod use what we already think we know terms.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />The reality is, if that's what you came up with, you didn't ask the experts. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661196810176561153" dir="auto" id="tweet_76" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">There was a whole meeting in ANSI/HITSP where this topic was discussed in detail more than a decade ago. I've had similar conversations with folks on the lab side, worked for a key company in imaging for a nearly a decade and a half. It's important in ways that M/F don't cover. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661197242038886402" dir="auto" id="tweet_77" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Convene a group of stakeholders (different from the one that came up with the original inadequate proposal) to do better.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />I said I was going to take a break from <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a>. My brain can't. This is too important to family members and friends who could be negatively impacted. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661200511163301890" dir="auto" id="tweet_78" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> this is a better definition than that for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> and shows more of what is necessary:<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Financial resource strain must be coded in accordance with, at a minimum, the version of LOINC ® codes ... attributed with the LOINC ® code 76513-1 and LOINC ® answer list ID LL3266-5. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661201382374768640" dir="auto" id="tweet_79" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And now we move on to section 45 CFR 170.299.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Here, in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> I'm looking for ONE thing really. Is the referenced standard really an official standard. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661201605339774977" dir="auto" id="tweet_80" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">An THIS lone item in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is not:<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(41) </span>HL7 FHIR® Data Segmentation for Privacy Implementation Guide: Version 1.0.0 – current – ci-build, December 1, 2022, IBR approved for § 170.205(o).<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />ci-builds are NOT approved HL7 standards. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661202539499470849" dir="auto" id="tweet_81" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I SUSPECT, what happened here, is that a publishing deadline was missed on DS4P. The official publication is at <a class="entity-url" data-preview="true" href="http://hl7.org/fhir/uv/security-label-ds4p/" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">hl7.org/fhir/uv/securi…</a>, and is the one that SHOULD be referenced by <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span><div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="http://hl7.org/fhir/uv/security-label-ds4p/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="http://hl7.org/fhir/uv/security-label-ds4p/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="http://hl7.org/fhir/uv/security-label-ds4p/" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">http://hl7.org/fhir/uv/security-label-ds4p/</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661203386815873025" dir="auto" id="tweet_82" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">In a standards advancement program that is updating more than a dozen documents (if memory serves), missing one for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is not a big deal. Note though, <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> called out 2 others not quite ready with latest but should be out by final rule: C-CDA Companion Guide & US Core <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661203960265408515" dir="auto" id="tweet_83" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">OK, onto the big section, the certification criteria.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HCI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HCI1</a> clarifies that if you certify in year 1, and the standards advance, you must advance with them, and deliver the updated software to your customers. I suppose you have the option to stop certifying for that criteria... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661204297403494402" dir="auto" id="tweet_84" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">... but that is not clear, and the impacts on your customers is also unclear (wrt to CMS and other regulations), nor are the penalties for failure to follow this section. I'm hoping that's covered elsewhere in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661205376698667008" dir="auto" id="tweet_85" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I reject this implementation of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a><br style="box-sizing: border-box;" />(F) Sex for Clinical Use. Enable a patient’s sex for clinical use to be recorded in accordance with, at a minimum, the version of the standard specified in § 170.207(n)(3). Conformance with this paragraph is required by January 1, 2026. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661207470113529856" dir="auto" id="tweet_86" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Reserved section 45 CFR 170.315(a)(11) is replaced in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI</a> with the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> efforts.