Home >Documents >Practice EDI Administrator’s Workshop Pathology Messaging Implementation Programme (PMIP)

Practice EDI Administrator’s Workshop Pathology Messaging Implementation Programme (PMIP)

Date post:11-Jan-2016
View:221 times
Download:0 times
Share this document with a friend
  • Practice EDI Administrators WorkshopPathology Messaging Implementation Programme(PMIP)

  • Objectives of the DayIntroduce the HA/local teamOverview of the project nationallyOverview of the project locallyThe practice EDI administrator:Roles and responsibilitiesCryptography requirements in the practicePractice installation testing using NMASTesting with local labsThe practice implementation pack

  • The TeamIntroduce the Presenter(s)Introduce the Project ManagerWho is involved at the HA/PCGs/PCTsWho is involved from the Trusts/labs

  • PMIP National OverviewClinically safe and robust without information loss, substitution or additionBuilds upon NHS and supplier experience of Pathology linksAll practices enabled to electronically receive pathology results for:Haematology, Biochemistry and Microbiology All NHS pathology laboratories in Trusts to be sending messages for the above disciplines to the new standard within the time-scalePHLS are also planning implementation

  • PMIP Implementation Road Map60% of practices enabled by Mar 02Need to tackle the huge job of 8,800 practices upgrades independent of labsWork with suppliers to upgrade and test100% of practices enabled by Dec 02Labs must undergo through testingConcerned with proven ability to receive messages from local labsLocal Benefits RealisationIntroducing procedural changes for the practice team Starting daily use of pathology messages by the practiceMaximising use and value of pathology messaging

  • PMIP The BenefitsImproved privacy and confidentialityImproved data qualityImproved tracking and auditing of resultsImproved legibility of resultsImproved local clinical analysisCapability to set alert facilitiesEnhanced efficiency at practicesTime reduction spent locally searching for records and results

  • PMIP The New BitsDeveloped by users, suppliers and centre

    Acknowledgements and audit trails

    Cryptography (scrambling of data)

    RFA 99 v1.1 for GP systems

    NMAS central testing system

    Clinical good practice guidance

  • PMIP GPSS ImplementationRFA 99 v1.1 upgrade and configurationLoad of national dummy patient databaseEnables local end to end testingPre-configuration of NMAS as a Trading Partner (a local lab)EDI S/R IDX.400 addressSystems training as required for the practice

  • PMIP Local OverviewContext (within the LIS)Scope (what is in/out)Plan (how is this going to be delivered)Who is responsible for whatTimetable for roll out and implementation

  • The Practice EDI Administrator Role

  • Practice EDI Administrator - Primary RoleGenerates and administers the practices security keysUndertakes the formal practice installation testAdministers and sets up the new/upgraded, GP clinical systems functionality for messaging

  • Practice EDI Administrator - Secondary RoleActs as first point of contact for supplier installation and trainingLiases with the HA on Tracking Database information updatesLiases with the HA and NHS trust for maintenance of the pathology messaging linkContributes to the ongoing work process changes within the practice for benefits realisation

  • Cryptography

  • CryptographyAlso referred to as encryption or PKI encryption

    Why are we using it?Guarantees the accuracy of the recordSatisfies the Data Protection Act and the General Medical Council about confidentialityEnables GPs common law duty of care towards their patients

  • Crypto DemystifiedPublic Keys:Anybody can use

  • So Many PadlocksProblems:Lots of public keys to give outLots of people giving out lots of public keys What happens if I lose my private key?How do we manage all these damn public keys?

    Solution:Public Key distribution via a Key ServerA means of verifying the public keys before they are made available (this IS Dr Bloggs & Partners Key)Ease of management of public key when cancelled or no longer trusted

  • Overview of the ServiceTracking Database maintained by HA/PCT staff and used to register for keysPublic Key ServerLabs Private KeysPractices Private Keys

  • Practice Role: Key GenerationPre RegistrationCoordinating with RFA 99 v1.1 upgradeRequesting registration for cryptographyReceiving the authentication code (direct)Receiving the reference code (from the HA)Generating the keysRe-inputting the PasswordWho does it, when and in case of absence

  • Example Authentication CodeSubject: "Electronic Pathology Messaging Security Authorisation Code". As you know, electronic pathology messaging is currently being implemented in your health community. This e-mail contains your authorisation code which you will need in order to set your computer system up to receive encrypted pathology messages. Please ensure that you keep the contents of this e-mail safely so as to avoid losing the information it contains.

