Manualshelf

Real Time Information Director User Documentation

ManualsBrandsHP ManualsServerHP NonStop G-Series
231232233234235236237238239240
RTID Security and Auditing
Hewlett-Packard Company 3 529618 - 002
- <ENCOUNTER>
<EXTERNALIDENTIFIER>PAT00002</EXTERNALIDENTIFIER>
<IDENTIFIERTYPECODE>CRN</IDENTIFIERTYPECODE>
<ENCOUNTERACTION>BRTH</ENCOUNTERACTION>
-
<CHARTENTRY>
</CHARTENTRY>
</ENCOUNTER>
</PATIENTEVENTS>
Consumers and agents are identified in a document header by external IDs. An external
ID is a character string that consists of an ID assigned by an issuing agency, followed by
the name or code of the agency. For example, an external ID could consist of a Social
Security Number, followed by the name or code of the Social Security Administration.
In the document above, the external ID “PAT00002” was issued by the agency “CRN”,
and the external ID “GP123456” was issued by the agency “PRV”.
Within a real-time solution, these external IDs have corresponding internal IDs, assigned
when a consumer or agent is first registered with the system. To achieve this behavior,
the document that registers a new entity includes the SystemKey enrichment in its
metadata. For information about SystemKey, see the document entitled RTID Metadata
Language.
Of course, the same person can have multiple external IDs used by different agencies.
For example, a person might have a medical plan number, a Social Security Number, a
hospital account number, and a driver’s license number. In such a case, multiple external
IDs can be assigned the same internal ID. (Before registering a “new” user, the
application should ensure that the user isn’t already registered by another name. If the
user is already registered, the application can retrieve the associated internal ID from the
data store and refer to it in the document that registers the new external ID.) Security
measures are based on internal IDs, so a policy that authorizes a person under one
external ID automatically authorizes the person under other external IDs.
Identities of consumers and agents are represented in the same way, partly because a
consumer can also be an agent. For example, a patient may request data about himself
from an EHR system. If the person who submits a query is also the subject of the query,
the consumer and agent specified in the header will have the same ID.
In some cases, an audited or secure document does not include a consumer ID. For
example, a query to list all patients of a particular physician would not specify the name
of a particular patient. Similarly, a request to register a new patient does not contain the
patient’s consumer ID, because that ID is assigned only as a result of the registration. In
both these cases, however, the document must specify an agent.