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />These words frighten me:<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Module enables ... one or more predictive decision support interventions as defined in § 170.102 based on any of the data expressed in the standards in § 170.213 <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661207818836246528" dir="auto" id="tweet_87" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">It's clear from context that this is clinical decision support, but never stated in that fashion. And that's worrisome, because that lack of clarity opens up this section to whole new ways of interpreting the meaning of decision support. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661208473638522881" dir="auto" id="tweet_88" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Arguably, all decision support systems used in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> impact care. However, until this rule, they weren't considered to be such in the rule, because they weren't Clinical Decision Support.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />I'll go with my original recommendation for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>: Insert clinical in the definition <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661210021437251590" dir="auto" id="tweet_89" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">How does <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> compare to prior CDS related content in CERHT in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>?<br style="box-sizing: border-box;" />New:<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">1. </span>There's an attestation, is it predictive decision support?<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span>Documented use of demographics (and obs), or SDOH, or Health Status data<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">3. </span>8 items reported about development<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">4. </span>5 performance measures <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661210463177261060" dir="auto" id="tweet_90" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a><br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">1. </span>The attestation makes failures MORE actionable by the regulation.<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span>Documented use of data impacting health equity makes sense.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />So far, so good. Now for the ugly (but not necessarily bad). <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661211052489555970" dir="auto" id="tweet_91" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Here is where some of the complaints begin on <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a><br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(2) </span>You must report on development:<br style="box-sizing: border-box;" />(i) features of the intervention and test data.<br style="box-sizing: border-box;" />(ii) process to ensure fairness<br style="box-sizing: border-box;" />(iii) External validation<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661212428724584448" dir="auto" id="tweet_92" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And (3) update all of the aformentioned via maintenance.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a><br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />(D) Futhermore, if<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(1) </span>it isn't available (for external validity, fairness) must show it is not available.<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(2) </span>developed by non-developers of certified Health IT, it could also be shown unavailable in that case <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661213028484894721" dir="auto" id="tweet_93" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">One concern raised: There's lots of CDS in use that isn't certified that can plug into an EHR system. How is the certified developer responsible for the customer's use of uncertified CDS?<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />This should NOT be a concern of the CEHRT provider, but nowhere is that made clear.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661214004432236545" dir="auto" id="tweet_94" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And the maintenance aspect includes:<br style="box-sizing: border-box;" />validity and fairness in local data (rather than test data). I'm assuming what this means is an evaluation of ongoing validity and fairness in light of current use with local data, but how can this aspect of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> be assessed? <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661214520558190593" dir="auto" id="tweet_95" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> cannot be assessed w/o outcomes. In such testing, the outcomes need to be captured in controlled ways to ensure accuracy in the measures. What if the provider using the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> does not follow the same standards for assessing outcomes as used in development.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661215146998484993" dir="auto" id="tweet_96" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">This next aspect of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> development comes naturally to one that has worked for a vendor of Class 3 medical devices, and that applies to many EHR developers as well, but not all.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Intervention Risk Management <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/IRM" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#IRM</a> is what you do already if you have a clue. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661215903105658880" dir="auto" id="tweet_97" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Before developing an intervention, and throughout, you do risk analysis (I should do one for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> because it is high risk).<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> makes that official policy for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> developers of CEHRT. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661216421391499264" dir="auto" id="tweet_98" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">You also do risk mitigation. I've never seen risk analysis without risk mitigation, but then perhaps I've been well trained.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Mitigation may involve cross-checks, fail-safes, et cetera.<br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661217082812276739" dir="auto" id="tweet_99" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Sometimes risk mitigation involves redesign for a less risky solution.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />It also involves ongoing monitoring, and examining any anomalies or reported adverse events to see if they are caused by flaws, and then addressing them.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661219373346967552" dir="auto" id="tweet_100" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Finally, <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> requires governance of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>: DOCUMENTED internal policies for how such systems are built, data is acquired and managed, and the system is designed to be safe, secure, fair, and valid. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661220930603950080" dir="auto" id="tweet_101" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">This is very similar to what some organizations already do for their quality management system and to some degree also safety enhanced design processes in 45 CFR 170.315(b)(3 and 4). <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661221313401241601" dir="auto" id="tweet_102" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">If you are building a <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>, and already have a QMS, then the documentation and process around that QMS likely includes some, if not all of what you need for reporting about <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661221572147830784" dir="auto" id="tweet_103" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Missing in this though, are some essentials on testing for fairness in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>, for which no standards are referenced in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>. I'm not sure that the standards have caught up to the science here. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661223586512744451" dir="auto" id="tweet_104" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">There's nuance and variance here, and I'm NOT a CDS developer. Yes, the requirements feel like a PIA for developers, and not all providers will see value in them either. I DO think they are important to get people thinking about health equity. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661224023877906432" dir="auto" id="tweet_105" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And the documentation requirements, when you get down to it from an implementation perspective are NOT arduous. I expect competent <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HealthIT</a> developers will have this available quickly for new <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> interventions. It's the existing stuff that's worrisome. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661235683707748354" dir="auto" id="tweet_106" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">My internet is internot right now, so <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> tweets are being posted under one bar conditions <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661356953266802689" dir="auto" id="tweet_107" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And now internet is spelled with two e's, so I'm back with my read through of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />We left off at <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>, and are starting up again now, next up it patient requested restrictions. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661358716073934851" dir="auto" id="tweet_108" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Patient Requested restrictions is rather straightforward in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />For any data expressed in USCDI enable a user to flag restrictions for subsequent use or disclosure as set forth in 45 CFR § 164.522; and<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Prevent flagged data from being included in a use or disclosure. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661360260429348864" dir="auto" id="tweet_109" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">As previously mentioned, FHIR has vocabulary to support such flags in Resource•meta•security. See <a class="entity-url" data-preview="true" href="https://hl7.org/fhir/R4/resource.html#Meta" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">hl7.org/fhir/R4/resour…</a> and <a class="entity-url" data-preview="true" href="https://hl7.org/fhir/R4/security-labels.html" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">hl7.org/fhir/R4/securi…</a><br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />For authentication purposes, purpose of use is likely a scoped context, but there are cases where break glass may be needed. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span><div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://hl7.org/fhir/R4/security-labels.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://hl7.org/fhir/R4/security-labels.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="https://hl7.org/fhir/R4/security-labels.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://hl7.org/fhir/R4/security-labels.html</small></a></div></div></div></div></div><div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://hl7.org/fhir/R4/resource.html#Meta" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://hl7.org/fhir/R4/resource.html#Meta" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="https://hl7.org/fhir/R4/resource.html#Meta" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://hl7.org/fhir/R4/resource.html#Meta</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661361274230304769" dir="auto" id="tweet_110" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I'm thinking <a class="entity-mention" href="https://twitter.com/johnmoehrke" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@johnmoehrke</a> probably has something about how to include a break-glass assertion in a FHIR query. It can work as a scope via SMART/OAuth, but perhaps there should be an alternative in the query to say "this is for emergency use".<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661363527234232321" dir="auto" id="tweet_111" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">For ECR, honestly, I think that <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> should change the wording from "consistent with" to "conforming to":<br style="box-sizing: border-box;" />---<br style="box-sizing: border-box;" />B) Create a case report consistent with at least one of the following standards:<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(1) </span>The eICR profile of HL7 FHIR eCR IG ...<br style="box-sizing: border-box;" />or<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">(2) </span>... of the HL7 CDA eICR IG <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661372144624758787" dir="auto" id="tweet_112" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">As expected, <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> applies safety enhanced design requirements on <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a>. I will note that your Quality Management System **already** applies to certified components <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661373652443561986" dir="auto" id="tweet_113" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">There's minor updates to (g)(10) related to linking that rule to the new standards selected in 215(a) (b)(1) and (d). This used to be just 215(a).<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />(b)(1) is FHIR US Core<br style="box-sizing: border-box;" />(d) is Bulk Data Access (a.k.a. Flat FHIR).<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661375813948698630" dir="auto" id="tweet_114" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Under 170.402 Assurances, there's new language about having to upgrade components to match the current rule.<br style="box-sizing: border-box;" />What's missing from <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> is what should happen if a developer decides with withdraw a component rather than upgrade it because for some reason they are unable to update.<span class="entity-image" style="box-sizing: border-box; display: block; text-align: center;"><a href="https://pbs.twimg.com/media/Fw5jLP-XwAw93JM.png" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;" target="_blank"><img alt="Image" class=" b-loaded" src="https://pbs.twimg.com/media/Fw5jLP-XwAw93JM.png" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border-radius: 15px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; font-size: 0.8rem; margin: 10px 0px 0px; max-width: 100%; vertical-align: middle; width: 700px;" /></a></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661376329688784897" dir="auto" id="tweet_115" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Under 170.404 APIs in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> "Certified API Developer must publish, at no charge, the service base URLs and related organizational details" using the FHIR Endpoint resource.<div style="box-sizing: border-box;"><div class="entity-url-preview" style="border-radius: 8px; border: 1px solid rgb(225, 232, 237); box-sizing: border-box; margin: 10px 0px 0px; max-width: 100%; width: 700px;"><div class="d-flex justify-content-between align-items-center" style="align-items: center !important; box-sizing: border-box; display: flex !important; justify-content: space-between !important;"><div class="border-right align-self-center" style="align-self: center !important; border-right: 1px solid rgb(222, 226, 230) !important; box-sizing: border-box;"><a class="img-cover" href="https://hl7.org/fhir/R4/Endpoint.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background: url("/images/loading.gif") center center no-repeat transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: block; height: 130px; overflow: hidden; text-decoration-line: none;" target="_blank"><img loading="lazy" src="https://threadreaderapp.com/images/sticky-note-regular.png" style="border-radius: 8px 0px 0px 8px; border-style: none; box-sizing: border-box; height: 130px; object-fit: cover; vertical-align: middle; width: 8rem;" /></a></div><div class="flex-grow-1" style="box-sizing: border-box; flex-grow: 1 !important; min-width: 0px;"><div class="paragraph" style="box-sizing: border-box; font-family: "lucida grande", "lucida sans unicode", "lucida sans", Geneva, Arial, sans-serif; font-size: 0.8rem; margin: 0px 1rem;"><a href="https://hl7.org/fhir/R4/Endpoint.