    Your authorisation code is: XXX XXX XXXX

    To complete the set up of your system for secure pathology messaging you will also require a reference code. Please see below for details of how you will be provided with your reference code.

    Please note that both of these codes have a limited lifespan of 30 days. The authorisation code provided in this e-mail, and its associated reference code, will expire on .

  • Practice Role: Key RevocationPlanned RevocationSurgery closure/mergerGP system change (new EDI S/R ID)Emergency RevocationDisaster or security breachPractice PolicyWho in the practice can request revocationWho to contact when requesting revocationHow are results handled in the interim

  • HA Role: GP Key RevocationPlanned RevocationVia Tracking DatabaseEmergency RevocationVia Escalation ContactsEscalation Contacts for GPsWho from the practice can request revocationWhat procedures for authentication will be usedWill it be HA or PCT level

  • National Message Assurance Service(NMAS)

  • What is NMASNational Message Assurance ServiceA centrally provided tool for:Systems suppliers Local implementationsProvides 5 services:Message checkingMessage testingClinical governance message checkingGP practice installation testingRFA testing

  • Why is NMAS Required?Clinical safety & robustnessEnable appropriate responsibilityVFM improved efficiency of testing and developmentStrategic EHR and the need for standardised information

  • NMAS: OverviewTDbaseLabPracticeTesting reports& example acksPath reportsE-mail and acksPath reports and e-mail testing reportsOrg details & updates

  • NMAS Practice Installation TestConducted by Practice EDI AdministratorE-mail request to NMASReport returned to Practice EDI Administrator and GP system supplierTracking Database automatically updated on pass

    Tests practice:Communication linksAcknowledgement generationCryptographyTracking Database details

  • End to End Testing - OverviewTests:Communication linksAcknowledgement generationCryptographyRange of report typesProceduresOccurs after:Lab message testingPractice installation testUses:National dummy patients (test messages)End to end testing does not test systems

  • Implementing End to End TestingThis will vary from HA to HA Complete this slide to reflect your own plans

  • Information available from the HALeaflets:Implementation of National Standard Pathology Report Messaging in General PracticeEncryption of Pathology Result Messages in General PracticeImplementation Pack for General PracticesLocal Escalation Contact InformationProject PlanBy contacting ______

  • Additional Sources of InformationLocal trading partner agreementsFrom your HA or Lab (clarifies responsibilities)GP system supplier handoutsShows how to generate keys and complete NMAS installation testingThe national pathology website:http://nww.nhsia.nhs.uk/pathology

    The purpose of the workshop is to provide practice EDI Administrators with an overview of the project, timescales involved and responsibilities. There will also be some information security and testing,Running it as a workshop can create the added benefit of running break out sessions based on what the audience feel they may need in terms of additional understanding or clarification. This could be identified by including on the invitation anything people would like to see specifically covered or any questions they have.Before running this workshop the Cryptography Local Escalation Contacts Pack should have been implemented as practices will need to know who the contacts are, what procedure will be used to accept revocation requests, etc.Additional presentation material is available on the Pathology website if required.Emphasis should be given on the fact that this is a workshop and will be interactiveIntroduce the local team and main contact names1st Major BulletFirstly , the underpinning business requirement that drives this project clinical safety and robustness. There is now a long history of NHS and supplier use of pathology links, and from this a considerable body of evidence has been assembled concerning issues that need to be resolved for pathology messaging to be considered suitably safe and robust to allow its expansion from local, expert implementations to being a scalable NHS wide solution for routine delivery of some 35 million reports per year .This project, in meeting government targets for modernisation of the NHS, has worked with professional and supplier representatives to produce combined solutions to those issues and is now engaged in managing the roll-out nationally .

    Examples of previous issues have included:Incorrect translation of local investigation codes into Read codes, leading to changes in the test reportedMisinterpretation of numeric result values, measurement units and specimensLoss of messages witho

Popular Tags:

Click here to load reader

Reader Image
Embed Size (px)