Project Charter Defining EHR Third Party operating model

Project Charter Defining EHR Third Party operating model, role and governance. Problem Statement: The role of a EHR Third Party (EHR TP), to act as a gate keeper for access to EHRs by organizations who did not create the records comes up repeatedly in discussion of use of EHRs for specified medical research. Moving the discussion into a practical pilot stage needs the emergence of some potential EHR TPs. The interest of potential companies wishing to form themselves into EHR TPs needs some clarity regarding the likely remit, role and responsibilities and where they would fit into the overall governance of use of EHRs for specified medical research. Project Scope: Identification of the rules and governance and behavioural · · characteristics with which EHR TPs must comply. Governance: Knowledge maintenance Knowledge operationalisation Identification of the technical infrastructure and data management tools needed for EHR TPs to operate Roles and Responsibilities - Leader: Louis Schilders & Jean Samuel/ Mats Sundgren - Team Members: See table attached - Exchange point/ commentary resource See table attached - Project Steering Committee: - Ilias Iakovidis Isabelle de Zegher Georges De Moor Jean Samuel Veli Stroetmann Mats Sundgren Petra Wilson Gudrun Zahlmann Note: this SC covers this and the CRFQ and core dataset projects. Time Frame (proposal) Goals · Milestone Date Kick-off TC – agreement on scope by team Nov 07 Encourage businesses/ individuals to step forward to undertake EHR TP roles Resource confirmed Jan 08 Investigate good practices for all areas defined (possibly other areas and industries) and produce a first draft. Feb –May 08 Establish a formal process for and obtain relevant stakeholders’ feedback. Jun – Aug 08 Propose candidate infrastructures to operationalise these roles. Sept- Nov 08 Final recommendations · Give clarity to interested parties about what is needed to be a EHR TP and so decide whether to endorse the TP way forward Jan 09 Business benefits · A documented definition and business case for Third Party role in the EHR arena that allows organisations and individuals to factor into their business strategy · To allow development of Third Party EHR role in clinical trials beyond the use case and pilots hitherto such that pharma can factor into their business and trial strategy. · Includes buy-in from patient needs EHR TP– Project Charter v 1. 0 slide 1

Project Charter – cont. Defining EHR Third Party operating model, role and governance. Project Deliverables: Approach: Understand current existing TPs in Europe and their different models Consider activities covered in the following bullets · Hold data on architecture of national, local, other, EHR systems: (possible? huge maintenance effort without any guarantee of being up to date? ) · Aggregate, copy, de-identify, pseudononymise data service* · De-anonymize for safety events/ signal alerts to Regulators · Operating abroad - appropriate controls and sanctions* · Describe and specify possible uses · Add and possibly tag data from clinical research · Recommend Professional Certification mechanisms for customers re A formal description of EHR TP role, remit and responsibilities Mission statement, value proposition and operating model inc : · model contract · Governance · knowledge maintenance · knowledge operation · soft services Statement of current existing TPs in Europe confidentiality , Should TP be certified but not involved in certification? Specification of the activities and safeguards needed · Recommendations for the governance and accreditation/ inspection of such Measurement Metric Patient representation /input to this project Baseline Goal 1 person > 1 country Blue Sky Patient fora first draft. formal process Proposed candidate infrastructures EHR TP– Project Charter v 1. 0 slide 2 · · · EHR TPs for review by EU e. g. guideline Provide environment Monitor adherence to standards Feedback to Standards Developing Organisation board of Directors Support distributed interrogation Conformance testing of accepted standards, certification of systems. If systems certified by a certification body or authority – TP role? · · Version control Adoption and quality assurance / safe delivery Commercial: non profit , making basis Routinely share with ‘exchange point/ commentary resource’ to ensure alignment with legal and wider governance activities

Participants lists First Name Organisation James Bland CRIX Paul Burke Chaucer Group Gripagain Jos Devlies Pro. Rec Belgium Jean Samuel Pfizer Louis Schilders Custodix Stan Snowball Merck Mats Sundgren Astra Zeneca TBD -Sarah Payne Context IBM Petra Legal Wilson Cisco TBD Ditica TBD National Centre UK Eu patient Forum EHR TP– Project Charter v 1. 0 Suggested by TF – not yet approached Merrymen@gmail. com paul. burke@chancelconsulting. com confirmed pharma jos. devlies@eurorec. org confirmed Jean. Samuel@pfizer. com IT vendor confirmed louis. schilders@custodix. com pharma confirmed stan. snowball@skynet. be Pharma & Exchange point confirmed Mats. Sundgren@astrazeneca. c om Suggested by TF – not yet approached sarah. payne@uk. ibm. com Contracts Data privacy Exchange point IT vendor ? confirmed Suggested by Greg Patients Suggested by Greg Suggested by Stan slide 3 Telephone james. l. bland@crixintl. org Data/project management IT vendor TBD Email confirmed IT vendor Status petrwils@cisco. com +44 1304 643419