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><span style="box-sizing: border-box; color: #2e2c2d; display: block; font-size: 0.85rem; font-weight: bolder; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"></span></a><a href="https://hl7.org/fhir/R4/Endpoint.html" style="-webkit-box-orient: vertical; -webkit-line-clamp: 2; background-color: transparent; box-sizing: border-box; color: #63615f; cursor: pointer; display: -webkit-box; overflow: hidden; text-decoration-line: none;" target="_blank"><small class="pre-url" style="box-sizing: border-box; color: #1da1f2; display: block; font-size: 0.75rem; margin-top: 5px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">https://hl7.org/fhir/R4/Endpoint.html</small></a></div></div></div></div></div></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661377353598091270" dir="auto" id="tweet_116" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Now we get to Insights in 170.407 of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI</a>, this is going to be a bit longer, as the details are important.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />As previously mentioned, there are 9 measures:<br style="box-sizing: border-box;" />See the table at<span class="entity-embed" style="box-sizing: border-box;"><span class="twitter-player" style="box-sizing: border-box;"><div class="ribbon-content" style="box-sizing: border-box; height: 35px; position: relative; width: 700px;"><div class="ribbon base" style="background: rgb(52, 152, 219); border-right: 5px solid rgb(139, 196, 234); box-sizing: border-box; color: white; font-family: system-ui, -apple-system, BlinkMacSystemFont, "segoe ui", Roboto, Ubuntu, "helvetica neue", sans-serif; padding: 10px; position: absolute; right: 0px; top: 0px; z-index: 1000;"><span style="box-sizing: border-box; display: block; font-size: 12px; font-weight: 600;"><a href="https://threadreaderapp.com/thread/1661036872984846338.html" style="background-color: transparent; box-sizing: border-box; color: white; cursor: pointer;">Unroll available on Thread Reader</a></span></div></div><div class="twitter-tweet twitter-tweet-rendered" style="box-sizing: border-box; display: flex; margin: 10px auto; max-width: 550px; width: 550px;"><iframe allowfullscreen="true" allowtransparency="true" class="" data-tweet-id="1661171469827600385" frameborder="0" id="twitter-widget-0" scrolling="no" src="https://platform.twitter.com/embed/Tweet.html?creatorScreenName=motorcycle_guy&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1661171469827600385&lang=en&origin=https%3A%2F%2Fthreadreaderapp.com%2Fthread%2F1661036872984846338.html&sessionId=977e67775ca0290a45ca016bc4f7b80966f52770&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px" style="box-sizing: border-box; display: block; flex-grow: 1; height: 764px; position: static; visibility: visible; width: 550px;" title="Twitter Tweet"></iframe></div></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661378243646111745" dir="auto" id="tweet_117" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">If you have more that 50 hospital users or 500 clinician users you must report on each of the 9 measures according to <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> if you have a module certified to the specified criteria in the previous table. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661380451548708870" dir="auto" id="tweet_118" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">For <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> Patient Acceess Insight 1 you must report:<br style="box-sizing: border-box;" />Numerator 1: Number of patients w/ an encounter who accessed PHI through 3rd-parties using (g)(10), a patient portal via e(2), or vendor supplied app using (g)(10)<br style="box-sizing: border-box;" />Numerator 2: Number accessed PHI regardless of encounter status <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661381350148960262" dir="auto" id="tweet_119" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;"><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI</a> Patient Access<br style="box-sizing: border-box;" />Denominator 1: Number of patients who had an encounter in the reporting period.<br style="box-sizing: border-box;" />Denominator 2: Number of patients who had an encounter and accessed via one of 3 methods.<br style="box-sizing: border-box;" />Denominator 3: Number of patients who access PHI regardless of encounter status. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661381712444620801" dir="auto" id="tweet_120" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">NOTE: These measures are defined in the preamble of <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> and DO NOT show up in regulatory text. Thus they are sub-regulatory. <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> says you must report according to their specifications in the rule, but the specifications are not part of the regulation. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661382077860704264" dir="auto" id="tweet_121" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">But as I read the measure definitions in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> for Patient Access, they don't actually make sense because the numerators and denominators seem to be defined identically, and they don't specifically call out any stratifications, but it's clear that they want strata by access type. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661382429649584128" dir="auto" id="tweet_122" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Here's the <a class="entity-mention" href="https://twitter.com/ONC_HealthIT" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@ONC_HealthIT</a> intent in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>:<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">1. </span>% of individuals with an encounter who access EHI by the type of method<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span>% of individuals with an encounter who access EHI by at least one type of method<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">3. </span>% of all individuals who access EHI by at least one type of method <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661383886520086540" dir="auto" id="tweet_123" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I'd want in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> insight 1:<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">1. </span># individuals w/ encounter during the reporting period.<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">2. </span># individuals w/ encounter & accessed PHI, stratified by method: Portal, 3rd party API, vendor app<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">3. </span># w/encounter accessing by any method.<br style="box-sizing: border-box;" /><span class="nop nop-start" style="box-sizing: border-box; color: #a4a4a4;">4. </span>1-3 above, regardless of encounter status. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661384421197398020" dir="auto" id="tweet_124" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Note in that stratified by method of access for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> Insight 1 is OVERLAPPING strata. An individual can appear in multiple strata. This is legit, just not often used feature of measures.<br style="box-sizing: border-box;" />My #2 could be combined with #3 by addition of 4th stratum to say "any method". <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661385214793220101" dir="auto" id="tweet_125" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And I missed above that you also need to count # of individuals who COULD have access to EHI by any method type to compute the necessary percentages.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />That COULD needs defining. Is is % of patient population? If so, how does one attribute an individual to a provider. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661385639835697153" dir="auto" id="tweet_126" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">I see my GI specialist once every 3 years. I'm still his patient. I should be part of his denominator.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />There needs to be a way to clearly define this, as it may also vary by specialty. I think CMS has some rules regarding attribution of patients to providers for VBC. <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661393811384291328" dir="auto" id="tweet_127" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Going through the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> insights measures is tedious, because I have to math every one of them and then put on my measure developer hat and reword them.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />I'm putting that on the back burner for now.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />The rule is, you have to report. ONC will tell you how later. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661394831938052097" dir="auto" id="tweet_128" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">And <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> need good advice about how to report on these 9 measure and how to make it clear. They've done an OK job, but lacking the actual measures makes it difficult. Be sure to comment on the preamble section III.F. Insights Condition and Maintenance of Certification p312-379 <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661399716892909570" dir="auto" id="tweet_129" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Essentially, the 312-379 pages is all requests for comment about how to build good measures in <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI</a>, and it appears to need some work.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />It also looks as if different people wrote sections for different measures, some consistency is needed across this material. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661399899739504642" dir="auto" id="tweet_130" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Finally, I'd want to understand how and where these Insight measures for <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> will be published. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661401189366284288" dir="auto" id="tweet_131" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">So, after jumping back into the <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> preamble to skim 67 pages of text, I'm back to page 657.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" />Woo-hoo! More skipping but only two pages as not much has changed for § 170.523 Principles of proper conduct for ONC-ACBs. I just need to make sure it makes sense as a customer ... <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661401788497514498" dir="auto" id="tweet_132" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">More skimming and skipping, but basically what I've already said about changes to information blocking covers what's in the actual rule.<br style="box-sizing: border-box;" /><br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a> <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661402409589932039" dir="auto" id="tweet_133" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Things to come back for in new threads on <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTI1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTI1</a>:<br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/DSI" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#DSI</a> Decision Support Interventions<br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HTInsights" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HTInsights</a> HTI1 Insight Measures<br style="box-sizing: border-box;" /><a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/SFCU" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#SFCU</a> Sex for Clinical Use follow-ups <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div class="content-tweet allow-preview" data-action="click->thread#showTweet" data-controller="thread" data-screenname="motorcycle_guy" data-tweet="1661410023338135554" dir="auto" id="tweet_134" style="background-color: white; box-sizing: border-box; cursor: pointer; font-family: charter, Georgia, Cambria, "times new roman", Times, serif; font-size: 1.1875rem; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 1.25rem; overflow-wrap: break-word;">Hey <a class="entity-mention" href="https://twitter.com/threadreaderapp" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">@threadreaderapp</a> please rollup my <a class="entity-hashtag" href="https://threadreaderapp.com/hashtag/HIT1" style="background-color: transparent; box-sizing: border-box; color: #1da1f2; cursor: pointer; text-decoration-line: none;">#HIT1</a> thread for myself and others. <span class="tw-permalink" style="box-sizing: border-box; color: #cccccc; display: inline-block; font-size: 14px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline; visibility: hidden; width: 12px;"><span class="fas fa-link" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: var(--fa-display,inline-block); font-family: "Font Awesome 6 Free"; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 900; line-height: 1; text-rendering: auto;"></span></span></div><div><br /></div>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com1tag:blogger.com,1999:blog-733074358901582680.post-68000622299804230532023-04-21T15:10:00.004-04:002023-04-21T15:10:46.932-04:00Claims Attachments and the Document Rewrite Problem -- 15 years later<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjvgNqAMSjS9Qb8F0EOXOlVU6FbcSBrmPciXNDeSOwnWUz25ASjpJhak-EESlu0f7-1Xo00qXw8rGC-u-t0kciBmYlgmTIfAye0udR9zpGi2XnvE5jElxumjldTE97f8_gGdV2OwT83yWqCHLOgIJmwU1RJpgDzqK4UNVe9ADaOz_zMHi0GM6YWjVSC" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img alt="" data-original-height="159" data-original-width="318" height="160" src="https://blogger.googleusercontent.com/img/a/AVvXsEjvgNqAMSjS9Qb8F0EOXOlVU6FbcSBrmPciXNDeSOwnWUz25ASjpJhak-EESlu0f7-1Xo00qXw8rGC-u-t0kciBmYlgmTIfAye0udR9zpGi2XnvE5jElxumjldTE97f8_gGdV2OwT83yWqCHLOgIJmwU1RJpgDzqK4UNVe9ADaOz_zMHi0GM6YWjVSC" width="320" /></a></div><br />In 2005 and 2006, I spent a significant amount of time explaining the "Document Rewrite" problem to the HL7 Claims Attachments (now renamed <a href="http://www.hl7.org/Special/Committees/claims/index.cfm" target="_blank">Payer/Provider Information Exchange</a>) workgroup. <p></p><p>In short, if you have an existing CDA (or C-CDA) document, and now, for regulatory reasons (for example, to attach a digital signature to it), you must open and rewrite the document, for a subsequent purpose (e.g., <a href="https://www.federalregister.gov/documents/2022/12/21/2022-27437/administrative-simplification-adoption-of-standards-for-health-care-attachments-transactions-and" target="_blank">to attach an electronic [digital] signature for Claims Attachments</a>), you've introduced a second artifact that must be separately identified, linked to the original, and stored; increasing costs of storage and implementation, and subsequent delays in deployments. I suspect these additional costs are NOT accounted for in the current proposed rule.</p><p>This problem was original introduced in the Attachments AIS back in 2005 in an attempt to insert the attachment linking information into the original artifact, and is now a potential consequence associated with the electronic signature requirements of the currently proposed rule. At least our institutional memory has had at least one opportunity to notify HHS of this problem again.</p><p>Honestly, I'm a supporter of EHRs adding a digital signature to the CDA artifact when the document is SIGNED by the provider creating it, but such technology is NOT readily available in certified EHR technology today. I don't believe that such an imposition should be made for attachments until after such technology is broadly available through certified EHR systems, and then only for documents created after such technology is required for use by healthcare providers under CMS programs.</p>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com1tag:blogger.com,1999:blog-733074358901582680.post-81998650230052572892023-04-03T14:57:00.001-04:002023-04-04T13:52:18.376-04:00Using Filebeats on Alpine Linux<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEi280Pouz_ElaMPh7JoJYwgbKpHMtSF_kIHY10WFmWBBiH_kaQbtWPlmiDS73X92k91S8afeaeGfOQ5xmv_P_v1yoh67YHZNGEdFzDC_f1oUJY2BbzAd5E4T7L7mU0Hc3j_6RIPvfbbxRSFMLQc4LODYTv6pjwkctNdU_Xc3ULVyYPkd6eOsz-u6Csh" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img alt="" data-original-height="64" data-original-width="64" height="200" src="https://blogger.googleusercontent.com/img/a/AVvXsEi280Pouz_ElaMPh7JoJYwgbKpHMtSF_kIHY10WFmWBBiH_kaQbtWPlmiDS73X92k91S8afeaeGfOQ5xmv_P_v1yoh67YHZNGEdFzDC_f1oUJY2BbzAd5E4T7L7mU0Hc3j_6RIPvfbbxRSFMLQc4LODYTv6pjwkctNdU_Xc3ULVyYPkd6eOsz-u6Csh=w200-h200" width="200" /></a></div>One of the critical components for any interoperability component is monitoring. I've played around with using <a href="https://elastic.co" target="_blank">ElasticSearch</a> with SANER and used it for other projects. One of the important parts of this monitoring component is <a href="https://www.elastic.co/beats/filebeat" target="_blank">filebeat</a>, which ships the logs to the Elastic cloud implementation. Recently, I found that one of my AWS installation scripts stopped working over the April Fool's weekend. All the more fool I for relying on SBEC (somebody else's code) to keep working.<p></p><p>We use Alpine Linux as the base for many of our Docker image deployments, like many others. If, like me, you are also using filebeat, and have been relying on the Alpine testing APK repository, you probably noticed it no longer contains <a href="https://gitlab.alpinelinux.org/alpine/aports/-/commit/e02d2fe4614463e4e2fc5e11a601e36343ef6309">filebeat because of this commit</a>.</p><p>If you've done as I have, your filebeat installation in your Dockerfile probably looks like this today and isn't working:</p><p></p><div style="background-color: white; padding-bottom: 0px; padding-left: 2px; padding-right: 0px; padding-top: 0px; padding: 0px 0px 0px 2px;"><div style="background-color: white; color: black; font-family: Consolas; font-size: 10pt; white-space: nowrap;"><p>RUN echo http://dl-cdn.alpinelinux.org/alpine/edge/testing >> /etc/<span style="text-decoration-color: #ff8040; text-decoration-style: wavy; text-decoration: underline;">apk</span>/repositories<br /><span style="font-size: 10pt;">RUN </span><span style="font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">apk</span><span style="font-size: 10pt;"> update<br /></span><span style="font-size: 10pt;">RUN </span><span style="font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">apk</span><span style="font-size: 10pt;"> add </span><span style="font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">filebeat</span></p>
<p></p><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;"></p><div style="background-color: white; padding: 0px 0px 0px 2px;"><div style="background-color: white; color: black; font-family: Consolas; font-size: 10pt; white-space: nowrap;"></div></div><p></p><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">To make it work with the penultimate release (using 8.6.2, since 8.7.0 was JUST released a few days ago), you'd replace that with the following.</p></div></div><p></p><p style="font-family: Consolas; font-size: 13.3333px; white-space: nowrap;">RUN <span style="text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">apk</span> update<br /><span style="background-color: white; font-size: 10pt;">RUN </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">apk</span><span style="background-color: white; font-size: 10pt;"> add curl libc6-</span><span style="background-color: white; font-size: 10pt;"><u>compat<br /></u></span><span style="background-color: white; font-size: 10pt;">ENV FILEBEAT_VERSION=8.6.2<br /></span><span style="background-color: white; font-size: 10pt;">RUN curl https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz \<br /></span><span style="background-color: white; font-size: 10pt;"> -o /filebeat.tar.gz && \<br /></span><span style="background-color: white; font-size: 10pt;"> tar </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">xzvf</span><span style="background-color: white; font-size: 10pt;"> filebeat.tar.gz && \<br /></span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">rm</span><span style="background-color: white; font-size: 10pt;"> filebeat.tar.gz && \<br /></span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">mv</span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">filebeat</span><span style="background-color: white; font-size: 10pt;">-${FILEBEAT_VERSION}-</span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">linux</span><span style="background-color: white; font-size: 10pt;">-x86_64 </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">filebeat</span><span style="background-color: white; font-size: 10pt;"> && \<br /></span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">cd</span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">filebeat</span><span style="background-color: white; font-size: 10pt;"> && \<br /></span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">cp</span><span style="background-color: white; font-size: 10pt;"> </span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">filebeat</span><span style="background-color: white; font-size: 10pt;"> /</span><span style="background-color: white; font-size: 10pt; text-decoration-color: rgb(255, 128, 64); text-decoration-line: underline; text-decoration-style: wavy;">usr</span><span style="background-color: white; font-size: 10pt;">/bin</span></p><p></p><p style="font-family: Consolas; font-size: 13.3333px; white-space: nowrap;"></p><p></p><p></p><div style="background-color: white; padding: 0px 0px 0px 2px;"><div style="background-color: white; color: black; font-family: Consolas; font-size: 10pt; white-space: nowrap;"><p style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">NOTE: If you leave out the libc6-compat, filebeat won't run. That took me a bit to track down</p></div></div><hr /><br /><div>This may only be a short-lived problem, as I made a request to find out what it would take to get Filebeats back into the APK repository, and at least one contributed has indicated that they are willing to provide support for it (and possibly other beats applications).</div><div><br /></div>Keith W. Boonehttp://www.blogger.com/profile/16883038460949909300noreply@blogger.com0